Q

Do session border controllers (SBCs) improve security at the level of VoIP traffic?

A SearchEnterpriseVoice.com member asked, "Do session border controllers (SBCs) improve security at the level of VoIP traffic?" Get the expert answer and advice on SBCs here.

Do session border controllers (SBCs) improve security at the level of VoIP traffic? Or is it only useful for NAT/PAT features?

Session border controllers were originally designed to overcome an issue with VoIP traffic and firewalls. Many

VoIP implementations, especially SIP-based ones require a large number of ports to be opened on a firewall. While they use specified ports for the signaling, the media is transported through ports dynamically assigned during the signaling process. This meant that the original firewall implementations required large ranges of ports to be opened for the media traffic, reducing their efficiency. SBC vendors designed their products to address this firewall deficiency allowing 'pinholes' in the perimeter to be dynamically assigned which reduces the security risk by taking care of the NAT/PAT.

However, SIP-enabled firewalls have addressed this deficiency, allowing VoIP implementations to utilize a standard firewall at the perimeter without an SBC. In response, many SBC vendors have increased the functionalities of their products, moving closer to the capabilities found in a SIP-based firewall and providing limited application layer security on top of a NAT/PAT solution. Full application layer security can be provided by a SIP-based firewall that provides full authentication and protection against both transport and protocol attacks. DOS, DDOS, impersonation, hijacking, SPAM/SPIT and other attacks can be prevented by utilizing this approach.

This was first published in November 2005

Dig deeper on VoIP QoS and Performance

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchMobileComputing

SearchNetworking

SearchTelecom

SearchITChannel

SearchEnterpriseWAN

SearchExchange

Close