Public Relations
Asgent Announces Release of SIP-specific Security Device,
the "Applico SIP Firewall"
- with existing firewalls to achieve NAT traversal and greater security for SIP communications -
July 1st, 2004
Asgent,Inc.
(OTC No. 4288)
Asgent, Inc., (President & CEO: Takahiro (Shuji) Sugimoto, located in Nihonbashi, Chuo-ku, Tokyo), a pioneer in security solutions, announces the release of the "Applico SIP Firewall", a SIP-specific security device developed in collaboration with Applico Security, Inc. (U.S.-based subsidiary company; President: Arun Kant), and designed to work with existing firewalls to achieve NAT traversal and strengthen security for SIP communications.
The VoIP service market is currently expanding rapidly, with many companies considering implementing VoIP solutions. The most widely used VoIP protocol is SIP (Session Initiation Protocol). However, current firewalls face the following problems when using SIP over the Internet.
NAT traversal for SIP cannot be achieved.
Normally, firewalls perform NAT traversal by translating the IP address in the IP header. However, because SIP also describes IP addresses in the data section, this address cannot be translated and NAT traversal cannot be achieved.
SIP security cannot be maintained.
SIP header information is in text format and so it must be encoded to prevent eavesdropping or tampering. SIP uses TLS as it's default cryptographic technology, but existing firewalls don't support the TLS Encryption. Also, SIP is multifunctional, with file transfer, application sharing, remote access and chat functions as well as VoIP, meaning that a lack of restrictions on application usage can lead to severe security violations. However, existing firewalls do not have these security functions.
RTP packets cannot be controlled.
Because the port which RTP packets use varies, they cannot be controlled unless the SIP header is comprehended correctly. In order for existing firewalls to communicate, it is necessary to set aside the entire RTP port range. However, it is also necessary to dynamically control the ports in order to ensure security.
Consequently, there is a definite need for a product capable of solving these problems.
With these issues in mind, Asgent announces the release of the "Applico SIP Firewall", a SIP-specific security device designed to work with existing firewalls to achieve NAT traversal for SIP and greater security for SIP communications. The "Applico SIP Firewall" can check the entire SIP header, allowing not only for SIP NAT traversal but also comprehension and control of ports used by RTP packets. The "Applico SIP Firewall" also supports the TLS Encryption, making encoded SIP communication a reality. Moreover, corporations can use the content level SIP security control function, which controls SIP URI and MIME access, in order to control what type of SIP services (applications) they will permit. The "Applico SIP Firewall" controls all SIP communications while the existing firewall controls all non-SIP communications, ensuring efficient and secure communications. Also, the "Applico SIP Firewall" is easily installed in the DMZ without any need to change network configuration.
【Applico SIP Firewall】
Advanced NAT traversal for SIP
Security for SIP communications
Supports TLS Encryption
Ensures security at content level by using SIP URI and MIME security function to determine which application to permit.
Security for RTP packets
Checks ports in SIP message and controls ports that are used by RTP packets.
Can be used with existing firewalls, allowing for efficient use of existing assets.
Can be connected to the DMZ, no need to change network configuration.
Can link to external SIP servers with proxy function.
SIP Registrar , SIP Proxy function
Interface: 10/100 Base-T x 2
Size: 220 (W) x 255 (D) x 45 (H) mm
Proposed Sales Price ¥580,000 (tax exclusive)
Features:
Specifications
* All company names or product names are registered trademarks of their respective companies.
 |
 |
 |
 |
 |
 |
 |
 |
 |
IS 76150 / ISO (JIS Q) 27001 |
 |