An SBC acts a router between the enterprise and carrier service, allowing only authorized sessions to pass through the connection point (border). The SBC defines and monitors the quality of service (QoS) status for all sessions, ensuring that the callers can actually communicate with each other and that emergency calls are delivered correctly and prioritized above all other calls. An SBC can also serve as a firewall for session traffic, applying its own quality of service (QoS) rules and identifying specific incoming threats to the communications environment.
SBCs are inserted into the signaling and/or media paths between calling and called parties in a VoIP call, predominantly those using the Session Initiation Protocol (SIP), H.323, and Media Gateway Control Protocol (MGCP) call-signaling protocols.
The term “session” refers to a communication between two parties – in the context of telephony, this would be a call.
The term “border” refers to a point of demarcation between one part of a network and another.
The term “controller” refers to the influence that SBCs have on the data streams that comprise sessions, as they traverse borders between one part of a network and another.
SBC major features:
- SBC can act as a SIP firewall
- SBC can do call admission control
- SBC can perform network addresses translation (NAT)
- SBC can adapt to different SIP messages forms
- SBC can do call recording using software
- SBC can do transcoding (H.323/SIP, G.729/G.711, IPv6/IPv4, SRTP/RTP, TLS offloading)
- SBC can route SIP sessions (ingress/egress point for SIP trunks)
Sonus SBC can do the followings in terms of security:
- IP Trunk Groups
- Call Admission Control
- Rate Limiting
- Access Control Lists
- Traffic Policing
- IPsec
- Topology Hiding
- Split DMZ
- TLS Signaling
- SRTP
- Firewall/NAT
- DoS/DDoS Protection
- SIPS
- Dynamic Blacklisting
- Rogue RTP Protection
- Encrypted Communication
- Malformed Packet Protection