General
Here you can find the settings for TLS, VoIP encryption, and for protection against DoS attacks.
|
Parameter |
Description of the parameters |
|
Enable keep alive |
|
The connection secured via the certificates is maintained (default).|
Parameter |
Description of the parameters |
|
VoIP encryption (SRTP) |
Note:
To activate VoIP encryption, you need the Secure VoIP licence. In the DSP settings for VoIP mode you also need to select the Secure G.711 setting. |
DoS protection
In a DoS (Denial of Service) attack, an attacker sends masses of data packets. This can cause the communication server to become blocked. DoS attacks are to be prevented using an upcircuit firewall. However the communication server also has its own blockage protection, and you can configure here.
Suspicious IP addresses are entered in a dynamic blocklist. The current content of the list can be viewed in the IP security / IP blocklist view. Moreover, all entries in the dynamic list are logged, indicating the IP address and the cause, with an event message.
|
Parameter |
Description of the parameters |
|
Suspicious ID blocking time (in minutes) |
A suspicious IP address is blocked for the amount of time set here. |
|
Max SIP authentication failures |
When a sender with the same IP address tries to force access, but fails due to invalid authentication data, it may be an attempt to crack the authentication data. Once the number of authentication attempts reaches the number entered here, all inquiries made by this IP address will be blocked for the duration of the configurable blocking time. |
|
Max SIP transactions per IP address |
If lots of data packets are received over a short period of time from a sender with the same IP address, this may constitute an attack. Once the number of simultaneously active transactions reaches the number entered here, all inquiries made by this IP address will be blocked for the duration of the configurable blocking time. |
See also...