Allo.com Shield stm User manual

User Manual

Shield STM Appliance 1.0

Version 1.0

User Manual v1.0

www.shield.com 1

Table of Contents

1. Introduction ..........................................................................................................1

1.1. Overview: .................................................................................................................... 1

1.2. STM Deployment Considerations................................................................................ 3

2. Initial Setup & Configuration...............................................................................4

2.2. Default Configuration................................................................................................... 4

2.3. Accessing the WebUI.................................................................................................. 5

2.4 WebUI Session timeout................................................................................................ 7

2.5 WebUI Settings ............................................................................................................7

2.4 Dashboard.................................................................................................................... 8

3. Configuring the Device........................................................................................9

3.1. General Settings........................................................................................................ 10

3.2. Time Settings ............................................................................................................11

3.3. Management Access................................................................................................. 11

3.4. Signature Update ...................................................................................................... 12

3.5. Logging...................................................................................................................... 13

4. Configuring the SIP Security Policies..............................................................14

4.1. SIP Security Settings................................................................................................. 14

4.2. DPI Signatures.......................................................................................................... 14

4.3. Firewall Rules............................................................................................................ 16

4.4. White list Rules.......................................................................................................... 16

4.5. Blacklist Rules (Static)............................................................................................... 17

4.6. Dynamic Blacklist Rules............................................................................................ 18

4.7. Geo IP Filter.............................................................................................................. 18

5. Status..................................................................................................................19

5.1. Security Alerts........................................................................................................... 19

6. Device Administration .......................................................................................20

6.1. Administration............................................................................................................ 20

6.2. Diagnostics................................................................................................................ 20

6.3. Ping........................................................................................................................... 21

User Manual v1.0

www.shield.com 1

6.4. Traceroute................................................................................................................. 22

6.5.Troubleshooting.......................................................................................................... 22

6.6. Firmware Upgrade..................................................................................................... 23

STM- Introduction

User Manual v1.0

www.shield.com

1. Introduction

1.1. Overview:

Shield STM is an appliance based VoIP threat prevention solution dedicated to protect the

SIP based PBX/Telecom Gateway/IP Phones/Mobile devices deployments. The appliance

runs the Real time Deep Packet Inspection on the SIP traffic to identify the VOIP attack

vectors and prevents the threats impacting the SIP based devices. The appliance has been

made to seamlessly integrate with the existing network infrastructure and reduces the

complexity of deployment.

The appliance feature set includes,

•Analyze SIP packets using the Real time Deep Packet inspection engine.

•SIP Protocol Anomaly detection with configurability of detection parameters.

•Detection and Prevention of the following categories of SIP based Attacks.

¾Reconnaissance attacks ( SIP Devices Fingerprinting, User enumeration,

Password Cracking Attempt )

¾Dos/DDos Attacks

¾Cross Site Scripting based attacks.

¾Buffer overflow attacks

¾SIP Anomaly based attacks

¾3rd Party vendor vulnerabilities

¾Toll Fraud detection and prevention

¾Protection against VOIP Spam & War Dialing

•Attack response includes the option for quietly dropping malicious SIP packets to

help prevent continued attacks

•Dynamic Blacklist Update service for VOIP, SIP PBX/Gateway Threats

•Configurability of Blacklist/Whitelist/Firewall rules.

•Support for Geo Location based blocking.

•Provide the option to secure against PBX Application vulnerabilities

•Operate at Layer 2 device thus transparent to existing IP infrastructure - no changes

required to add device to your existing network

STM- Introduction

User Manual v1.0

www.shield.com

•Web/SSL based Device Management Access which will allow managing the device

anywhere from the Cloud.

•Ability to restrict the device management access to specific IP/Network.

•Provide System Status/Security events logging option to remote syslog server.

•Provides the SIP throughput up to ~10Mbps.

•Support for Signature update subscription and automated signature update

mechanism.

•The device has been made to operate with default configuration with just powering

on the device. No administrator intervention is required to operate the device with

default configuration.

•USB based power supply

•Optional support for security events logging on the USB based storage.

Technical Specifications

Functional Mode Transparent Firewall with SIP Deep

Packet Engine.

SIP Intrusion/Prevention ~400+ SIP Attack Signatures Support

Throughput ~10Mbps

No of concurrent calls supports 50 concurrent calls

Logging Local Security Event Console, Remote

Syslog

Device Management Web GUI via Https & SSH CLI

Hardware MIPS based 32bit Processor Single core,

300MHz

Primary Storage 16 MB Flash

RAM 64MB

Secondary Storage USB Storage devices support for logging

( Optional)

Interfaces Two Fast Ethernet Interfaces.

STM- Introduction

User Manual v1.0

www.shield.com

1.2. STM Deployment Considerations

The STM has been made to protect the SIP based PBX/Gateway Servers against SIP based

network threats and anomalies. Thus it is recommended to deploy the STM along with the

PBX/Gateway deployment as given in the following scenarios based on what is applicable in

the user’s setup.

Deployment Scenario 1

Note:

Some of the PBX/Gateway devices may have an exclusive LAN/Mgmt Interface for device

management purpose other than the Data Interface (also referred as WAN/Public Interface).

