|
Juniper Jumps On VoIP Security |
|
|
|
Written by Adam Gosling
|
|
Thursday, 27 October 2005 |
Juniper Networks has announced a a security solution for SIP-based VoIP networks.
Dubbed Dynamic Threat Mitigation the solution targets service providers offering enterprise and or residential customers IP-based network services such as VoIP.
The solution is designed to prevent session initiated protocol (SIP) attacks, worms and denial-of-service attacks from impacting SIP-based voice communications and network services.
The Dynamic Threat Mitigation solution protects against DOS attacks by allowing service providers to identify the attack on a per user or per-application basis. The attack can then be prevented quickly and effectively using a combination of policy enforcement, dynamic policy control and intrusion detection and prevention techniques.
In the case of a flood the Juniper Intrusion Detection and Prevention (IDP) systems notifies the IDP Manager which then generates requests to Juniper’s SDX (Service Deployment System) which dynamically invokes the appropriate policy to control subscriber and traffic flows as defined by the service provider. The SDX policy server can signal Juniper’s routing platform to rate limit or filter the subscriber’s traffic to protect assets and help prevent additional subscriber infection.
If the IDP product identifies that the VoIP subscriber is infected with a worm, it signals the policy server to quarantine and notify the subscriber. The policy server re-directs the subscriber to a captive portal Web page that provides notification of the VoIP attack along with Web links that provide assistance with remedying the situation. Policies are updated dynamically and allow the user to resume normal activity once their computer has been cleared.
The solution is only available to users of the Juniper M-series or E-series routers, IDP and SDX products. Existing customers using the M or E-series router, IDP or SDX products can implement the Dynamic Threat Mitigation solution by adding the additional required components.
“With more services being pushed across the IP network, it is essential to also maintain increased levels of security and control to ensure services delivered to the enterprise or residential customer are not compromised,” said Andrew Coward, CTO for Asia Pacific, Juniper Networks. “Juniper’s combined use of intrusion detection and prevention with our service deployment system is a natural and very useful progression that provides threat protection to the edge without disrupting the customer’s environment or installing new equipment at the customer location.”
Related news items Newer news items
Older news items
|
|
|
|
