SIPassure provides comprehensive protection against a wide variety of threats using a range of controls, including unique session profiling technology that prevents spam and Denial-of-Service attacks. It secures critical VoIP and other SIP applications by providing a layered approach to security.
At the network level, it applies Stateful Inspection and Packet Filtering policies to all traffic flowing between the SIP infrastructure and any of its users, ensuring that only legitimate traffic is allowed to reach any device. It hides the details of the network, keeping crucial information away from hackers. It prevents network level Denial-of-Service attacks, and protects all systems and endpoints from buffer overflows and other packet based vulnerabilities.
At the protocol level, application proxies inspect all SIP and RTP packets to ensure that they conform to protocol specifications. Advanced checks and balances are applied to ensure that only legitimate signaling and media flows are processed and allowed through. It protects the infrastructure from protocol based Denial-of-Service attacks, Malformed messages, Registrar hijacking and other potential service interruptions. It protects users from a number of threats including Session hijacking, Impersonation, Transfer attack and many more.
At the application level, it implements advanced policy filters and controls along with application behavior analysis to protect against threats such as Directory Harvesting and Spam over Internet Telephony (SPIT). It supports message authentication and authorization, blacklisting by IP address, domain or user, and unique reputation services to block unwanted messages before they reach the infrastructure or the endpoints.
By providing a layered approach to security, SIPassure is able to protect both the SIP infrastructure and its users from attacks that can compromise service quality and availability. |
