2-8
Cisco BTS 10200 Softswitch SIP Feature and Provisioning Guide, Release 5.0
OL-12397-13
Chapter2 SIP Subscribers
SIP Registration and Security
2. When a Contact header is present on a reliable 1xx or 2xx response, the Contact FQDN/IP address
of the response is verified to resolve to the Secure-IP1.
If the address does not resolve properly, the response is dropped. This has the same result as the
non-receipt of that response, such as would happen with a call failure.
3. The response for a BYE sent by Cisco BTS 10200 is not validated. This is the least likely point in a
call for theft.

Rules for Sending a SIP INVITE Message from the BTS 10200

When a SIP INVITE message is sent to a SIP endpoint, the following occurs:
1. The INVITE is sent to the registered contact of the endpoint. If there is no registered contact or if
the registered contact has expired, the INVITE is not sent and the call is declined.
2. Any static contact provisioned for the subscriber is ignored.
Note Provisioning of static contact is not allowed for secure SIP endpoints; therefore, this is merely due
diligence.

Validation of ACK Request

When a SIP ACK message is received from a SIP endpoint, the following occurs:
1. The ACK for a 200-class response is validated like any other SIP request.
2. The ACK for a failure response (3xx or higher) is not validated.
Measurements
The following TMM counters are supported for secure FQDN violations:
A SIA-SECURE_FQDN-VIOLATION-REQ counter is incremented when a SIP request fails the
validation for secure SIP endpoints.
A SIA-SECURE_FQDN-VIOLATION-RESP counter is incremented when a SIP response fails the
validation for secure SIP endpoints.
Note For a full list of measurements, see the Cisco BTS 10200 Softswitch Operations and Maintenance Guide.
Events and Alarms
A Warning event is raised when a SIP request or response fails the validation for secure SIP endpoints.
The alarm has the following attributes:
Type: SECURITY(6)
DESCRIPTION: Secure SIP Endpoint Validation Failure
SEVERITY:WARNING
Note For a full list of events and alarms, see the Cisco BTS 10200 Softswitch Troubleshooting Guide.