Please enable JavaScript in your browser for better use of the website!

Control Signaling Validation

THE PROBLEM

Passing through signaling without validation is posing serious security risks to your infrastructure. Hackers embed malicious code in signaling send to the servers (SIP or DNS) and can quickly cripple a whole infrastructure. A few critical nodes are the lifeline of the service availability – they have to be protected well. The solution is to screen the requests by an Application Layer Gateway (ALG) solution. However, many ALGs are disturbing the communications by poor functioning ALGs.

SOLVING THE PROBLEM

Firewalls requires intimate knowledge of the protocols to validate it’s content and are therefore a natural replacement for dedicated ALGs. For DNS a stateful firewall is required to inspect and validating DNS packets. The firewall then offers protection from malformed packets and overload situations, and acts as an enabler for more advanced features like Wildcard FQDN Objects and DNS Intelligence.

Telephony and Multimedia applications rely heavily on IMS servers and SIP signaling. SIP Signaling is based on plain text and is easily misused by hackers sending malformed packets. A stateful firewall has to provide protection for critical voice and messaging services by acting as a b2b user agent Control all SIP transactions intimately. It can block malformed packets and overload attempts, perform Flow Access Control with conditional IP rules and authenticate request (Access Allowed/Denied). It also enables

THE RESULT

With a service-domain firewall including control signaling validation provides a higher level of protection for DNS and IMS servers. It enables to intimately screen the content of the signaling and validate it for authenticity. The soliton will also mitigate overload situations and provides opportunity to reduction of cost by eliminating the need for dedicated signaling gateways or back-2-back user agents.

1

Higher level of protection

2

Reduction of cost

3

Business continuity

Check all our Use Cases! Download the booklet

DOWNLOAD BOOKLETALL USE CASES

Products

The following Clavister products are capable of providing this use case.

Clavister NetShield S10 Pro

Clavister NetShield P40 Pro

Clavister NetShield Virtual Series

Solutions & Customers

The following solutions and customers benefit from this use-case:

SOLUTION

SGi/Gi Firewalling – Core Security

Protecting the core network for mobile and fixed service providers

SOLUTION

Protection of Legacy Systems

Protecting older un-updatable but critical systems from vulnerabilities

SUCCESS STORY

CASPUR

Clavister provides security for super-computing facility

Get in touch! It will only take a minute

CONTACT USFIND RESELLER