SlideShare a Scribd company logo

SBC: Do I really need it?

Bangladesh Network Operators Group
Bangladesh Network Operators Group

This document discusses the importance of Session Border Controllers (SBCs) for Voice over Internet Protocol (VoIP) networks. It outlines how SBCs provide session control, security, interoperability, and demarcation. SBCs help protect against various VoIP threats like denial of service attacks, spoofing, and toll fraud. They can filter traffic, authenticate users, and enforce policies to secure VoIP infrastructure and services. The document also compares SBCs to traditional firewalls and explains how SBCs can better handle real-time multimedia communications.

Related slideshows

Labmeeting - 20150211 - Novel End-to-End Voice Encryption Method in GSM System
Labmeeting - 20150211 - Novel End-to-End Voice Encryption Method in GSM SystemLabmeeting - 20150211 - Novel End-to-End Voice Encryption Method in GSM System
Labmeeting - 20150211 - Novel End-to-End Voice Encryption Method in GSM System
 
SlingSecure Mobile Voice Encryption
SlingSecure Mobile Voice EncryptionSlingSecure Mobile Voice Encryption
SlingSecure Mobile Voice Encryption
 
Voice encryption for gsm using arduino
Voice encryption for gsm using arduinoVoice encryption for gsm using arduino
Voice encryption for gsm using arduino
 
1 of 23
Download to read offline
SBC: Do I really need it? Prepared by: Md. Abul Bashar Azad abazad@office.bdcom.com
Bangladesh Safe home for foreign VOIP frauds RAB arrested 37 Chinese and Taiwnese nationals and seize (Dhaka tribune 2014 ) BTRC asks telcos to check call spoofing (prothomalo 2016) BTRC alerts mobile users to frauds (https://www.thedailystar.net 2016) bKash fraud gang members run amok (Observerbd.com 2018) Challenge in Telecom industry? FBI finds Philippine hackers Compromised AT&T network and used their phone systems to call others long distance phone number. AT&T losses of up to $2.0 million (November 2011) Massive DDoS attacks a growing threat to a VoIP service. It crashes TelePacific VoIP system. Average 34 million SIP traffic VoIP connections requests in 1 day and flooding their systems (March 2011)
IP-Telephony Service scenario in Bangladesh Who is used 1.Indevisual person 2. Bank and financial institute 3. University 4. Airline industry 5.Ecommarce site 6. others 24 active IPTSP (Sipix.bdix.net) Technology used 1. IP Phone 2. Callcenter 3. IP-PABX 4. Hosted service
Fact of VOIP business According to the Global Loss Survey 2013 of the communications Fraud Control Association (CFCA) Through illegal voice over internet protocol (VOIP) Bangladesh government yearly losses tk130 billion revenue annually (dailyasianage.com 2017) The global telecom industry annual losses of $46.3 Billion due to toll fraud
Abuse Methods in telecom industry 12.00% 10.00% 10.00% 7.00% 6.00% 0.00% 2.00% 4.00% 6.00% 8.00% 10.00% 12.00% 14.00% PBX Hacking Subscription Fraud VoIP Hacking Dealer Fraud Identity Theft Top 5 Emerging Fraud Methods Communications Fraud Control Association survey report
So Security is utterly eminent indispensable
