A Session Border Controller is a dedicated network element used to control real-time communication calls/sessions over SIP (Session Initiation Protocol) based VoIP (Voice over Internet Protocol) infrastructures. It protects & governs the IP communication flows, or in simplified terms, governs the manner in which calls are initiated, conducted & terminated over the VoIP network. Furthermore, it secures enterprises and service provider’s RTC infrastructure.
Now, before buying a Session Border Controller, one must ask a few very important questions like:
Does it support ‘Fraud Detection and Monitoring System’? How does that system work?
Yes, an SBC software supports fraud detection & monitoring system. The VoIP world is very vulnerable, and there are multiple frauds & VoIP attacks that can be carried out on any network. A few of the most common cyber-attacks include service theft & fraud, spoofing, denial-of-service attacks, registration storms, etc. Now, an SBC employs various techniques to protect enterprises from these cyber-attacks, including
Media & Signalling Encryption, which prevents unauthorized parties from tampering with a real-time communication session. It basically provides an authentication mechanism to verify the identity of a client.
Topology Hiding, a B2BUA (Back-to-Back User Agent) system makes sure all the media & signal traffic goes through SBC and hides the topology, or architecture, of the network which makes client’s IP addresses invisible & less vulnerable to the attack.
Dynamic Pinholing, allows an application to access the IP network. SBC creates programmed pinholes & opens them for a short period that a session is active. Thereby, minimizing security exposure.
List Monitoring SBC’s policy monitoring system monitors income requests & calls, uses rules to identify people who are & aren’t abusing network resources, and maintains a list like Whitelists, Blacklists & Greylists.
What kind of ‘Intelligent Call Routing’ does it do, and how?
The robust policy engine in an SBC enables enterprises & service providers to implement intelligent call routing policies in larger deployments. It provides centralized policy control of localized policies to automatically propagate the set routing & policy rules globally, across multivendor networks from a single management point. It enables organizations to manage & implement hundreds of policies. And, saves them millions of dollars annually in toll charges, for example, by routing calls based on least-cost network or loss-less routing paths, as well as by avoiding transferring calls to external public networks, whenever possible.
How SBC perform as expected under real-world network traffic loads?
All SBC vendors advertise the best of figures for their product, which have been quoted only after measuring their respective performances under stringent circumstances. But what really matters is how an SBC performs under real-world network traffic load. Generally, they do perform as expected under real-world traffic loads. But we must also take into consideration that each enterprise has its own mix of traffic. So, to really be sure of SBC’s performance, it must be deployed in the live network load representing the right mix of traffic in the network. And, only then will we know its real power to handle that enterprise’s network load.
Does it come integrated with Real-time billing software, and how does that software work?
Yes, it integrates with real-time billing software. A lot of SBCs nowadays already have a billing software integrated with their SBC, usually their own brand. But, one can always buy a separate software and integrate it with their session border controller.
A real-time billing software works by communicating with the elements of the communication network, provides its nodes for authorization & authentication, and accumulates all the billing events data, which primarily consists of services rendered to customers. Now, based on this information, it further performs rating for the services, creates records and modifies customer balances accordingly. And, all this happens in real-time, so billing data is updated in real-time. Real-Time billing software is a unified platform for multiple services like VoIP calling, messaging, data transfer, etc.
How SBC Protect Against Denial-of-Service (DOS) Attacks?
SBC is ideally placed at the border of the network to keep malicious cyber-attacks from happening. Now, one of the most common cyber-attacks is denial-of-service (DoS) or Distributed denial of service (DDoS) attack. A session border controller software protects against such attacks by:
• Dynamic Firewall Management
• Bandwidth Management
• Call Rate Limiting
• Line Rate Speed Processing
In some cases, an SBC includes a built-in firewall or, in other cases, command or control the firewall remotely so that it can do some trimming by controlling the port numbers that are being used. SBC manages this firewall dynamically by overlooking the SIP sessions to grant access to those UDP ports for that session. Along with this, it manages, blacklists or white lists to keep fraudulent IPs at bay.
Then, it also does bandwidth management by contemplating the network bandwidth. It understands the amount of traffic expected by calls per second on the available bandwidth, thereby deflecting some of the bad traffic or the traffic received above & beyond the expected call leg. To pull off all this work, it’s critical that the Line Rate Speed Processing of the SBC is at the maximum, for it to quickly look at the packets of data/information received as fast as possible & either accept or reject & respond to them accordingly. This Line Rate Speed Processing is very important for an SBC to maintain its efficiency & keep these attacks from happening.
Will the SBC interoperate with different network elements?
The open standards adopted by the VoIP & IMS architectures allow service providers to create the best of networks for themselves, by combining different network elements from different vendors. Although there are pre-defined industry-standard protocols for the VoIP industry. Equipment vendors do instate their proprietary extensions that may or may not fully support all the network elements. So, whether an SBC interoperates with all the network elements can be surely testified. Once it’s been tested against real-time traffic to ensure end-to-end calls are going through the broad range of vendor equipment.
What is the Downtime of SBC? And, what is Plan B in case of any failure?
In the computing world, ‘Downtime’, commonly referred to as ‘High Availability’ is the ability of a system or system component to be continuously operational for a desirably long period of time. Such systems have redundant hardware & software that makes them available despite system failures. At the time of failures, the failover process moves processing performed by the failed component to the backup component. This process remasters the system-wide resources, restores the system to normal, & recovers partial or failed transactions, preferably within a matter of microseconds. The more transparent this failover is to users, the higher the availability the system has.
Will service providers require multiple platforms for running a VoIP wholesale business?
The service provider doesn’t require any additional platform for running its VoIP wholesale business. An SBC along with a class 4 Switch is enough to run all the tasks without ever needing anything else. REVE SBC comes integrated with REVE Billing that will take care of all the billing related tasks. The service provider doesn’t need to buy a VoIP billing software additionally. REVE SBC provides a single platform for buying & selling of wholesale SMS, Voice & Mobile Top-Up, which makes running the wholesale VoIP Business easy to run.
If your chosen SBC vendors have managed to answer all these questions to your satisfaction, then it is the right choice. And, Finally, it is the Session Border Controller for your business!