SIP Proxy: Possible attack by partners with an untrusted root certificate. Monitor

  • ID:  Microsoft.LS.2015.Monitoring.UnitMonitor.TimerResetEvent.AccessEdge.SIPPROXY_E_UNTRUSTED_CERTIFICATE_ATTACK
  • Description:  SIP Proxy: Possible attack by partners with an untrusted root certificate.
  • Target:  Access Edge Component
  • Enabled:  Yes

Operational States

Name State Description
Success state for Monitor 'SIP Proxy: Possible attack by partners with an untrusted root certificate.' Success  
Error state for Monitor 'SIP Proxy: Possible attack by partners with an untrusted root certificate.' Error  

Alert Details

Monitor State Message Priority Severity Auto Resolution
Error state for Monitor 'SIP Proxy: Possible attack by partners with an untrusted root certificate.' (Error) [Skype] The Access Edge Server has detected a large number of TLS negotiation attempts from federated partners with a TLS certificate that is chained to an untrusted root. Medium Critical Yes

Run As Profiles

Name
Default

Monitor Knowledgebase

Summary

The Access Edge Server has detected a large number of TLS negotiation attempts from federated partners with a TLS certificate that is chained to an untrusted root.

Causes

The server is likely under attack.

Resolutions

It is recommended that connections from these partners be blocked at the firewall.

External References
This monitor does not contain any external references.

See Also for Lync Server 2015 Monitoring Management Pack


Downloads for Lync Server 2015 Monitoring Management Pack

AZURE OPTIMIZATION ASSESSMENT GET STARTED
MIGRATION TO AZURE GET STARTED
SYSTEM CENTER MIGRATION TO AZURE GET STARTED
MIGRATION TO AZURE FOR SQL AND WINDOWS 2008 GET STARTED