Versions Compared

Old Version 5

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Avi J. Levin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This is the regular operation mode of the Ethical wall Wall and it goes works as followfollows:

  1. SIP traffic from Skype for Bussiness Business Front-End and\or Edge servers is being inspected if a cached policy is already applied to it.

  2. Check if there is a pre-existing calculation in the database cache.

    1. If not, the SIP Filter itself will calculate the policy and store it in the database cache.

    2. If the calculation requires access to internal resources (UCMA or LDAP) and the SIP Filter is running on the Edge, the SIP Filter will query the Access Admin Portal API to get the policies.

  3. SIP filter cache caches the policy locally and enforce enforces the calculated policy.

  4. The maintenance service keeps refreshing the database cache to verify validity.

...

  1. In case the communication is allowed and pre-calculated:

    1. Alice@external.com sends a message "Hello!" to bob@internal.com

    2. This reaches the Edge/Front End, Edge/Front End forwards this to the SIP Filter

    3. SIP Filter checks in the Policy Cache and sees this already has been calculated.

    4. SIP Filter returns the found policy cache, which allows the traffic to bob.

  2. In case the communication is blocked and not pre-calculated:

    1. Eve@external.com sends a message "Hey!" to Bob@internal.com

    2. This reaches the Edge/Front End, Edge/Front End forwards this to the SIP Filter

    3. SIP Filter checks in the policy cache and doesn't find an entry, thus calculates and adds the calculation result as a record in the policy cache

    4. SIP Filter returns the calculated policy, which blocks the traffic to bob.

...

This mode is designed to build a large cache in the database. While in learning more, only default policies are being enforced by the SIP filter.

...

This is due to the introduced load of calculating policies without a pre-existing cache that can hinder the normal Skype for Bussiness Business operation and generate instabilities.

...

  1.  Alice@external.com sends a message "Hello!" to Bob@internal.com

  2. This reached the Edge/Front End, Edge/Front End forwards this to the SIP Filter

  3. SIP Filter checks & returns the corresponding Default policy for this Traffic (Default external).

  4. SIP Filter inputs a new record to the Ethical wall Wall Policy Cache.

  5. The maintenance service finds the corresponding policy for this record.

  6. The maintenance service updates this cache in the database.

...