Cisco Explorer 4700 Installation Guide Page 319

  • Download
  • Add to my manuals
  • Print
  • Page
    / 648
  • Table of contents
  • TROUBLESHOOTING
  • BOOKMARKS
  • Rated. / 5. Based on customer reviews
Page view 318
8-21
Device Manager Guide, Cisco ACE 4700 Series Application Control Engine Appliance
OL-26645-01
Chapter 8 Configuring Parameter Maps
Configuring SIP Parameter Maps
Mask UA Software Version If the software version of a user agent is exposed, that user agent might be vulnerable to
attacks from hackers who exploit the security holes present in that particular software version.
This option allows you to mask or log the user agent software version so that it is not exposed.
Check the check box to indicate that the ACE is to mask the user agent software version.
Clear the check box to disable this feature.
Log UA Software Version Check the check box to indicate that the ACE is to log the user agent software version.
Clear the check box to disable this feature.
Strict Header Validation You can ensure the validity of SIP packet headers by configuring the ACE to check for the
presence of the following mandatory SIP header fields:
From
To
Call-ID
CSeq
Via
Max-Forwards
If one of the header fields is missing in a SIP packet, the ACE considers that packet invalid.
The ACE also checks for forbidden header fields, according to RFC 3261.
Specify how the ACE is to handle header validation.
N/A—The ACE is not to perform header validation.
Drop—The ACE is to drop the SIP message if the SIP packet does not pass header
validation.
Reset—The ACE is to reset the connection if the SIP packet does not pass header
validation.
Log Strict Header Validation Check the check box to indicate that the ACE is to log header validation events.
Clear the check box to disable this feature.
Mask Non SIP URI This option and the next enable the detection of non-SIP URIs in SIP messages.
Check the check box to indicate that the ACE is to mask non-SIP URIs in SIP messages.
Clear the check box to disable this feature.
Log Non SIP URI Check the check box to indicate that the ACE is to log non-SIP URIs in SIP messages.
Clear the check box to disable this feature.
SIP Media Pinhole Timeout
(Seconds)
Specify the timeout period for SIP media pinhole (secure port) connections in seconds. Valid
entries are integers from 1 to 65535 seconds. The default is 5 seconds.
Table 8-9 SIP Parameter Map Attributes (continued)
Field Description
Page view 318
1 ... 318 319 320 ... 648

Comments to this Manuals

No comments