Subex SIP Security solution protects the network from outside attacks and abuse. Our solution will protect you from these threats and attacks before they cause any damage to the network or the user with our multi-layered security mechanism.
SIP Stateful Systems
Apart from analyzing the event as the call initiation happens, our solution is also stateful in nature, keeping track of every request and the response received. This enables tearing down the call as it is happening (in near-real time) based on any abnormality in the state of the call.
58,400 unique threat intelligence signatures are gathered from our global honey pot infrastructure deployed in 66 different locations worldwide. We collect information based on geolocations, IP addresses, high-risk destinations, agents used in the attacks, and various other attack vectors. We make use of deep packet inspection to generate the signatures.
Over 3000 pre-configured rules and the threat intelligence from the global honey pot infrastructure is fed into our system to detect known attacks and reduce fraud run-time significantly.
ML-Based Anomaly detection
SIP attacks are constantly evolving. Machine learning provides a number of possibilities for the detection of new SIP attacks and threats. It can help detect new malformed SIP messages, the correlation between different attack types, and abnormal behavior with respect to origination & termination calls.
Main fraud and security attacks addressed by our solution
SBCs are network elements that exert influence over the data flows of sessions. They provide valuable security and often other key functionality such as session management. However, a more sophisticated approach to SIP security is needed. We need to adopt a comprehensive approach in which the SBC while playing an important part, is one of several defenses. A comprehensive approach to SIP security is required and goes beyond reliance on SBCs.
On the other hand, firewalls monitor and control incoming and outgoing network traffic based on predetermined security rules. However, it is static in nature, identifying known attacks based on IP addresses and other static parameters. Also, it lacks contextual information regarding the SIP traffic. The need of the hour is to have a more dynamic fraud detecting and preventing mechanism.