Dynamic blacklisting is a feature that detects abnormal events from endpoints and blocks the traffic from those endpoints for a configured period of time. This feature is designed to detect misbehaving endpoints rather than prevent malicious attacks, for which the system already has other mechanisms.
The DBL events and the actions to take for each event are configured by the user in a DBL profile with a set of DBL rules. The DBL profile is then assigned to a SIP trunk group. Any packets that come in to the system from that trunk group will be compared against the DBL rules configured in that DBL profile.
To View Dbl Profile
On SBC main screen, go to Configuration > System Provisioning > Security Configuration > Dbl Profile. The Dbl Profile window is displayed.
To Edit Dbl Profile
To edit any of the Dbl Profile in the list, click the radio button next to the specific Dbl Profile name.
The Edit Selected Dbl Profile window is displayed below.
Make the required changes and click Save at the right hand bottom of the panel to save the changes made.
To Create Dbl Profile
To create a new Dbl Profile, click New Dbl Profile tab on the Dbl Profile List panel.
The Create New Dbl Profile window is displayed.
The following fields are displayed:
Specifies the name of the Dynamic Black List (Dbl) profile.
Specifies the type of application being monitored.
The option is:
Specifies the administrative state of this rule.
The options are:
To Delete Dbl Profile
To delete any of the created Dbl Profile, click the radio button next to the specific Dbl Profile which you want to delete.
Click Delete at the end of the highlighted row. A delete confirmation message appears seeking your decision.
Click Yes to remove the specific Dbl Profile from the list.