What is sip trunk? Session Initiation Protocol (SIP)  Controls multimedia communication sessions such as voice, instant messaging, video, etc.  Many types of devices - computers, phones, video equipment, etc. - can exchange data over SIP  SIP is considered a quality protocol with flexibility to support integrated voice & data communications SIP Trunk  Virtual voice channels (or paths) over an Internet Protocol (IP) network  One SIP trunk can support many direct inward dial (DID) extensions
SIP TRUNK
What is SBC? Session Border Controller A Session Border Controller (SBC) is a dedicated hardware device or application that governing calls on a VOIP network. It’s allowing only authorized session pass through the connecting point.
Which Reasons you need to SBC? Session Control Security Interoperability Demarcation Call admission control, routing, Billing, NAT Encryption, Authentication, Policy, Firewall , VoIP Fraud SIP -SIP,-1 H323-sip, DTMF relay and interworking, Voice Transcoding Fault Isolation, Topology Hiding, Session Border
Session Control  Check available Bandwidth  Call limit set  Policy
Session Control • Class 4 rouging: • Internal Routed database • Load share Database • Priority routing • Lest cost routing • Or custom routing • Radius AAA • Authentication, Authorization, • Accounting Billing and Routing
• Session troubleshooting • Live call analysis • Call test • Call recording • Live wireshark analysis Session Control
Block sip port trunk not registered Open port trunk registered and hacker make money SBC Protect The Attack SBC protect your traffic Security Demarcation
SBC Security Threat Protection Sip firewall IP firewall SBC Intrusion Detection Sip rate limit UDP Threats UDP Flood RTP Threats RTP spoofing SIP Threats SIP Invite spoof IP Threat IP Spoofing ICMP Threat ICMP flood TCP Threat Scan attack– TCP port Log or block failed sip request Block service Allow service SBC has been pre- configured with a set of known attacks Prevent DOS type attack If limit cross Dynamic block IP
Firewalls Comparison SBCs vs. Firewalls • Back-to-back user agent • Fully state-aware at  layers 2-7  Inspects and modifies any application layer header info (SIP, SDP, etc.)  Can terminate, initiate,  re-initiate signaling & SDP  Static & dynamic ACLs • Maintains single session • Fully state-aware at  layers 3 & 4 only  Inspects and modifies only application layer addresses (SIP, SDP, etc.)  Unable to terminate, initiate, re- initiate signaling & SDP  Static ACLs only SBC
SBCE AdvancedFirewall IP-PBXIDS / IPS Layer 3 attack Layer 4 attack SBCE Standard OS attack Application attack SIP protocol fuzzing SIP denial of service/distributed denial of service SIP spoofing SIP advanced toll fraud (call walking, stealth attacks) Media Replication Signaling/Media Encryption Segment of VoIP Security
SBC interoperability Connect every call Connect every call 1. Connect sessions even with miasmas 2. Less route retries call ASR increase 3. Connect session even no common codec 4. Establish more calls to improve ASR
SBC Demarcation Demarcation 1. Fault Isolation and dynamic black list 2. Topology hiding
SBC Cover your business size ? High capacity up to 60000 current session handle with media RTP Swift handle inbound and out bound call Minimize delay on call setup Reduce call drop
Telephony Service Provider Future Diagram
SBC: Do I really need it?
Thank You

