Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1455
Views
0
Helpful
3
Replies

about MCID ( Malicious Call ID )

nivanak
Level 1
Level 1

‎03-22-2012 08:16 PM - edited ‎03-16-2019 10:16 AM

hi !

we want to block Malicious Call from user's ip phone.

from cucm manual , i saw MCID feature.

but i have a question. after user pressed Malicious Call softkey , will cucm block Malicious call was pressed by user ?

thanks.

Labels:
0 Helpful
3 Replies 3

anchoudh
Level 9
Level 9

‎03-22-2012 08:27 PM

Hi Nivanak,

Using the Malicious Call ID Feature with Cisco Unified CallManager:

The MCID feature provides a useful method for tracking troublesome or threatening calls. When a user

receives this type of call, the Cisco Unified CallManager system administrator can assign a new softkey

template that adds the Malicious Call softkey to the user’s phone. For POTS phones that are connected

to a SCCP gateway, users can use a hookflash and enter a feature code of *39 to invoke the MCID feature.

When the MCID feature is used, the following actions take place:

1. The user receives a threatening call and presses the Malicious Call softkey (or enters the feature code

*39).

2. Cisco Unified CallManager sends the user a confirmation tone if the device can play a tone—and a

text message on a phone that has a display—to acknowledge receiving the MCID notification.

3. Cisco Unified CallManager updates the CDR for the call with an indication that the call is registered

as a malicious call.

4. Cisco Unified CallManager generates the alarm and local syslogs entry that has the event

information.

5. Cisco Unified CallManager sends an MCID invocation through the facility message to the connected

network. The facility information element (IE) encodes the MCID invocation.

6. After receiving this notification, the PSTN or other connected network can take actions, such as

providing legal authorities with the call information.

You can refer the CUCM admin guide for more information.

Hope it helps.

Anand

Please rate helpful posts..

0 Helpful

nivanak
Level 1
Level 1
In response to anchoudh

‎03-22-2012 10:02 PM

hi !

thanks for ur answer.

but, can i  block Malicious Call with MCID ?

i read it, already but i do not understand flow after registered as malicious call. 

0 Helpful

anchoudh
Level 9
Level 9
In response to nivanak

‎03-22-2012 11:24 PM

Hi Nivanak,

Blocking incoming calls from MGCP

Method 1: (if you are using the MGCP gateway)

Blocking Particular Incoming call

Example: You need to block 0431183951

Gateway Incoming CSS: PSTN_CSS

Phones CSS: Phone_CSS

Make a new partition: Block_Partition

Add this new Partition to the Gateway CSS

I.e: PSTN_CSS---- Block_Partition

Make a Translation Pattern: 0431183951

Put in the Partition Block_Partition

Choose the "Block This pattern" option.

Restart all the devices.

Explanation:

Call comes into the gateway with Calling Info: 0431183951 The TP are searched first, the gateway see that the Block_Partition is the PSTN_CSS, so will send the call to TP. The TP matches the number, then blocks the calls. But if some other number comes in, the TP will not match and route the call.

But because most of times outgoing calls to 0431183951 should be allowed, we are not adding the phone partition to the TP and also not adding the Block_partition to Phone_CSS.

================================================================

Method 2: (If method 1 not working properly)

starting from callmanager 4.0 or above, our development introduced a new feature Malicious Call Identification.

Malicious Call Identification :

http://www.cisco.com/en/US/products/sw/voicesw/ps556/products_administration_guide_chapter09186a00801ed117.html

When the MCID feature is used, the following actions take place:

1. The user receives a threatening call and presses the Malicious Call softkey (or enters the feature code *39).

2. Cisco CallManager sends the user a confirmation tone if the device can play a tone—and a text message on a phone that has a display—to acknowledge receiving the MCID notification.

3. Cisco CallManager updates the CDR for the call with an indication that the call is registered as a malicious call.

4. Cisco CallManager generates the alarm and event log entry that has the event information.

5. Cisco CallManager sends a MCID invocation through the facility message to the connected network. The facility information element (IE) encodes the MCID invocation.

6. After receiving this notification, the PSTN or other connected network can take actions, such as providing legal authorities with the call information.

Hope it helps,if it doesn't work then you need to call the service provider (Telco) to block that specific incoming number.

===========================

Hope it helps.

Please don't forget the rate the helpful posts, by clicking on the stars below the helpful answer and mark as answered if it has answered your queries.

Thanks,

Anand

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents