Archived TD0133: FAU_GEN.1; FIA_SIPS_EXT.1 - Auditing SIP Register Events
FIA_SIPS_EXT.1 requires that all register events be logged by the SBC. Due to the fact that SBCs sit on the internet facing edge of a network, there is potential for a great amount of SIP register events. Logging of every SIP register request makes TOEs more susceptible to SIP Register Flooding, a common resource utilization attack.
Resolution: Remove the following row in Table 1: Auditable Events
An SBC should defend against common resource utilization attacks, such as SIP Register Flooding. This has been updated in EP_SBC_V1.1.