Juniper Launches VoIP Security System

In a week where there has been a lot of news relating to VoIP hacking Juniper Networks has announced a system that promises to protect enterprises and service providers from attacks against VoIP systems, such as worms and denial-of-service threats.
Juniper’s Dynamic Threat Mitigation system identifies attacks on specific users or applications and blocks the attack, essentially by using policy enforcement and control. The system ensures the network stays up and is unaffected by the attack, said Dean Sheffield, Juniper voice solutions marketing manager.

“We all know how important our voice services are and how productivity is impacted when the service is out,” he said. “Ask any lawyer who gets paid on billable hours how much it hurts if their VoIP system goes down.”

With IP telephony, VoIP signaling and the voice medium itself needs to be protected so network services aren’t stolen, the network isn’t brought down or unauthorized users can eavesdrop on conversations.

Juniper’s system includes an IDP (Intrusion Detection and Prevention) traffic-processing box that identifies anomalies in traffic, such as in SIP flows, and worms and viruses. The IDP detects anomalies and notifies a SDX software application, which in turn sends policies to network devices based on user information. Predefined policy instructs SDX on what to do and sends that policy to the device.

Juniper recently demonstrated the system sending the user to a captive portal and warning them their VoIP call may be compromised. It also could be configured to drop the call completely, Sheffield said. “The advantage here is the dynamic and instantaneous remedy to the business impact,” he said.

A service provider, using SDX and IDP, could offer the system as a managed service, or an enterprise could deploy it, generally with the help of a systems integrator.

Juniper’s system would compete with various stand alone IDP and service- provisioning offerings on the market. That includes IDP boxes from Check Point and Cisco Systems and provisioning tools from Alcatel, for example.

The benefit of Juniper’s system, according to the Sheffield, is its “dynamic nature” and that it works immediately to mitigate threats and applies policy to VoIP calls in real-time.

The system requires the Juniper M-series or E-series router, IDP and SDX products.

Reader Note:
The SDX referred to here is a software package which provides a subscriber interface to the system. It houses a set of Web Services which are used to pass login information, (e.g. the username and password) down to the E-series Router. SDX will also activate services that are configured on the SDX, but activated through commands from the Everyplace Subscription Manager.

The following two tabs change content below.


Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nam dignissim magna vitae dui posuere eu feugiat augue eleifend. Fusce sed tincidunt quam. Donec varius aliquam metus ut semper. Donec augue purus, feugiat interdum malesuada vel, aliquet quis massa. Nulla facilisi. Nam vel ante quam, et tincidunt dui. Maecenas venenatis libero eu nulla tincidunt et accumsan velit sodales. Nam congue mauris et felis porttitor blandit. Nam eget tempor massa. Nullam suscipit gravida eros, ac suscipit magna feugiat sit amet.

Latest posts by admin (see all)