Sipera Systems secured $13.2 million more in Series B funding this month as Sequoia Capital joined initial backers Austin Ventures and STAR Ventures as investors in the new voice-over-IP security company.

This latest funding brings Sipera's total to $19.5M and will help the company expand operations and extend its VoIP security solution to wireless operators. Investors are calling VoIP security a new product category. Sipera jumped into the category earlier this month with the introduction of its IPCS 310 product and followed up with this second round of funding.

The company was founded in 2003 and is headquartered in Richardson, Texas. It currently has 62 employees.

The product is a pure security solution for real-time IP communications applications such as VoIP, instant messaging, video and multimedia. As a network device it protects both the infrastructure and end-users from malicious, application-specific attacks and service abuse.

Although the IPCS 310 sits in the network, it poses no danger of being a point-of-failure. Nor is it subject to attack. The device is not IP addressable and employs a bypass system that re-routes traffic even if the box fails.

Sipera uses various methods to identify vulnerabilities and prevent attacks. The main strategy is to learn the traffic and usage patters of users within an enterprise and those who call them. The company has built a catalogue of thousands of vulnerabilities that exist within session initiation (SIP), unlicensed mobile access (UMA) and IP multimedia subsystem (IMS) protocols.

"We use a lot of the good techniques developed through the years for the data side, but we also have a very comprehensive understanding of the actual VoIP protocols and that's why we will be successful in the market," said Micaela Giuhat, vice president of product line management at Sipera.

One of is primary techniques is behavior learning. Once the equipment is installed in the network it starts learning the behavior of users within the company deploying the technology. It studies calling patterns of users as well as calls coming into an enterprise. It then builds trust scores, or credibility scores, to each internal and external user.

Whereas many enterprises deploy separate solutions for firewalls, intrusion prevention and detection, denial-of-service and anti-spam, Sipera's box is a comprehensive solution. It protects against attacks on both infrastructure, such as fuzzing, reconnaissance, flood and distributed flood, and on users such as misuse, session anomalies, stealth and spam.

During its two years in development, Sipera has identified thousands of attacks for SIP-, UMA-, and IMS-based networks.

"We scrub the protocols. We scrub the headers and the body of the SIP packets and make sure there is nothing anomalous that can create buffer overflow in, say, an IP PBX," Giuhat said.

Users also have the ability to contribute to the learning process through feedback and creating black and white lists that allow or deny certain callers.

The IPCS 310 supports 1000 users and has 100 Mb/s throughput using two links and scales to 5000 users through daisy-chaining.