Juniper Networks has announced a network security solution designed to defend voice over IP (VoIP) systems from session initiation protocol (SIP)-based attacks.
The Dynamic Threat Mitigation solution brings Juniper's routers and intrusion detection and prevention (IDP) systems with its service deployment system (SDX) to create a single unified security solution. The solution mitigates SIP-based denial of service (DoS) attacks and worms by allowing enterprises and providers to identify and respond to them individually.
Juniper's IDP system identifies potential threats to the centralized IDP Manager, which generates requests for action to the SDX. The SDX invokes the appropriate response, applying rate limits and filters on traffic flows. In the event that the IDP system detects an actual infection, the SDX policy server can quarantine and notify the affected user, redirecting him to a captive web portal
"With more services being pushed across the IP network, it is essential to also maintain increased levels of security and control to ensure services delivered to the enterprise or residential customer are not compromised," Juniper Networks senior marketing manager of voice solutions Scott Heinlein said. "Juniper's combined use of intrusion detection and prevention with our service deployment system is a natural and very useful progression that provides threat protection to the edge without disrupting the customer's environment or installing new equipment at the customer location."
Juniper's Dynamic Threat Mitigation solution is being demonstrated today and tomorrow at the Internet Telephony Conference and Expo in Los Angeles. It requires Juniper's M-series or E-series router, IDP and SDX products, and is available today.