SIP Threat Manager

As a administrator, you are responsible for securing your phone system. On average, an attack costs several thousands of US dollars. Our STM is installed in front of any SIP based PBX or gateway offering several layers of security against numerous types of attacks. Block specific IPs or countries, protect your PBX against hackers trying user names and passwords, someone is trying to flood your PBX with a DDos attacks? No problem!

Using the SNORT based Real Time Deep packet inspection engine, our STM analyzes each SIP packet going to your phone system, identifies the malicious and abnormal ones blocking the originating IP. See more features below: (Please read the feature list, see the video and get access to the STM user interface for the complete user experience)

The appliance has been made to seamlessly integrate with the existing network infrastructure and reduces the complexity of deployment.

 

 

Features

Key Features

  • Analyze SIP packets using the Snort based Real time Deep Packet inspection engine
  • SIP Protocol Anomaly detection with configurability of detection parameters
  • Detection and Prevention of the following categories of SIP based Attacks
    • Reconnaissance attacks (SIP Devices Fingerprinting, User enumeration, Password Cracking Attempt)
    • Dos/DDos Attacks
    • Cross Site Scripting based attacks
    • Buffer overflow attacks
    • SIP Anomaly based attacks
    • 3rd Party vendor vulnerabilities
  • Toll Fraud detection and prevention
  • Protection against VOIP Spam & War Dialing
  • Attack response includes the option for quietly dropping malicious SIP packets to help prevent continued attacks
  • Dynamic Blacklist Update service for VOIP, SIP PBX/Gateway Threats
  • Configurability of Blacklist/Whitelist/Firewall rules
  • Support for Geo Location based blocking
  • Provide the option to secure against PBX Application vulnerabilities
  • Operate at Layer 2 device thus transparent to existing IP infrastructure - no changes required to add device to your existing network
  • Web/SSL based Device Management Access which will allow to manage the device anywhere from the Cloud
  • Ability to restrict the device management access to specific IP/Network
  • Provide System Status/Security events logging option to remote syslog server
  • Provides the SIP throughput upto ~10Mbps
  • Support for Signature update subscription and automated signature update mechanism
  • The device has been made to operate with default configuration with just powering on the device. No administrator intervention is required to operate the device with default configuration
  • USB based power supply
  • Optional support for security events logging on the USB based storage

Target Applications

Target Applications

  • Voice-over Internet Protocol (VoIP) Services
  • IPPBX/ VOIP Gateway security

Tech Specs

Tech Specs

Functional Mode Transparent Firewall with SIP Deep Packet Engine
SIP Intrusion/Prevention ~400+ SIP Attack Signatures Support
Throughput ~10Mbps
No of Concurrent Calls Supported 50 concurrent calls
Logging Local Security Event Console, Remote Syslog
Device Management Web GUI via Https & SSH CLI
Hardware MIPS based 32bit Processor Single core, 300MHz
Primary Storage 16 MB Flash
RAM 64MB
Secondary Storage USB Storage devices support for logging (Optional)
Interfaces Two Fast Ethernet Interfaces

Physical & Environmental

Operation Temperature 10°C to 40°C (50 F to 104 F)
Storage Temperature 0°C to 50°C (32°F to 122°F)
Operating Humidity 10% to 90%, Non-condensing
Storage Humidity 5% to 95%, Non-condensing
Dimensions 170mm X 140mm X 34mm
Weight 320gms
Power Input 05V DC / 2.0 A