1. Installation Guide
  2. Public Cloud Platforms
  3. Create and Deploy OCSM on OCI
  4. Security Objects

Security Objects

Security lists specify the type of traffic allowed on a particular type of subnet.

Rules set on the security lists can be either stateful or stateless. Stateful rules employ connection tracking and have the benefit of not requiring exit rules. However, there is a limit to the number of connections allowed over stateful connections and there is a performance hit. Oracle, therefore, recommends stateless lists for media interfaces.

The security list for management ports can be stateful. Ports that should be considered for opening for management interfaces include:
  • SSH—TCP port 22
  • NTP—UDP port 123
The security list for media ports must be stateless. Ports that must be considered for opening for VoIP or media interfaces include:
  • SIP—UDP or TCP port 5060
  • SIP TLS—TCP port 5061
For more information, see the Oracle Communications Session Monitor Security Guide.