The release of Acme Packet ECZ730m1 software introduces the ACLI command fraud-protection. This allows the SBC to store multiple black lists, white lists, SIP redirect lists, and rate limit entries for fraud prevention and call control. Multiple lists may exist where entries are stored in separate XML files.

Lists (XML files) may be initially created through the command line (ACLI) or web interface. If the preference is to manage lists manually then once a list is created it will need to be downloaded and the XML file(s) edited with a text editor, similar to managing Local Route Tables (LRT). Otherwise, all entries may be added, modified, or deleted using the web interface.

Below is an example of the GUI configuration elements for managing fraud-protection











Below is an example of creating a new fraud-protection XML file in the ACLI called test.xml

In the example below, the Whitelist section permits all calls based on the From header matching through the realm called peer, as well as calls to based on the To header specific UK phone number on any realm (the * is a wildcard for all realms) . The Blacklist section rejects calls based on a variety of criteria. Note that even though calls are blocked to +44 based on the To header, calls to +441189240000 are permitted since this is a more specific match in the Whitelist.

The command show fraud-protection all will shoe whether fraud definitions and whether any matches exist


The command show fraud-protection stats show a summary version of matches








  1. Gonzalo says:

    Hi Mark,

    Do you know if this release is going to be available for the NN 3820? The release notes for the ECZ740 don’t include it.


  2. Adam says:


    Can you use the LRT to manipulate digits? Our carrier can deliver toll free numbers to our system as 00000-2XX-XXX-XXXX and we want to replace the 00000-2 with just 8. For example, toll free number 800-444-44444 would be delivered to us as 00000-200-444-4444, and we would change that to be just 800-444-4444. But we’d want to wildcard the conversion, we don’t want to enter and convert every inbound number, just remove the 00000-2 and replace it with 8.


  3. Craig says:

    Adam – you could do that easily with an HMR. Do a manipulate on your To header or Request-URI and use a regex pattern to search for the 00000-2(.*) and replace with 8+$headerrulename.$elementrule.$2 … or something to that effect. sip-manipulations are insanely powerful.