Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Session Border Controllers: Securing real-time communications

Pierre Jean Chalon, Vice President and General Manager, Asia Pacific, Sonus Networks | Nov. 4, 2014
Enterprises should leverage Session Border Controllers to protect the network and networked communications from IP-based attacks.

Authentication is the process of verifying a user's identity. In the case of IP communications, this is often done by cross-referencing a device's IP address against a known database of users/subscribers. SBCs have methods in place for detecting spoofing, which is when an endpoint tries to alter its true identity (a practice common among email spammers).

2. Protecting Your Network from Intrusion/Attacks
As with IP data networks, hackers will often use IP-voice and video networks to look for unsecured entry points into your network. This is a growing concern as enterprises consolidate networks, because it means that someone can enter the network through more devices (e.g., smartphones) and exploit the weakest part of the network. For example, a hacker could exploit an unprotected IP PBX through their smartphone to gain access to credit card information stored on the corporate data network. By shielding the IP PBX from the external world, an SBC makes it "invisible" to unauthorized users.

In addition to targeted attacks, enterprises are also subject to blanket DoS and DDoS attacks that seek to disrupt communications. Why would someone want to flood a network with 10,000 VoIP calls at the same time? In some cases, to look for unsecured ports and holes in network security. The damage of DoS attacks is very real, especially for companies that rely on communications for their revenue. Consider a DoS attack mounted against a call center during its busy period; the lost revenue and added customer frustration can quickly end up costing an enterprise tens of thousands of dollars.

The difficulty of tracking DoS attack sources makes the crime more appealing. Fortunately, SBCs are capable of recognizing and blocking DoS and DDoS attacks within a matter of seconds, using a mixture of rules-based policies and call admission control (CAC) features.

3.Preventing Toll Fraud
An SBC's policy capabilities also play a key role in preventing toll fraud. Toll fraud is not a widespread problem insofar as the majority of toll fraud originates from and is targeted to those nations where telecommunications are less regulated. Simply using an SBC to enforce a policy that blocks a high number of long-distance calls to/from these nations can significantly reduce the potential for toll fraud with minimal effort.

As the network gatekeeper, an SBC is ideally suited to intercept and reject fraudulent long-distance calls. The SBC "inspects" each SIP signaling packet that enters the voice network, which includes the origination and destination of the call as well as the ID of the device forwarding the request (e.g., an IP softswitch or another SBC). Using this information, an SBC can quickly identify abnormal or suspicious call activity and drop or block the calls based on specific policy rules.

 

Previous Page  1  2  3  Next Page 

Sign up for CIO Asia eNewsletters.