[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

Configuring SCCP Denial of Service (DoS) Attack Protection

You can protect Skinny Client Control Protocol (SCCP) ALG clients from flood attacks by limiting the number of calls they attempt to process.

Before You Begin

For background information, read Understanding the SCCP ALG.

When you configure SCCP call flood protection, the SCCP ALG drops any calls exceeding the threshold you set. The range is 2 to 1,000 calls per second per client, the default is 20.

To configure DoS attack protection, use the CLI configuration editor.

This topic covers:

J-Web Configuration

To configure the Services Router to drop any calls exceeding 500 per second per client:

  1. Select Configure>CLI Tools>Point and Click CLI.
  2. Next to Security, select Configure or Edit.
  3. Next to Alg, select Configure or Edit.
  4. Select the Sip check box if it is not selected and click Configure or Edit.
  5. Next to Application screen, click Configure.
  6. In the Threshold box, type 500 and click OK.
  7. To save and commit the configuration, click Commit.

CLI Configuration

In this example, you configure the device to drop any calls exceeding 500 per second per client.

user@host# set security alg sccp application-screen call-flood threshold 500

Related Topics

[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]