Most attacks targeting the VoIP infrastructure make use of the signaling technologies. SIP is the most common signaling protocol used for VoIP communications. Therefore, an application level firewall is required to protect the system. Netaş VoIP Firewall was designed in order to fulfill this requirement. Netaş VoIP Firewall is not a solution that only detects anomalies and prevents attacks, but also detects and prevents VoIP frauds such as toll fraud, premium rate services.
Nova V-GATE is a modular and high-performance VoIP application level firewall for corporations that provide and use new generation IP based communication services. It is designed against attacks that lead to great damage, including damages that cause deactivation as well as revenue and reputation loss. Nova V-GATE attack prevention system protects servers providing VoIP communication against known and unknown attacks. It is the first domestic firewall preventing broader range of attacks compared to its international competitors and includes different detection and prevention methods for toll frauds.
Today communication service providers suffer from various attacks and fraud methods and Nova V-GATE detects and prevents these without any drop in voice traffic. The known threats are prevented with almost real-time signature and rule based algorithms, while unknown threats are detected and prevented with machine learning and statistical data analysis methods developed with the partnership Boğaziçi University. It’s simple and convenient interfaces, flexible alarm and integration competence and strong reporting skills assures service providers and corporate customers using Nova V-GATE that voice communication is performed securely and prevents revenue losses.
Some of the highlights of our solution are as follows:
V-GATE is a modular, transparent, high performance VoIP firewall aimed towards protecting VoIP systems from high costly, damaging attacks by preventing known and unknown application-layer attacks such as toll fraud, premium rate services, Dos/DDoS/TDoS, brute force, fuzzing.
The IDS will detect intrusion attempts made against the SIP Server and issue a detection result based on the thresholds and rules provided by the V-GATE Administrator via the V-GATE User Interface.
The IPS will generate an IPS rule based on the detection result generated by the IDS. This rule will be applied to all incoming calls, resulting in a reject or drop verdict based on the IDS rule. The V-GATE Administrator can modify and disable the verdict via the RESTful web-service interface. Depending on the IDS rule, the IPS is also able to terminate ongoing calls if required.
NOVA V-GATE has fuzzing detection and prevention module. Related detection methods can be configured from its WEB based User Interface.
Policy Controller module is designed to provide a rule based system in V-Gate to apply different firewall rules for SIP endpoints. This module has a web interface for creating firewall rules and making decision with created rule structures. Each Rule is defined to look for a specific source, destination, call direction, type of call, call attributes, and/or specific call times. A call must match all of the parameters in the Rule before it is considered to match the Rule. When all of the parameters of a Rule match, the module decides to allow or terminate.
Prevents DoS/DDoS attacks to SIP-based systems using SIP Methods including INVITE, REGISTER, OPTIONS, CANCEL, BYE.
SIP Anomaly Detection Module aims to prevent protocol specific attacks that can affect the SIP server protected by the V-Gate.
Generic group based profiling submodules aim to create IP or user based groups for applying firewall rules in a flexible manner. It will be used by modules such as sip anomaly detection, policy controller, IDS and fuzzing.