How are session border controllers (SBCs) and firewalls different when it comes to VoIP communications? Where are...
SBCs placed in the network to ensure secure voice traffic?
Traditional firewalls are used to protect the data traffic on enterprise networks, while session border controllers provide voice-specific firewall protection for Voice over IP (VoIP) communications. SBCs are, in many cases, the first line of defense for IP-based voice networks, within the service provider networks and the enterprise network edge. Many of the techniques SBCs use, including deep packet inspection and network address translation, are also used by traditional firewalls. But there are also voice-specific defenses employed by SBCs to ensure the availability and quality of voice traffic. On top of that, security is just one of the functions of an SBC, which also handles media and protocol conversion, and unified communications (UC)-specific remote access.
Enterprise SBCs are typically placed on the enterprise network edge in the demilitarized zone (DMZ) between the organization's data network and the interface to the public or service provider network. VoIP access and SIP trunking services are either delivered on a dedicated connection or ride along with WAN and Internet services from the carrier network. Placing an SBC in the DMZ enables separation of the voice and data traffic, allowing the firewall and SBC to apply unique quality of service and protection of the respective voice traffic.
For more on session border controllers and VoIP communications:
- The importance of SBCs in UC architecture: Learn why SBCs are an overlooked, but vital, component of UC architecture.
- A learning guide to SBCs: Learn why SBCs play the role of traffic cop for IP telephony.
Do you have a question for Michael Brandenburg or any of our other experts? Ask your enterprise-specific questions today! (All questions are treated anonymously.)
SBCs are not a UC security silver bullet
SBCs: The good, the bad and the ugly
Dig Deeper on Unified Communications Security
Related Q&A from Michael Brandenburg
Making sure VoIP bandwidth is sufficient can be difficult when the network is shared with non-mission critical apps. Expert Michael Brandenburg ...continue reading
There is no one-size-fits-all approach to SIP. Networking expert Michael Brandenburg explains how to choose between a decentralized and centralized ...continue reading
How do you decide between SIP trunking and hosted telephony? Expert Michael Brandenburg explains how organizations can determine if SIP trunking or ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.