White List Learning
You can build a SIP header and URI parameter white list configuration by way of the learning capabilities of the Oracle Communications Session Border Controller (SBC). When you enable learning mode on the SBC, it acquires the knowledge of the allowable headers and parameters currently coming into your network. The SBC collects the information about the headers received and the parameters that exist within each header. The system gathers the information until you disable the learning mode.
After you disable the learning mode, the SBC prompts you to enter a name for the allowed-elements-profile. If the profile name you entered does not exist, the captured information is written to the new allowed-elements-profile configuration. The administrator can then make changes to the configuration as applicable, save the configuration, and apply it to a logical remote entity.
The allowed-elements-profile does not contain any wildcard rules because the SBC cannot generate wildcard headers and parameters during the learning mode. The Methods object is populated from the list of methods seen by the SBC while learning.
Note:
Oracle recommends running the learning mode during off-peak and light traffic periods. Learning mode can operate in conjunction with the execution of an allowed-elements-profile. The learning occurs just before any configured allowed-elements-profile configuration.White List Learning Configuration
The ACLI interface provides two commands that allow a Superuser to start and stop white list learning on the Oracle Communications Session Border Controller:
| Command | Description |
|---|---|
| start <argument> <options> | Starts white list learning on the
Oracle Communications Session Border Controller.
You must specify the argument learn-allowed-elements with this command to start the learning operation. Optionally, you can use method, msg-type, and params after the argument. |
| stop <argument> <identifier> | Stops the white list learning on the
Oracle Communications Session Border Controller and writes the learned configuration to the editing
configuration on the
Oracle Communications Session Border Controller where it is saved and activated.
You must specify the argument learn-allowed-elements with this command to stop the learning operation. You must specify a unique identifier that identifies the allowed-elements-profile name. If you specify an identifier name that already exists as a profile, the ACLI returns an error message and prompts you to enter a different name. |
You can use these commands at the top level ACLI prompt as required on the Oracle Communications Session Border Controller.
You use these commands with the argument, learn-allowed-elements to start/stop the white list learning feature. By default, the learning mode creates a single rule-set under which all of the headers and their respective parameters are stored.
For example:
ORACLE# start learn-allowed-elements
Learning mode for allowed-elements-profile started.In the above example, start is the top level ACLI command and learn-allowed-elements is the operation being performed.
Optionally, you can specify [method], [msg-type], and [params] in any order, for the Oracle Communications Session Border Controller to learn specific rule-set elements from incoming messages and save them to the white list configuration.
For example:
ORACLE# start learn-allowed-elements method msg-type paramsThe method option creates a new rule-set per unique method. The msg-type option creates a new rule-set per unique message-type seen. The params option performs URI and header parsing to examine parameters within the message. By default, parameter parsing is disabled.