What is an SBC?
IP communications systems have increasingly become a critical part of business and consumer communications. As a result, they are being targeted by fraudsters, trolls and hackers, requiring a comprehensive security solution. A Session Border Controller (SBC) manages the risks of extortion, intrusion and theft of services.
Watch this companion video for more details.
An SBC is a network function that sits between two SIP networks at the network border, providing SIP connectivity. The main functions of SBCs are intrusion detection & security, back to back user agent (B2BUA) and routing.
Within a voice network, SBCs can be used for SIP-aware security, resolving SIP incompatibility issues, converting media formats, facilitating call recording, measuring voice/ video quality, call routing, and billing.
An SBC is different from a firewall. Firewalls typically cannot understand the complex connection between SIP and RTP messages. Likewise, an SBC is different from a SIP server. SIP servers don’t have a B2BUA and have no media handling security.
A key feature of an SBC is topology hiding, where an application in a private network with private IP addresses is not exposed to the outside world by substituting IP addresses. This will prevent intrusion, the attack or mapping of the private network.
SBCs are used to prevent DoS/ DDoS (Denial of Service) attacks, attempts to attack the network through probes or bots. The SBC detects and deflects, limiting the frequency of attempts to a reasonable amount that the application can handle and thus continue to operate.
SBCs also work with encryption demarcation, making it easier to diagnose problems and alleviate work that the application servers might have to do to decrypt. For media services SBCs can be used for codec conversion, a modulation of tones and announcements, legal intercept function and voice quality measurement. SBCs route the SIP traffic between two applications, servers or clouds.
With the emergence of the e-SBC (enterprise SBC), the SBC protects the enterprise’s network at a lower cost than the Service Provider SBC. SBC deployment models include COTS, virtualized, virtualized network function and cloud.
In the past, SBCs were on specialized purpose-built hardware platforms, using proprietary appliances. Today the trend is towards deploying SBCs in the cloud. This software-centric, low up-front cost solution allows you to “pay as you grow” with a variety of platform choices and operating systems.
TelcoBridges offers FreeSBC, a software package that can be downloaded for a 90 day trial with full ProSBC features. After which, should the user wish to keep the premium ProSBC features, payment follows a subscription plan.
In the video above we cover:
- The risks to IP communication systems
- Why an SBC is not the same as a firewall
- Why an SBC is not the same as a SIP server
- The growing needs of a voice network
- SBC role in topology hiding
- SBC role in DoS/DDoS/ Intrusion Prevention
- NAT Traversal
- SBC role in media services
- SIP interoperability
- SBC role in traffic management and routing
- How an SBC works
- Use cases – peering, access, redundancy, CPaaS provider
- Emergence of the e-SBC
- The changing economics
- SBCs back in the day
- SBC deployment models