Configuring Inspection Settings in SmartConsole

There are many Inspection Settings profiles in SmartConsole that add means of protection to your gateway and protect against malicious attacks. You can configure the Inspection Settings to:

• Identify attack signatures
• Identify protocol anomalies
• Ensure RFC compliance
• Inspect signaling protocols, verify header formats, and protocol call flow state
• Establish granular VoIP security for maximum flexibility
• Generate detailed logs with packet captures on VoIP security events with Detect Mode

  SmartConsole allows you to configure rule exceptions. For example,if you add an exception that allows non-RFC compliant SIP traffic on a specified VoIP server, security is not compromised for all other VoIP traffic.

Inspection Settings can be configured for each profile and can prevent, detect, or be inactive.

To configure Inspection Settings for VoIP:

1. In the Manage & Settings tab, go to Blades > General, select Inspection Settings.

   The Inspection Settings window opens.

2. From the General page, in the search window, enter <your_protocol>.
3. Double-click the Setting you want to configure.
4. Double-click the applicable Inspection Profile.
5. On every page in this window, configure the applicable settings.
6. Click OK > Close.
7. Close the Inspection Settings window.
8. Install Policy.

Note for MGCP:

The Security Gateway has a number of Inspection Settings for MGCP. The inspection settings identify attack signatures and packets with protocol anomalies . Strict compliance is enforced with RFC-2705, RFC-3435 (version 1.0), and ITU TGCP specification J.171. Additionally, all inspection settings network security capabilities are supported, such as inspection of fragmented packets, anti-spoofing, and protection against Denial of Service (DoS) attacks.

Note for H.323:

• Inspection Settings does these application layer checks for H.323:
• Strict protocol enforcement, including the order and direction of packets
• Message length restrictions
• Stateful checks on RAS messages

Configuring VoIP Ports in SmartConsole

Use SmartConsole to configure VoIP phone and proxy ports. The gateway enforces security on that port. Each protocol uses port 5060 as a default port, but you can also configure new ports for your gateway.

To configure VoIP on a port:

1. Open SmartConsole.
2. From the Objects explorer, click More object types > Service.
3. Select <your_protocol>.

   The New <protocol> Service window shows.

4. In the General tab, enter an object name.
   1. In the General section > Protocol, select <your_protocol>
   2. In the Match By section, enter either the Standard Port or Customize your port..
5. Click OK.