SIP ALG Resilience to DoS Attacks
Cisco IOS XE Release 3.11S
The SIP ALG Resilience to DoS Attacks feature provides
protection against Session Initiation Protocol (SIP) denial of
service (DoS) attacks. This feature supports a configurable lock limit, a
dynamic blacklist, and configurable timers to prevent DoS attacks. Network Address Translation (NAT) and zone-based policy
firewalls support this feature.
In Cisco IOS XE Release 3.11S, the SIP ALG Resilience to DoS Attacks feature is implemented on Cisco ASR 1000 Series Aggregation Services Routers, Cisco Cloud Services Routers 1000V Series, and Cisco 4400 Series Integrated Services Routers.
The following commands were introduced or modified:
alg sip processor,
alg sip blacklist,
alg sip timer,
show alg sip,
debug platform software alg configuration all,
set platform software trace forwarding-manager alg,
show platform hardware qfp feature alg statistics