SBC 1000/2000 4.1.x : Managing TLS Profiles

After the Sonus SBC 1000/2000 obtains the required certificates, configuration of several options/attributes on both the server and client is necessary before TLS can employ the certificate(s) in establishing a secure connection. The attributes are configured in TLS profiles. Attributes include, but are not limited to, such things as Client Ciphers, and inactivity timeouts.

TLS Profiles are used by SIP Signaling Groups when the TLS transport type is selected for incoming and outgoing SIP trunks (Listen Ports), and in SIP Server Tables when TLS is selected as the Server Host protocol.

Sonus SBC 1000/2000 supports only TLS 1.0, SSL 3.0 and SSL 2.0 are not supported due to security risks and vulnerabilities.

Working with TLS Profiles

  1. In the WebUI, click the Settings tab.
  2. In the left navigation pane, go to Security > TLS Profiles.

To view a TLS Profile's properties:

  1. Click the popup() icon next to the entry you want to view.
  2. When you are finished, close the window.

Helpful Tip: To delete an entry, simply select the checkbox next to the entry you wish delete, then click the Delete () icon located at the top of the window.

Creating and Modifying TLS Profiles

Comments:

"Sonus SBC 1000/2000 supports only TLS 1.0" statement is incorrect. SBC TLS Client Role supports TLS 1.0 and TLS 1.2; SBC TLS Server Role supports TLS 1.0, TLS 1.1 and TLS 1.2

Posted by rysj at Dec 17, 2014 14:21