This feature can be selectively configurable for each SIP Profile. You can turn on Strict Security on external SIP Profile and leaving it disabled on all internal SIP Profiles where security is less of a concern.
Please note that this mode should be disabled on MSBG SIP profile with IP starting with 127.
SIP Trunking with Strict Security mode
To enable Strict Security mode for a SIP Profile:, access the following web UI page on your SBC and change Strict Security to "enable".
Existing ACL inbound will be effective for Strict Security. To modify this ACL list, go to the Authentication section in the same SIP Profile configuration page and add/Remove ACL list to "ACL for Inbound Calls".
If you want to create a new ACL list, please point your browser to /SAFe/fs_acl_config.