In such cases LAN port of the STM should be connected to the Data Interface (WAN/Public

Interface).

Deployment Scenario 2

In the case of PBX deployed in the LAN Setup, the following setup is recommended as it

would help to protect against the threats from both Internal Network as well as the threats

from the Public Cloud penetrated the Non SIP aware Corporate Firewall.

STM – Initial Setup

User Manual v1.0

www.shield.com

2. Initial Setup & Configuration

1. Unpack the items from the box

2. Check that you have all the items listed in the package content.

3. Connect the appliance to the power socket using the USB power cable.

4. Connect the LAN port of the STM to the PBX/VOIP Gateway.

5. Connect the WAN port of the STM to the untrusted/public network.

6. The device will take about a minute to come up & will be fully functional with the

default configuration.

Note:

Some of the PBX/Gateway devices may have an exclusive LAN/Mgmt Interface for device

management purpose other than the Data Interface (also referred as WAN/Public Interface).

In such cases LAN port of the STM should be connected to the Data Interface (aka

WAN/Public Interface).

The device operates as transparent bridging firewall with Deep Packet Inspection enabled

on the SIP traffic. By default, the appliance has been made to acquire the IP Address via

DHCP.

The device has been made to be fully functional with the default configuration. However if

the user needs to tune the device settings & the DPI policies, user can tune the configuration

via the Device WebUI.

Important Note:

a) We strongly recommend you to change the Nano2PBX Admin Password from Factory

default to Alpha numeric password to reduce the possibility of a security breach.

b) Use Mozilla Firefox Only!

c) Bootup process of the Nano2PBX takes about 3-4 mins

2.2. Default Configuration

The device operates as transparent bridging firewall with Deep Packet Inspection enabled

on the SIP traffic. By default, the appliance has been made to acquire the IP Address via

DHCP.

The device has been made to be fully functional with the default configuration. However if

the user needs to tune the device settings & the DPI policies, He/She can tune the

configuration via the Device WebUI.

STM – Initial Setup

User Manual v1.0

www.shield.com

The device all provides the command line interface accessible via SSH, which will allow to

configure the basic settings and view device status.

Management Access Login Credentials

WebUI admin/admin

SSH CLI admin/stmadmin

2.3. Accessing the WebUI

To access the device WebUI,

1. Connect the serial console the serial port of STM device.

2. Use the following serial console settings to access the Shield CLI

i. Speed : 38400

ii. Parity : None

iii. Data : 8

iv. Stopbits : 1

v. Flowcontrol : No

3. From the Shield command prompt, execute the following command to view the IP

Address acquired by the device.

shield>show ip

Now you can access the device from the browser using the URL as given below

https://<device-ip>

Note:

The WebUI has been made accessible only via HTTPS. The Device WebUI Server has been

made to use Self signed PKI Certificate, Thus the browser will prompt to accept the self

signed certificate generated by the device on accessing the WebUI.

The recommended browser for accessing STM WebUI is Mozilla Firefox.

Note:

If you are not running the dhcp server in your deployment OR device fails to acquire the ip

address, set the ip address from the console CLI using the command line

shield>set ip <ipaddress> <mask> <gateway>

STM – Initial Setup

User Manual v1.0

www.shield.com

Verify the address using the ‘show ip’ command.Then use this IP address, to access the

WebUI/SSH to configure the device configuration further.

On launching the STM WebUI, the web application will prompt enter the administrator

credentials to login.

The WebUI login session has been made to time out and if the user does not enter the login

credentials for 30 seconds and will redirect to the informational page. The user can click the

hyperlink named as ‘login’ appearing on the information page, to visit the login page again.

If somebody is already logged in to STM WebUI session, the subsequent attempts to login

will notify the details previous login session as illustrated below and will prompt the user to

override the previous session and continue OR to discard the attempt the login.

Table of contents

Other Allo.com Telephone Accessories manuals

Allo.com

Allo.com STM User manual

Popular Telephone Accessories manuals by other brands

Viking

Viking DLE-200B Technical practice

Lucent Technologies

Lucent Technologies SPIRIT 1224 Controller user guide

BT DIVERSE 5400 user guide

Tadiran Telecom

Tadiran Telecom EMERALD ICE installation manual

Musicam

Musicam FieldFone II user guide

Polycom

Polycom KIRK KIRK 4040 Features guide

TIPTEL

TIPTEL DECT Set 50 user manual

Panasonic

Panasonic KX-UDS124 installation guide

BT BT7600 Quick setup and user guide

MCheeta

MCheeta CT-CID803 Plus user manual

View

View VP-PC installation guide

Baldwin Boxall

Baldwin Boxall BT8 operating instructions

SMC Networks

SMC Networks SMCDPCR-AP specification

SkyLink

SkyLink SD-001 user manual

Nera

Nera ISDN user guide

Intellitouch

Intellitouch MOH-500E Specifications

Viking

Viking SQRG-12 Technical practice

Bang & Olufsen

Bang & Olufsen beocom 1401 user manual

Allo.com Shield STM User manual

Popular Telephone Accessories manuals by other brands