Providing all important layers of SIP security.
Solid firewalls have deep packet inspection (DPI) capability, which gives Ingate the ability to look at Layer 2 through Layer 7 of the OSI model. As the SIP protocol is an application layer (Layer 7) in the OSI model, some products have a unique ability to evaluate the SIP protocol packets and provide non-protocol compliance rules, routing rules and policies. Deep packet inspection also provides an important layer of security.
How else does a proper plan ensure security for SIP applications?
Products which strictly adhere to the SIP protocol, look specifically for SIP compliancy. If there is a failure of SIP protocol compliance, the Ingate will use SIP components such as its full SIP proxy and SIP B2BUA to correct or discard SIP traffic to resolve compliancy issues.
Such products can also apply policies to correct SIP non-conformances in various applications such as:
Removal of VIA Headers
SIP Method Processing Rules
MIME Content Filtering
SIP Offer / Answer Call Flow
Escaped Whitespace Rules
SIP Method Authentication
URI Encoding
Session Timers
180 Response Removal
Username Checks
Limitation of Media Streams
Better Reliability
UDP Packet Size
Limitation of RTP Codecs
and so much more!
Depending on the nature of the failure to adhere to the protocol, the Ingate can also invoke a denial of service.