SOLVING THE PROBLEM
Firewalls requires intimate knowledge of the protocols to validate it’s content and are therefore a natural replacement for dedicated ALGs. For DNS a stateful firewall is required to inspect and validating DNS packets. The firewall then offers protection from malformed packets and overload situations, and acts as an enabler for more advanced features like Wildcard FQDN Objects and DNS Intelligence.
Telephony and Multimedia applications rely heavily on IMS servers and SIP signaling. SIP Signaling is based on plain text and is easily misused by hackers sending malformed packets. A stateful firewall has to provide protection for critical voice and messaging services by acting as a b2b user agent Control all SIP transactions intimately. It can block malformed packets and overload attempts, perform Flow Access Control with conditional IP rules and authenticate request (Access Allowed/Denied). It also enables
With a service-domain firewall including control signaling validation provides a higher level of protection for DNS and IMS servers. It enables to intimately screen the content of the signaling and validate it for authenticity. The soliton will also mitigate overload situations and provides opportunity to reduction of cost by eliminating the need for dedicated signaling gateways or back-2-back user agents.
Higher level of protection
Reduction of cost
The following Clavister products are capable of providing this use case.
Solutions & Customers
The following solutions and customers benefit from this use-case: