Cisco Systems OL-12397-13 manual Enhanced SIP Registration, Description

Page 3

Chapter 2 SIP Subscribers

SIP Registration and Security

When a SIP user attempts to register or set up a call, the BTS 10200 challenges the SIP subscriber based on provisioning in the Serving Domain Name table. If the Serving Domain Name table indicates that authentication is required, the BTS 10200 challenges the SIP request (Register/INVITE) according to the authentication procedures specified in the SIP Protocol RFC 3261. If the BTS 10200 receives valid credentials, the authenticated AOR from the User Authorization table identifies the subscriber based on the Address of Record to Subscriber table. (For specific provisioning parameters, see the applicable tables in the Cisco BTS 10200 Softswitch CLI Database.)

Registration creates bindings in the BTS 10200 that associate an AOR with one or more contact addresses.

The registration data is replicated on the standby BTS 10200. The BTS 10200 imposes a minimum registration interval as a provisionable value. If the expiration duration of the incoming registration request is lower than the provisioned minimum, a 423 (Interval Too Brief) response is sent to the registering SIP endpoint.

The BTS 10200 generates a warning event when a request from a client fails authentication. This can indicate a provisioning error or an attempt by an unauthorized client to communicate with the

BTS 10200.

The contacts registered for an AOR can be looked up using the status command, as demonstrated by the following example.

CLI>status sip-reg-contact AOR_ID=4695551884@sia-SYS44CA146.ipclab.cisco.com

AOR ID -> 4695551884@sia-SYS44CA146.ipclab.cisco.com

USER -> 4695551884

HOST -> 10.88.11.237

PORT -> 5060

USER TYPE -> USER_PHONE_TYPE

EXPIRES -> 3600

EXPIRETIME -> Thu Jan 22 14:33:36 2004

STATUS -> REGISTERED CONTACT

Reply :Success:

Enhanced SIP Registration

SIP Registration ensures that a SIP REGISTER message to the BTS 10200 is from a provisioned endpoint, that is, an endpoint with a provisioned secure Fully-Qualified Domain Name (FQDN) or IP address. The feature also ensures that the source IP address and contact parameter for all originating calls are from the provisioned SIP endpoint, and that no calls can originate from an unregistered endpoint.

Description

Prior to Release 4.5.1, SIP endpoint registration was based on AOR, UserID, and password; there was no verification of the origination of the REGISTER message. Certain service providers may prefer that the source IP address of SIP requests be verified against a provisioned FQDN of the endpoint to address the possibility of theft of VoIP service.

The BTS 10200 can indicate SECURE_FQDN provisioning for specified SIP term-type subscribers. This indication consists of specifying an FQDN with the subscriber AOR. The FQDN is the address/location of the SIP endpoint and is added to the AOR table. The FQDN does not have a service port.

Cisco BTS 10200 Softswitch SIP Feature and Provisioning Guide, Release 5.0

 

OL-12397-13

2-3

 

 

 

Image 3
Contents A P T E R SIP SubscribersSIP Phone Initialization Provisioning a SIP SubscriberSIP Registration and Security Description Enhanced SIP RegistrationExample Provisioning CommandsProvision a New SIP Subscriber Enable or Disable Secure Fqdn for an Existing SubscriberOperations Cisco BTS 10200 Challenges RegistrationRegistration Expires Securefqdn Call ProcessingValidation Received SIP Response MessageValidation of ACK Request Events and AlarmsMeasurements Rules for Sending a SIP Invite Message from the BTSAOR SIP User AuthenticationSIP Subscriber Calls SIP Timer Values for SIP Subscribers Provisioning Session Timers for SIP SubscribersDiversion Indication for SIP Subscribers Acact ACRAcract AcrdeactCfbi CFBCfbva CfbvdCidcw CwdiCidsd CidssDndact DrcwDrcwact DNDOsfg OcbaOcbd OcbiCids Cisco BTS 10200 Softswitch-Based FeaturesSummary CPTCall Forwarding Activation and Deactivation Call ForwardingDetailed Provisioning Procedure and Feature Description Calling Name and Number DeliveryCall Forwarding to an E.164 Number or an Extension Number Customer Access Treatment Caller ID Delivery SuppressionDirect Inward Dialing Do Not Disturb Direct Outward DialingUser-Level Privacy Operator Services 0-, 0+, 01+, and 00 CallsVertical Service Code Features Centrex Dialing Plan Extension DialingPlanning VSCs In Networks with SIP Subscribers Supported VSC-Enabled Features for SIP EndpointsMWI Notification Voice MailVM Actions VM DepositVM Implementation for Centrex Subscribers Retrieving VMCalling Back a Message Depositor Add the SIP trunk group VM Within a Single Centrex GroupProvisioning Voice Mail Across Multiple Centrex Groups Text-GUI Features Jointly Provided FeaturesSIP Handset Supported FeaturesAccessing Features Supported HandsetsSIP Software Clients Call Transfer Blind and Attended with ReferCwcid Phone-Based FeaturesDistinctive Ringing Distinctive Ringing for Centrex did CallsSIP Subscribers Phone-Based Features OL-12397-13

OL-12397-13 specifications

Cisco Systems OL-12397-13 refers to a specific training course or certification related to Cisco's networking technologies and solutions. While precise details about OL-12397-13 may vary, it typically encompasses various features, technologies, and characteristics central to Cisco's offerings in networking and cybersecurity.

One main feature of the course is its comprehensive curriculum designed to provide learners with in-depth knowledge of Cisco’s networking architecture and best practices. The course often covers topics such as routing and switching, network security, wireless networking, and automation, enabling participants to understand the complex interactions within a network environment.

Another significant inclusion in the OL-12397-13 curriculum is an emphasis on emerging technologies. This may include training on software-defined networking (SDN), Internet of Things (IoT) solutions, and cloud-based networking. By integrating these modern frameworks, participants can grasp how to manage and optimize their network infrastructures for current and future demands.

A key characteristic of Cisco certification courses is the hands-on training component. Classes may involve lab sessions where students can apply theoretical knowledge practically by configuring devices, troubleshooting network issues, and implementing security protocols. This experiential learning ensures that learners are prepared to face real-world networking challenges.

The course also aims to instill best practices in network management and monitoring. Concepts such as network design, implementation strategies, and the use of network management tools are pivotal to ensuring efficient and secure operations within an organization.

Moreover, the emphasis on security throughout the OL-12397-13 course reflects the growing need for robust cybersecurity measures in networking. Participants are taught how to identify vulnerabilities, implement security measures, and respond to potential threats, which is crucial in today’s digital landscape.

Networking professionals pursuing Cisco certifications find OL-12397-13 to be instrumental in developing their skill sets, enhancing their career prospects, and enabling them to contribute effectively to their organizations. Overall, OL-12397-13 serves as a gateway for individuals looking to solidify their understanding of Cisco's technologies while preparing for future advancements in the field of networking. With a focus on both foundational knowledge and cutting-edge trends, it positions learners to excel in a rapidly evolving tech landscape.