The most common consequence of this kind of
network attack are:
• VOIP service downtime
• The possibility of password stealing
  (SIP registration)
• Direct financial loss due to network unstabillity

  sipPROT prevent those scenarios from happening.

Advanced attack detection
To detect SIP attacks, sipPROT uses 
the following advanced detection techniques:
• Pattern recognition
• SIP Scanners protection
(immediately blocking known SIP scanners)
• TFTP brute force protection
• SIP protocol anomaly detection

How it works

sipPROT does constant LIVE SIP Traffic monitoring. 
After an attack is detected, sipPROT updates the firewall rules
and blocks IP addresses from which the attack is coming,
for a specific amount of time. If attacks stop in a certain
period of time sipPROT unblocks that IP addresses automatically.
This allows sipPROT to block attacks more efficiently then most other solutions.

Benefits
• Protects your network from intrusions
• Potects from SIP Scanner attacks
• Protects from SIP DoS attacks
• Prevents posible network destabilization
• Saves PBX resources by preventing attacks
• Protects your customers and your money

Database
sipPROT provides easy
access to informations like:
• List of IPs in Black list
• List of IPs in White list
• List of IPs blocked by sipPROT

Standard Features
• LIVE SIP Traffic Monitoring
• Advanced SIP register protection
(separate blocktime and hitcount values)
• SIP Invite protection
• Advanced detection technics
• Dynamically block/unblock IPs
• Configurable Black list of IPs
• Configurable White list of IPs
• Dynamic configuration
(no need to restart after any configuration change)
• Permanent block treshold