
	Home > Ask the Unified Communications Experts > UC Security Questions & Answers > Do session border controllers (SBCs) improve security at the level of VoIP traffic?

Ask The Unified Communications Expert: Questions & Answers

EMAIL THIS

Do session border controllers (SBCs) improve security at the level of VoIP traffic?

EXPERT RESPONSE FROM: Andrew Graydon

		Pose a Question

		Other Unified Communications Categories

		Meet all Unified Communications Experts
		Become an Expert for this site

Digg This!

StumbleUpon

Del.icio.us

QUESTION POSED ON: 09 November 2005
Do session border controllers (SBCs) improve security at the level of VoIP traffic? Or is it only useful for NAT/PAT features?

EXPERT RESPONSE

Session border controllers were originally designed to overcome an issue with VoIP traffic and firewalls. Many VoIP implementations, especially SIP-based ones require a large number of ports to be opened on a firewall. While they use specified ports for the signaling, the media is transported through ports dynamically assigned during the signaling process. This meant that the original firewall implementations required large ranges of ports to be opened for the media traffic, reducing their efficiency. SBC vendors designed their products to address this firewall deficiency allowing 'pinholes' in the perimeter to be dynamically assigned which reduces the security risk by taking care of the NAT/PAT.

However, SIP-enabled firewalls have addressed this deficiency, allowing VoIP implementations to utilize a standard firewall at the perimeter without an SBC. In response, many SBC vendors have increased the functionalities of their products, moving closer to the capabilities found in a SIP-based firewall and providing limited application layer security on top of a NAT/PAT solution. Full application layer security can be provided by a SIP-based firewall that provides full authentication and protection against both transport and protocol attacks. DOS, DDOS, impersonation, hijacking, SPAM/SPIT and other attacks can be prevented by utilizing this approach.

Digg This!

StumbleUpon

Del.icio.us

RELATED CONTENT

	UC Security
	Why is VoIP authentication essential?
	Traffic logging and VoIP encryption
	Criminal abuse of VoIP
	Alternative to keeping data and VoIP traffic on separate VLANs
	Will implementing VoIP increase our company's vulnerability to hackers and denial-of-service attacks?
	Can VoIP and firewalls work together for the greater security good?

VoIP Security

Security concerns for enterprise Skype

SIP tutorial

Unified communications security risks and countermeasures

Can outsiders access my VoIP line and gather confidential data?

Top VoIP Chapter Downloads of 2007

Best practices for instant messaging security

Top rated VoIP security tips of 2007

Voice over IPv6: Architectures for Next Generation VoIP Networks

VoIP vulnerability threatens data

How to Cheat at VoIP Security

RELATED GLOSSARY TERMS

Terms from Whatis.com − the technology online dictionary

vishing (SearchUnifiedCommunications.com)

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.

Browse our Expert Advice
Operating Systems IT Management Networking Database	Security Servers and Storage Applications and Development Career Center

Voice and Data Communications Tips

SEARCH

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.


TechTarget Corporate Web Site \| Media Kits \| Reprints \| Site Map All Rights Reserved, Copyright 2008, TechTarget \| Read our Privacy Policy