Introduction
ClearIP allows you to immediately create policies that can be applied to specific calling numbers. You are not required to upload your list of calling numbers into ClearIP to create and manage policies based on calling number.
If you would like to manage policies within ClearIP and view detailed analytics based on other parameters than the calling number such as the User-Id, originating trunk group, source IP address, etc., then you can both 1) send these other parameters in the SIP Invites and 2) provision Service Providers, Groups, and Users within ClearIP.
The most useful configuration of users, groups, and service providers in ClearIP depends on how your network architecture and service are organized. The following examples describe five common network designs and how they are configured in ClearIP.
Example 1: ClearIP Users are defined by Default User
The simplest ClearIP organization defines all call sources by a Default User. If the IP address, trunk group, user ID or calling number in a SIP INVITE does not match a user defined in ClearIP, then the call will be associated with the Default User.
The following diagram illustrates a retail telephone service provider with four customers. None of the customers are explicitly configured in ClearIP. Calls from these customers will be associated with the Default User, Default Group and Default Service Provider. When new customers are added, no ClearIP configuration is needed. Calls from each new customer will be associated with the Default User.
A Default User is configured in ClearIP by leaving all the four identifier fields for the User blank (IP address, trunk group ID, user ID and calling number).
Note: The recommended best practice is to always create a Default User in ClearIP. Having a Default User ensures that every SIP INVITE from your SBC will be processed by ClearIP. If there is no Default User and a call cannot be associated with a user, the ClearIP will return a 403 Forbidden response.
In the SIP Messages, all calls are associated with the Default User, Default Group and Default Service Provider.
Creating ClearIP Policies
You can create ClearIP policies based on specific calling and called numbers. In this screenshot below of the Whitelist/Blacklist Called Countries page, policies have been created that are restricted to specified calling numbers. 
If toll fraud prevention services are enabled and ClearIP detects toll fraud, then ClearIP sends a fraud trigger alert that includes the affected calling number.
A ClearIP trigger event has occurred. Please visit https://clearip.com/trigger-event for more information.
ID: XXX
Type: Targeted Pumping By Calling Number
Action: Block
Action Time: 60 minutes
Fraud Score: 3.1335
Fraud Score Threshold: 3
Calling Number: 14045266060
Called Country: Sri Lanka
SIP Messages: https://clearip.com/sip-message?XXX
For support, please contact us at https://tickets.transnexus.com.
Sincerely,
ClearIP Fraud Department
Example 2: ClearIP Users are defined by User ID
Telephone subscriber IDs can be configured as Users in ClearIP. If a subscriber ID is included in the SIP INVITE message, the call will associated with the ClearIP User matching the Subscriber ID. This enables you to set up routing, fraud control, or analytics by User ID.
This option is especially convenient for service providers using Cisco’s Broadworks Application Server (AS) or netsapiens.
Broadworks Application Server
If you use the Broadworks User Provisioning script, then you can provision the Service Provider, Group, and User values from your Broadworks Application Server into ClearIP.
Here is an example of the SIP Messages page when the Broadworks user data has been provisioned in ClearIP. All calls are tagged with the relevant Service Provider, Group, and User which enables more useful call analytics. 
Netsapiens
If you use the Netsapiens User Provisioning script, then you can provision the Reseller, Domain, and User values from your Netsapiens into ClearIP.
Here is an example of the SIP Messages page when the netsapiens user data has been provisioned in ClearIP. All calls are tagged with the relevant Service Provider, Group, and User which enables more useful call analytics. 
Creating ClearIP Policies
You can create ClearIP policies based on any of the Service Provider, Group, User, calling or called number. In this screenshot below of the Whitelist/Blacklist Called Countries page, policies have been created that are restricted to specific Groups and Users. Policies with a specified Group but a blank User field apply to all Users defined within that Group. 
If toll fraud prevention services are enabled and ClearIP detects toll fraud, then ClearIP sends a fraud trigger alert that can include the affected ClearIP Service Provider, Group, and User.
A ClearIP trigger event has occurred. Please visit https://clearip.com/trigger-event for more information.
ID: XXX
Type: Targeted Pumping By User
Action: Block
Action Time: 60 minutes
Fraud Score: 3.1335
Fraud Score Threshold: 3
Service Provider: 3-eo2.com
Group: 136560
User: 2103387301@eo2.com
Called Country: Sri Lanka
SIP Messages: https://clearip.com/sip-message?XXX
For support, please contact us at https://tickets.transnexus.com.
Sincerely,
ClearIP Fraud Department
Example 3: ClearIP Users are defined by IP address
This diagram illustrates an enterprise with five branch offices. The branch offices are spread across four states. Each branch office has its own PBX interconnected with the Enterprise SBC. The PBXs are identified by their IP addresses.
In this scenario, each branch office is identified as a User in ClearIP by the PBX IP address. The Enterprise SBC must be configured to include the PBX IP address in the p-source-device header of the SIP Invite sent from the SBC to ClearIP.
This scenario enables you to set up routing, fraud control, or analytics by PBX IP address, state, region and more.
Example 4: ClearIP Users are defined by Trunk Group
This scenario includes a Wholesale Service Provider who has Retail Telephone Service Providers (TSPs) as customers. The Wholesale Service Provider’s SBC could be any class 4 signaling device.
Visit the Multi-tenancy section for more information about configuring ClearIP for this use case.
The following network diagram illustrates this scenario. The wholesale provider has three retail TSPs as customers. These customers are identified by their Originating Trunk Group (OTG) tags.
In this scenario, the Retail TSPs are configured as ClearIP Users identified by originating trunk group. The SBC must be configured to include the originating trunk group in the SIP INVITE sent to ClearIP. Each User could be assigned to its own Group and Service Provider. However, in this case the simplest configuration is to assign each customer to the Default Group and Default Service Provider.
This scenario enables you to set up routing, fraud control, or analytics by originating trunk group and more.
Here is an example of the SIP Messages page when the originating trunk group data has been provisioned in ClearIP. All calls are tagged with the relevant Service Provider, Group, and User which enables more useful call analytics. 
In this screenshot below of the Outbound Routes page, routing policies have been created for specific originating trunks by selecting the relevant Service Provider, Group, and User values. 
Example 5: ClearIP Users are defined by Bill To Number
This scenario includes a network of individual telephones managed by a PBX. In this case, the PBX is configured as the SBC in ClearIP and the individual telephones as ClearIP Users by calling number.
The following diagram shows the network of a Retail Business having offices in New York and California. Each ClearIP User is identified by its calling numbers. Users are grouped by office location (Groups in ClearIP). The office locations are grouped by state (Service Providers in ClearIP).
In this scenario, you could set up routing, fraud control, or analytics by phone number, office, state, and more.
