How are session border controllers (SBCs) and firewalls different when it comes to VoIP communications? Where are...
SBCs placed in the network to ensure secure voice traffic?
Traditional firewalls are used to protect the data traffic on enterprise networks, while session border controllers provide voice-specific firewall protection for Voice over IP (VoIP) communications. SBCs are, in many cases, the first line of defense for IP-based voice networks, within the service provider networks and the enterprise network edge. Many of the techniques SBCs use, including deep packet inspection and network address translation, are also used by traditional firewalls. But there are also voice-specific defenses employed by SBCs to ensure the availability and quality of voice traffic. On top of that, security is just one of the functions of an SBC, which also handles media and protocol conversion, and unified communications (UC)-specific remote access.
Enterprise SBCs are typically placed on the enterprise network edge in the demilitarized zone (DMZ) between the organization's data network and the interface to the public or service provider network. VoIP access and SIP trunking services are either delivered on a dedicated connection or ride along with WAN and Internet services from the carrier network. Placing an SBC in the DMZ enables separation of the voice and data traffic, allowing the firewall and SBC to apply unique quality of service and protection of the respective voice traffic.
For more on session border controllers and VoIP communications:
- The importance of SBCs in UC architecture: Learn why SBCs are an overlooked, but vital, component of UC architecture.
- A learning guide to SBCs: Learn why SBCs play the role of traffic cop for IP telephony.
Do you have a question for Michael Brandenburg or any of our other experts? Ask your enterprise-specific questions today! (All questions are treated anonymously.)
SBCs are not a UC security silver bullet
SBCs: The good, the bad and the ugly
Dig Deeper on Unified Communications Security
Related Q&A from Michael Brandenburg
While the CPaaS vs. UCaaS debate might focus on overlapping features, the two technologies can be complementary, according to industry analyst ... Continue Reading
While an API deployment may seem like a small task, it can have a major effect on the network. IT groups should work with business units to monitor ... Continue Reading
Don't forget about SIP trunking services during your disaster recovery planning process. Networking expert Michael Brandenburg explains SIP trunking ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.