• head_banner_03
  • head_banner_02

VoIP Security

• What is Session Border Controller(SBC)

A Session Border Controller(SBC) is a network element deployed to protect SIP based voice over Internet Protocol(VoIP) networks. SBC has become the de-facto standard for telephony and multimedia services of NGN / IMS.

Session Border Controller
A communication between two parties. This would be a call’s signaling message, audio, video, or other data along with information of call statistics and quality. A point of demarcation between one part of
a network and another.
The influence that session border controllers have on the data streams that comprise sessions like security, measurement, access control, routing, strategy, signaling, media, QoS and data conversion facilities for the calls they control.
Application Topology Function
sbc-p1

• Why do you need an SBC

Challenges of IP Telephony

Connectivity Issues

Compatibility Issues

Security Issues

No voice / one-way voice caused by NAT between different sub-networks.

Interoperability between SIP products of different vendors is unfortunately not always guaranteed.

Intrusion of services, eavesdropping, denial of service attacks, data interceptions, toll frauds, SIP malformed packets would cause big losses on you.

sbc-p2
sbc-p3
sbc-p4

Connectivity Issues
NAT modify private IP to external IP but can’t modify application layer IP. Destination IP address is wrong, therefore can’t communicate with endpoints.

sbc-p5

NAT Transversal
NAT modify private IP to external IP but can’t modify application layer IP. SBC can identify NAT, modify IP address of SDP. Therefore obtain correct IP address and RTP can reach endpoints.

sbc-图片-06

Session Border Controller acts as a proxy for VoIP traffics

sbc-图片-07

Security Issues

sbc-p8

Attack Protection

sbc-p9

Q: Why Session Border Controller is needed for VoIP attacks?

A: All behaviors of some VoIP attacks conform to the protocol, but the behaviors are abnormal. For example, if the call frequency is too high, it will cause damage to your VoIP infrastructure. SBCs can analyze the application layer and identify user behaviors.

Overload Protection

sbc-p10
sbc-p11

Q: What causes traffic overload?

A: Hot events are the most common trigger sources, such as double 11 shopping in China (like Black Friday in USA), mass events, or attacks caused by negative news. A sudden surge of registration caused by data center power failure, network failure is also a common trigger source.
Q: how does SBC prevent traffic overload?

A: SBC can sort traffics intelligently according to user level and business priority, with high overload resistance: 3 times overload, business won’t be interrupted. Functions like traffic limitation/control, dynamic blacklist, registration/call rate limiting etc. are available.

Compatibility Issues
Interoperability between SIP products is not always guaranteed. SBCs make the interconnection seamless.

sbc-p12
sbc-13

Q: Why do interoperability issues occur when all devices support SIP?
A: SIP is an open standard, different vendors often have different interpretations and implementations, which can cause connection and
/or audio issues.

Q: How does SBC solve this problem?
A: SBCs support SIP normalization via SIP message and header manipulation. Regular expression and programmable adding/deleting/modifying are available in Dinstar SBCs.

 

SBCs ensure Quality of Service (QoS)

sbc-p16
sbc-p17

Management of multiple systems and multimedia is complex. Normal routing
is difficult to deal with multimedia traffic, resulting in congestion.

Analyze audio and video calls, based on user behaviors.Call control
management:Intelligent routing based on caller,SIP parameters,time,QoS.

When IP network is unstable, packet loss and jitter delay cause bad quality
of service.

SBCs monitor the quality of each call in real time and take immediate actions
to ensure QoS.

Session Border Controller/Firewall/VPN

sbc-p16
sbc-p17