1. Security Guide
  2. Security Features
  3. R.226 Security Recommendations

R.226 Security Recommendations

For compliance with R.226, Oracle recommends:
  • Users should change their login password after upgrading. Changing the login password forces the SBC to use the more secure SHA-2 hashing algorithm for storing password hashes.
  • An Oracle Communications Session Border Controller ignores attempts to modify security related boot flags from the ACLI. The OCSBC still supports changing security related boot flags through the bootloader. See the R.226 Chapter in the Configuration Guide for details.
  • The li-admin user should set the lawful intercept configuration password. Setting the li-config password encrypts the lawful intercept configuration.
  • Users should only use IKEv2 for X2/X3 traffic.
  • Users should configure the X1 interface (on a management interface) on a dedicated VLAN.

WARNING:

Selecting IKEv2 disables IKEv1.