BorderWare has unveiled a new application-level firewall, SIPassure, which it claims is the first firewall to protect against Voice over Internet Protocol (VoIP) security exploits.
As the take-up of VoIP increases, individuals or businesses that reply on VoIP for all of their phone calls potentially leave themselves open to being cut off from an inconsistent service from the ISP and potentially malicious hack attacks. SIPassure hopes to address the latter.
Announcing the product at the annual DEMO conference in the US, the SIP-based technology is designed to protect VoIP communications from hackers, spoofers, phishers and other malicious threats.
With VoIP proving attractive to both consumers and businesses (nearly one out of five US Internet users saying they are likely to upgrade their traditional phone service to VoIP), industry vendors and researchers have begun to sound the alarm bells that VoIP is vulnerable to a number of potentially disastrous security exploits.
“With SIP, your firewall is like a Swiss cheese,” says Jean-Louis Previdi, senior vice president and research director, EMEA Meta Group. “For SIP to work effectively, you have to open all ports of the firewall, so the protocol can browse and choose a port to initiate a session, which compromises security.”
In response, vendors have formed the VoIP Security Alliance (VOIPSA) to raise awareness, offer research and product security testing.
“As the VoIP revolution unfolds, users need to be aware of the many exploits that could compromise their next Internet call,” says Chris Shipley, DEMO executive producer.
“BorderWare’s VoIP security technology guards against many of the pitfalls associated with the adoption and deployment of this new communications technology. BorderWare’s SIPassure has the potential to make VoIP a safe option for everyone,” he adds.
BorderWare claims to protect users against Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks that can eat up large amounts of bandwidth in a VoIP network.
There’s also security against eavesdropping and “man-in-the-middle” attacks that allows hackers to become part of a VoIP call without the communicating parties knowing someone is listening.
The software also offers protection from Call Redirection, which enables a hacker to automatically call-forward a connection to their system as well as providing protection against Malicious Calling, VBombing and VoIP Spam, which are attacks that flood the receiver with hundreds of false voice mails within seconds.
Finally, SIPassure also claims to keep users safe Fake Caller ID, in which a hacker can masquerade as a trusted person making legitimate voice calls to an unsuspecting patron.
John Alsop, Chairman, BorderWare explains the risks:
“While the industry works to secure voice communications at the transport layer with VPN-type encryption, hackers are developing tools that attack Internet calls at the application layer, gaining unauthorized access to a VoIP connection.”
“To protect VoIP communications at the application layer you need a SIP firewall that is able to authenticate the user attempting to make a connection and to provide systems administrators with the ability to easily set and enforce their VoIP security policies.”