SBC usecase overview

Owned by Nathaniel Halbrooks
Dec 28, 2023
1 min read

Sangoma SBC acts as the interface between 2 SIP networks to:

  • Solve firewall and NAT issues

  • Normalize and fix SIP messaging

  • Register with SIP trunking provider

  • Hide Network Topology

  • Secure SIP and Voice (TLS, SRTP)

  • Codec Conversion (Transcoding)

 

Why SBC

Real Time IP Communications are Complex

  • Sessions initiated from inside or outside firewalls – NAT

  • QOS is needed to provide voice quality over internet

  • Interoperability problem between vendors

Security and Fraud

  • State full session security

  • Media security and encryption

  • Session Limits: call per second, max calls per user

  • Intrusion detection and prevention

Standard Firewalls are not enough

  • Unlike firewalls SBC maintains session state

  • SBC opens pinholes for ports associated with session

  • Firewall will close and reopen different port numbers breaking the session.

  • SBC inspects, controls and manipulates all network layers: 2 to 7

  • Firewall only works on layer: 2 to 4 (IP/TCP)

Enterprise Security Threats

Denial of Services

  • Call/registration overlaod

  • Malformed messages (fuzzing)
    Configuration errors

  • Mis-configured devices

  • Operator and applicatoin errors

Theft of service / Fraud

  • Unauthorized users

  • Unauthorized media types

BYOD

  • Smartphones running unauthorized apps

  • Viruses and Malware attacking your VoIP network

Firewall is not enough

Traditional firewalls cannot:

  • Prevent SIP-specific overload / SIP DOS

  • Open/Close RTP media ports in sync with SIP signaling

  • Track session state and provide uninterrupted service

  • Perform internetworking or security on encrypted sessions

  • Solve multi-vendor SIP interoperability

  • Topology Hiding

 

 

SBC do all of the above.

Return to Documentation Home I Return to Sangoma Support