Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

Live mode

This is the regular operation mode of the Ethical wall and it goes as follow:

  1. SIP traffic from Skype for Bussiness Front-End and\or Edge servers(depending on the configuration) is being inspected if a cached policy is already applied to it.

  2. Check if there is a preexisting calculation

    1. the traffic is being redirected to the Maintenance service on the Admin Portal If there is no pre-existing cache.

      1. The Maintenance Service calculates and caches the rules for future calculations and returns the policy back to the SIP Filter

  3. SIP filter cache the policy locally and enforce the calculated policy.

Examples:

  1. In case the communication is allowed and precalculated:

    1. Alice@external.com sends a message "Hello!" to bob@internal.com

    2. This reaches the Edge/Front End, Edge/Front End forwards this to the SIP Filter

    3. Sip Filter checks in the Policy Cache sees this already has been calculated by the Maintenance service

    4. Sip Filter returns the found policy cache, which allows the traffic to bob.

  2. In case the communication is blocked and not precalculated:

    1. Eve@external.com sends a message "Hey!" to Bob@internal.com

    2. This reaches the Edge/Front End, Edge/Front End forwards this to the SIP Filter

    3. SIP Filter checks in the policy cache and doesn't find add, thus calculates and adds the calculation result as a record in the Policy cache

    4. SIP Filter returns the calculated policy, which blocks the traffic to bob.

Learning Mode

This mode applies calculation and caching for the configured policies however only the Default policies are being enforced by the SIP filter.

It is recommended to maintain this mode during a fresh deployment in order to establish a comprehensive enough cache.

This is due to the introduced load of calculating policies without preexisting cache can hinder the normal Skype for Bussiness operation and generate instabilities.

Example of the operation during Learning Mode:

  1.  Alice@external.com sends a message "Hello!" to Bob@internal.com

  2. This reached the Edge/Front End, Edge/Front End forwards this to the SIP Filter

  3. Sip Filter checks & returns the corresponding Default policy for this Traffic (Default external)

  4. Sip Filter inputs a new record to the Ethical wall Policy Cache

  5. Maintenace service checks the new Policy cache entry

  6. Maintenance service finds the corresponding policy for this cache

  7. Maintenance service updates this cache in the database.

  • No labels