More Related Content

SBC: Do I really need it?

  • 1. SBC: Do I really need it? Prepared by: Md. Abul Bashar Azad abazad@office.bdcom.com
  • 2. Bangladesh Safe home for foreign VOIP frauds RAB arrested 37 Chinese and Taiwnese nationals and seize (Dhaka tribune 2014 ) BTRC asks telcos to check call spoofing (prothomalo 2016) BTRC alerts mobile users to frauds (https://www.thedailystar.net 2016) bKash fraud gang members run amok (Observerbd.com 2018) Challenge in Telecom industry? FBI finds Philippine hackers Compromised AT&T network and used their phone systems to call others long distance phone number. AT&T losses of up to $2.0 million (November 2011) Massive DDoS attacks a growing threat to a VoIP service. It crashes TelePacific VoIP system. Average 34 million SIP traffic VoIP connections requests in 1 day and flooding their systems (March 2011)
  • 3. IP-Telephony Service scenario in Bangladesh Who is used 1.Indevisual person 2. Bank and financial institute 3. University 4. Airline industry 5.Ecommarce site 6. others 24 active IPTSP (Sipix.bdix.net) Technology used 1. IP Phone 2. Callcenter 3. IP-PABX 4. Hosted service
  • 4. Fact of VOIP business According to the Global Loss Survey 2013 of the communications Fraud Control Association (CFCA) Through illegal voice over internet protocol (VOIP) Bangladesh government yearly losses tk130 billion revenue annually (dailyasianage.com 2017) The global telecom industry annual losses of $46.3 Billion due to toll fraud
  • 5. Abuse Methods in telecom industry 12.00% 10.00% 10.00% 7.00% 6.00% 0.00% 2.00% 4.00% 6.00% 8.00% 10.00% 12.00% 14.00% PBX Hacking Subscription Fraud VoIP Hacking Dealer Fraud Identity Theft Top 5 Emerging Fraud Methods Communications Fraud Control Association survey report
  • 6. So Security is utterly eminent indispensable
  • 7. What is sip trunk? Session Initiation Protocol (SIP)  Controls multimedia communication sessions such as voice, instant messaging, video, etc.  Many types of devices - computers, phones, video equipment, etc. - can exchange data over SIP  SIP is considered a quality protocol with flexibility to support integrated voice & data communications SIP Trunk  Virtual voice channels (or paths) over an Internet Protocol (IP) network  One SIP trunk can support many direct inward dial (DID) extensions
  • 9. What is SBC? Session Border Controller A Session Border Controller (SBC) is a dedicated hardware device or application that governing calls on a VOIP network. It’s allowing only authorized session pass through the connecting point.
  • 10. Which Reasons you need to SBC? Session Control Security Interoperability Demarcation Call admission control, routing, Billing, NAT Encryption, Authentication, Policy, Firewall , VoIP Fraud SIP -SIP,-1 H323-sip, DTMF relay and interworking, Voice Transcoding Fault Isolation, Topology Hiding, Session Border
  • 11. Session Control  Check available Bandwidth  Call limit set  Policy
  • 12. Session Control • Class 4 rouging: • Internal Routed database • Load share Database • Priority routing • Lest cost routing • Or custom routing • Radius AAA • Authentication, Authorization, • Accounting Billing and Routing
  • 13. • Session troubleshooting • Live call analysis • Call test • Call recording • Live wireshark analysis Session Control
  • 14. Block sip port trunk not registered Open port trunk registered and hacker make money SBC Protect The Attack SBC protect your traffic Security Demarcation
  • 15. SBC Security Threat Protection Sip firewall IP firewall SBC Intrusion Detection Sip rate limit UDP Threats UDP Flood RTP Threats RTP spoofing SIP Threats SIP Invite spoof IP Threat IP Spoofing ICMP Threat ICMP flood TCP Threat Scan attack– TCP port Log or block failed sip request Block service Allow service SBC has been pre- configured with a set of known attacks Prevent DOS type attack If limit cross Dynamic block IP
  • 16. Firewalls Comparison SBCs vs. Firewalls • Back-to-back user agent • Fully state-aware at  layers 2-7  Inspects and modifies any application layer header info (SIP, SDP, etc.)  Can terminate, initiate,  re-initiate signaling & SDP  Static & dynamic ACLs • Maintains single session • Fully state-aware at  layers 3 & 4 only  Inspects and modifies only application layer addresses (SIP, SDP, etc.)  Unable to terminate, initiate, re- initiate signaling & SDP  Static ACLs only SBC
  • 17. SBCE AdvancedFirewall IP-PBXIDS / IPS Layer 3 attack Layer 4 attack SBCE Standard OS attack Application attack SIP protocol fuzzing SIP denial of service/distributed denial of service SIP spoofing SIP advanced toll fraud (call walking, stealth attacks) Media Replication Signaling/Media Encryption Segment of VoIP Security
  • 18. SBC interoperability Connect every call Connect every call 1. Connect sessions even with miasmas 2. Less route retries call ASR increase 3. Connect session even no common codec 4. Establish more calls to improve ASR
  • 19. SBC Demarcation Demarcation 1. Fault Isolation and dynamic black list 2. Topology hiding
  • 20. SBC Cover your business size ? High capacity up to 60000 current session handle with media RTP Swift handle inbound and out bound call Minimize delay on call setup Reduce call drop
  • 21. Telephony Service Provider Future Diagram