VoCALL sipPROT

Providing protection for your business


Included as a key part of your VoCALL system, sipPROT provides protection from SIP attacks. Brute-force break-in attempts and Denial of Service attacks are quite frequent and an unpredictable threat. Unprotected VoIP PBX systems are very sensitive to these kind of attacks. Unlike other similar solutions, sipPROT works with LIVE SIP track, dynamically blocking/unblocking IP addresses currently threatening the system.

Why you need Sip Protection

All devices and systems connected to the internet are constantly exposed to security risks, and VoIP systems are no different. A single unprotected element can jeopardise the entire network security and stability. 


Key Features

    ADVANCED ATTACK DETECTION PATTERN RECOGNITION 

    TFTP BRUTE FORCE DETECTION 

    PROTOCOL ANOMALY DETECTION

    BLACK LIST / WHITE LIST ADMIN NOTIFICATIONS

    DYNAMIC CONFIGURATION

    DYNAMIC BLOCK/UNBLOCK OF IPS REAL TIME SIP MONITORING 


The most common types of SIP attacks are: 

    DDoS (Denial of Service Attack) 

    Brute Force Attack 

    TFTP Brute Force Attack 

    SIP Scanner Attack 

The most common consequences of SIP attacks are: 

    VoIP Service downtime 

    The possibility of password hacking 

    Direct Financial loss due to network instability 

sipPROT uses the most advanced detection techniques: 

    Pattern recognition 

    Brute Force detection

    SIP protocol anomaly detection 


How VoCALL sipPROT Works

sipPROT does constant, LIVE SIP Track monitoring. After an attack is detected, sipPROT updates the Firewall rules and blocks IP addresses from which the attack is coming, for a special amount of time. If attacks stop in a certain period of time, sipPROT unblocks that IP addresses automatically. 

This allows sipPROT to block attacks more efficiently than most other solutions. In case of an attack the sipPROT will notify administrator asap. In addition, sipPROT generates reports and sends them to the administrator every hour. 

Black/White List 

Users are able to place a specific IP addresses on a Black list (blocking them out permanently) or on a White list (allowing unrestricted access).