VoIPguard VoIP Intrustion Prevention System

By: Voipshield  09-12-2011
Keywords: Voip, Voice over IP, Voice Over

VoIPguard™ is the industry's first Enterprise VoIP Intrusion Prevention System (VIPS) with comprehensive protection for Voice over IP systems from the leading VoIP vendors.  VoIPguard  provides effective protection against known and new attacks aimed at compromising the security of VoIP networks.

By deploying VoIPguard, enterprises, carriers and service providers can:

  • maintain VoIP quality of service, reliability and security at the levels comparable to existing circuit-switched voice
  • protect against known and zero-day attacks and threats
  • assure VoIP networks are in compliance with internal and government regulatory agencies

The VoIPguard VIPS uses a combination of signature-based and anomaly-based inspection methods to stop attacks before they penetrate your VoIP network.  The signature database is constantly updated through the VoIPshield Update service, so VoIPguard is always able to detect the most recently-discovered exploits.  Years of research by VoIPshield Laboratories, the research division of VoIPshield Systems, has yielded the industry's most comprehensive database of known attack signatures.  These attacks are specific to VoIP, and therefore cannot be detected and stopped by traditional data security products.

The VoIPguard appliance is easily deployed in-line, and can either actively modify or passively monitor the voice traffic flow, all under user control.  It protects a VoIP PBX/softswitch from specific attacks originating from external sources through SIP/H.323 trunks or from internal users utilizing hard and soft-phones.

Network attacks can be only be stopped with certainty if their signatures are known.  No matter how many gigabits of data the IPS can process, without knowing what to look for it is not able to stop the attacks.  This is why traditional data security systems are not effective for VoIP.  Public domain knowledge of VoIP threats is minimal, so few signatures exist.  VoIPshield Labs Security Research Group has conducted extensive VoIP security research and has created the industry's largest database of VoIP-specific signatures.  These signatures are used to precisely detect VoIP security threats and block them before they inflict damage, minimizing the time and costs associated with security breaches.

Previously undiscovered attacks that are not covered by the VoIPshield signature database are stopped by VoIPguard's unique zero-day detection module.  It uses proprietary anomaly based and behavioral based detection technology to catch malicious activity.


  • Multiple detection techniques including rule based detection engine utilizing extensive set of VoIP specific signatures and behaviour related events. Zero-day detection module provides signatureless anomaly detection and blocking/throttling for both standard (SIP, H.323, RTP) and proprietary (Skinny, UNISTIM) based VoIP solutions.
  • Web-based interface allows for authorized access to the system from any location.
  • Three operational modes -
    • Stealth VIPS with packet drop
    • VIPS with packet rejection
    • Intrusion Detection mode (passive)
  • Flexible security events aggregation. Based on the event frequency only a single instance of the same event is presented. It significantly lowers overall number of the same events that user have to analyse.
  • Rules and signatures management allows the system administrators precisely manage signatures to comply their security policies.
  • Zero-day anomaly detection engine with three predefined modes for precise balance between protection and false/positives.
  • Intuitive user interface for signature management. It provides an easy way for tuning VoIPguard signature configuration to match user requirements. Signatures are logically divided into groupings based on the vendor and type of attacks. Extensive descriptions including severity, technical, detailed description, potential impact and attack vector are provided for all signatures.
  • Historical reporting including long-term security event trends, top 5 attack sources, top 5 exploit destinations and top 5 mitigated exploits. In addition a user can easily change the time periods for all these reports providing added flexibility in analysing historical trends and events. All the information is presented in tabular and graphical formats.
  • Real-time reporting provides both exploit and event reporting. Rich in details these reports give the operator at-a-glance view of the current security events and exploits blocked by VoIPguard with the wealth of data needed to quickly assess frequency and impact of the attacks and exploits. Sophisticated filtering capabilities provide users with quick way to focus on most important information without the need to analyse thousands of irrelevant events. All the information is available in tabular and graphical formats.
  • User and group management allows the system administrator efficiently control access to the VoIPguard resources and functionality
  • Advanced signature and software update functionality keeps the signature database in synch with VoIPshield signature database that is being constantly updated reflecting the latest research results from world leading VoIPshield Research Lab.
  • Full featured on-line Help.
  • High Availability and Redundant hardware configuration are available for mission critical environments.


  • Comprehensive protection against VoIP specific threats and attacks. VoIPguard™ provides accurate and reliable protection of VoIP infrastructure from internal and external security attacks.
  • Highest detection rate. Industry most extensive database of VoIP specific signatures and rules constantly updated by world-class VoIP security research team. The zero day attacks are detected and stopped by behaviour detection engine.
  • Easy to use. Web based user interface provides all the necessary functionality to configure, administer and monitor VoIPguard™ appliance.
  • Always up-to-date. Controlled updates to VoIPguard™ rules and signatures through VoIPshield update mechanism.
  • Easy access to vital information. Comprehensive real-time log viewer and extensive reporting provide all the information needed by IT security and telecommunication staff to keep VoIP network secure.



Keywords: Research Division, Voice Over, Voice over IP, Voip, Voip Networks, VOIP SECURITY,

Other products and services from Voipshield


VoIPmonitor PBX Monitoring | VoIPshield Systems Inc

VoIPmonitor empowers VoIP PBX administrators to forward selected events in real-time to destinations such as in-house Network Operations Centers, Network Management Systems and Operational Support Systems without impacting the existing local administration processes. Sophisticated event filtering enables the administrators to choose the events that matter to them minimizing the impact on the NMS/OSS and network bandwidth.


VoIPshield Products | VoIPshield Systems Inc

In addition, many new protocols and products make up the VoIP infrastructure, which traditional security products and approaches are not designed to protect. VoIP networks and devices are vulnerable to unique security threats and exploits, because of the real-time nature of the traffic. VoIPshield Systems has developed the most comprehensive solution for Voice over IP Security on the market.


VoIPaudit Vulnerability Assessment and Penetration Testing

VoIPaudit is a VoIP/UC vulnerability assessment tool that offers an easy-to-use Web interface combined with all the back-end functionality required to proactively identify, track and assist in the remediation of security vulnerabilities found in VoIP/UC systems from the leading vendors.