Branch Gateway provides the following network security features:
Private secure connections can be configured between Branch Gateway and a remote peer using Virtual Private Network (VPN). VPN at the IP level is deployed using IPSec.
Protection against DoS (Denial of Service) attacks is provided through:
MSS notifications (IPv4 only). Branch Gateway identifies predefined or customer-defined traffic patterns as suspected DoS attacks and generates SNMP notifications, or Managed Security Services (MSS) notifications. Branch Gateway intercepts MSS notifications and under certain conditions forwards them to the Avaya Security Operations Center (SOC) as INADS alarms. The SOC is an Avaya service group that handles DoS alerts, responding to any DoS attack or related security issues.
SYN cookies, which protect against a TCP/IP attack.
From Release 7.0, Branch Gateway supports TLS 1.2. TLS 1.2 provides a higher level of security than earlier versions to protect users from known attacks.
The TLS protocol provides the following services to all TLS applications:
Encryption
Authentication
Data integrity
TLS certificate validation is time-zone specific based on the values administered in Avaya Aura® Communication Manager.
