This article originally appeared in the Dec. 2011 issue of INTERNET TELEPHONY.
Deep packet inspection is a powerful way to protect not just SIP traffic, but also the network. Deep packet inspection is a form of computer network packet filtering that examines the data (or datagram) and UDP/TCP header part of a packet as it passes through an enterprise session border controller.
When SIP traffic reaches the E-SBC, the E-SBC searches it for non-protocol compliance, viruses, spam, intrusions or other criteria that’s been predefined to decide if the packet can pass through, or if it needs to be routed to a different destination. Also, the E-SBC can examine the packet for the purpose of collecting statistical information.
This is in contrast to shallow packet inspection (usually called just packet inspection), which only checks the UDP/TCP header portion of a packet. Shallow packet inspection is the kind of inspection commonly found in most NAT firewall devices.
An E-SBC with deep packet inspection capability can look at layers 2 through 7 of the OSI model. Since SIP is an application layer (layer 7) in the OSI model, these products have a unique ability to:
IDS/IPS also enables the E-SBC to block malicious SIP signaling packets designed to attack certain SIP phones, servers or other devices on the enterprise LAN. This secures the enterprise network, as the E-SBC handles the attacks while the servers and other SIP devices in the network can still be used.
Deep packet inspection will identify and classify the SIP traffic based on a signature database that includes information extracted from the data part of a UDP/TCP packet, providing extremely precise of control of any SIP traffic – finer than any classification based on header information only.
To find out more about Ingate, visit the company at ITEXPO East 2012 as they partner with TMC, thought-leaders and vendors in the space, to present Ingate's SIP Trunk UC Summit February 1-3, 2012 at the Miami Beach Convention Center in Miami, Fla. ITEXPO is the world’s premier IP communications event.
Stay in touch with everything happening at ITEXPO… Follow us on Twitter.