Passing through signaling without validation is posing serious security risks to your infrastructure. Hackers embed malicious code in signaling send to the servers (SIP or DNS) and can quickly cripple a whole infrastructure. A few critical nodes are the lifeline of the service availability – they have to be protected well. The solution is to screen the requests by an Application Layer Gateway (ALG) solution. However, many ALGs are disturbing the communications by poor functioning ALGs.
SOLVING THE PROBLEM
Firewalls requires intimate knowledge of the protocols to validate it’s content and are therefore a natural replacement for dedicated ALGs. For DNS a stateful firewall is required to inspect and validating DNS packets. The firewall then offers protection from malformed packets and overload situations, and acts as an enabler for more advanced features like Wildcard FQDN Objects and DNS Intelligence.
Telephony and Multimedia applications rely heavily on IMS servers and SIP signaling. SIP Signaling is based on plain text and is easily misused by hackers sending malformed packets. A stateful firewall has to provide protection for critical voice and messaging services by acting as a b2b user agent Control all SIP transactions intimately. It can block malformed packets and overload attempts, perform Flow Access Control with conditional IP rules and authenticate request (Access Allowed/Denied). It also enables
With a service-domain firewall including control signaling validation provides a higher level of protection for DNS and IMS servers. It enables to intimately screen the content of the signaling and validate it for authenticity. The soliton will also mitigate overload situations and provides opportunity to reduction of cost by eliminating the need for dedicated signaling gateways or back-2-back user agents.
Higher level of protection
Reduction of cost
Solutions & Customers
The following solutions and customers benefit from this use-case:
SGi/Gi Firewalling – Core Security
Protecting the core network for mobile and fixed service providers
Protection of Legacy Systems
Protecting older un-updatable but critical systems from vulnerabilities
Clavister provides security for super-computing facility