Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Session Border Controllers: Securing real-time communications

Pierre Jean Chalon, Vice President and General Manager, Asia Pacific, Sonus Networks | Nov. 4, 2014
Enterprises should leverage Session Border Controllers to protect the network and networked communications from IP-based attacks.

Over the last few years, enterprises have started to shift toward Unified Communications (UC) platforms that bring voice, video and data together, both as a richer user experience and as a more efficient network model using the Internet Protocol (IP) standard. However, these real-time communications present unique considerations in terms of security and delivery that require a more robust solution than those traditionally used for IP-based data communications such as firewalls.

While the positive aspects of moving to a unified, IP-based communications model are well known -- so too are the security risks that present themselves once an enterprise opens its real-time communications to the Internet. According to a study by IDC and the National University of Singapore, cyber security breaches are expected to cost enterprises in Asia Pacific nearly $240 billion in 2014 alone, and this figure continues to grow. 

To address these risks, networks require a new kind of security device known as a Session Border Controller (SBC), whose primary function is to protect the network and networked communications from IP-based attacks. Voice over IP (VoIP) networks face many of the same risks as data networks-DoS attacks, network hacking, spoofing-as well as new risks such as toll fraud. But while many enterprises rely on conventional network firewalls, security appliances and routers are not designed for real-time communications. Across all VoIP- related use case scenarios, only SBCs meet the requirements for the successful delivery of enterprise and contact center VoIP/UC services and applications. 

Although there are many reasons why an enterprise might want an SBC-SIP trunking, on-net routing, UC enablement-security is the primary reason to own one. In fact, a poll conducted by research firm Infonetics found that 88% of CIOs felt security was the most important function of an SBC. If an SBC did nothing but secure real-time communications and protect the network from SIP-based attacks, enterprises would recover their ROI quickly.

Below are the five most important reasons why you need an SBC if you're running voice or video over an IP network:

1. Keeping Communications Over the Internet Private
Just as unencrypted email can be opened and exploited, voice or video sessions over IP also require encryption and user authentication to protect them from prying eyes and ears.

An SBC can encrypt communications at a session level or encrypt all communications between two different secure network devices (e.g., two SBCs), creating a Virtual Private Tunnel for voice communications (also known as a Voice VPN). Encryption essentially "locks" each IP packet transmitted during a voice or video session, which can only be opened with a special key provided to the specific, trusted endpoint. SBCs use different encryption standards, including IPsec and Transport Layer Security (TLS) to encrypt signaling information, and the Secure RTP (SRTP) standard to encrypt the media (or contents). The importance of encryption is growing as more employees work outside of the traditional office, resulting in more communications that traverse external (and non- secured) networks such as the Internet. Encryption allows these communications to safely travel over the Internet and other external networks (e.g., public WiFi networks) without being exposed to third parties.

 

1  2  3  Next Page 

Sign up for CIO Asia eNewsletters.