eBooks, Guides, & Reports • 9 MIN READ

A complete guide to Session Border Controllers

IR Media

Written by IR Media

info@ir.com

In the rapidly advancing world of real-time communication, organizations no longer rely only on voice calls as their primary form of communication. Now, there are many components to the Unified Communication and Collaboration (UCC) ecosystems. These include video conferencing, desktop sharing, instant messaging, presence management and team collaboration.

All these elements working together flawlessly requires a signalling protocol, called Session Initiation Protocol (SIP). SIP initiates and terminates a communication session, which could be a video conference between a team, or a voice call between two people. It does this by sending messages in the form of data packets between two or more IP endpoints, or SIP addresses.

SIP identifies the presence of the other parties, establishes the connection, and closes it when the session is finished, but has no control over what happens during the connection.

While SIP is a powerful and integral part of real-time communications, there are challenges including the implementation between various vendors, and security issues involved when moving data across the internet, and this is where Session Border Controllers (SBCs) come in.

What is a session border controller used for?

An SBC is deployed at the network perimeter - or border - to control and secure an SIP by admitting (or denying), then directing communications between multiple parties and devices.

Session border controllers are designed to control communication that navigates through an organization or service provider IP network. A session border controller also handles all the signalling and media functions required to make SIP work seamlessly.

How a session border controller works

The main functions of a session border controller are to manipulate IP communications signaling and media streams. SBCs provide a variety of functions including:

Security

  • protection against Denial of Service (DoS) and Distributed DoS (DDoS) attacks
  • safety against toll fraud and service theft
  • media and signalling encryption to maintain privacy and protection against impersonation or tampering with a session.

Interoperability between multivendor - A session border controller normalizes signalling stream headers and messages to moderate any multivendor incompatibilities.

Protocol interworking – A session border controller enables interconnection between various different protocols and codecs, like SIP to H.323 – or g.711 to g.729.

Quality of Service (QoS) – A session border controller enforces call admission (or denial) policies, Type of Service (ToS) marking or rate limiting for service quality assurance.

Session Routing – A session border controller routes sessions across network interfaces, ensuring high availability or least cost routing.

Benefits of a session border controller

Not incorporating an SBC as part of a Unified Communications and Collaboration (UCC) infrastructure is an oversight that can leave systems open to security risks and cost an organization time and money. So here are some of the benefits:

Connectivity – A session border controller connects a company’s UCC platform to the internet, hosted Private Branch Exchange (PBX) service providers, and/or a private network. SBCs can be used to route phone traffic through internal IPs rather than traditional circuit phone networks, so calls are routed much faster, alleviating the need for traditional, individual phone lines.

Quality – A session border controller improves call quality and enhances ease of use. The PBX can be located on the LAN with a private IP address. An SBC normalizes hosted PBX signalling between the PBX and the service provider, providing signification routing capabilities.

Interoperability & Consistency- Integration of a session border controller can help with quality consistency, alleviating missed or dropped calls, poor call quality, or both. SBCs also ensure interoperability of VoIP and video devices, testing VoIP lines, monitoring call quality, and more.

Mitigation – Session border controllers use pattern analysis to flag unusual activity. This could include the unusual surge of traffic during a DoS attack, where an overwhelming amount of traffic from a single IP address or a number of machines are simultaneously trying to make requests from the same server. A DoS attack can cause serious downtime and bring an entire network to it knees. As DoS attacks are often accompanied by malware, when an SBC mitigates a DoS attack it also ensures critical protection from dangerous malware.

Safety – Once a session border controller identifies a potential threat, it can rapidly block the problem, notify the Central Processing Unit (CPU) of the details and implement the protocols to counteract it. An SBC can even notify a business’s other locations of the threat, to warn of similar breaches.

Security – Hackers are continually evolving their attempts to breach security measures. SBC vendors provide an extra layer of protection by renewing their protocols just as regularly with patches and updates to keep UC systems safe.

Session border controller features and functionality

A session border controller does much more than control security. There are several other features and functions, including:

Normalizing Session Initiation Protocol (SIP) – As we’ve already learned, SIP is the primary protocol that establishes and finishes connections between two endpoints. While SIP is a communications standard implemented by the Internet Engineering Task Force (IETF), actual implementations are left up to individual engineers and vendors. This results in systems often lacking interoperability, or using different ‘dialects’ – in other words, they don’t communicate with one another. A session border controller detects and normalizes mismatching SIP dialects so that the call can continue seamlessly and without disruption.

Media transcoding – Another job of a session border controller is to transcode codecs. Codecs are the encode/decode algorithms that compress voice and video streaming signals across a UC network. Low and high bandwidth video and voice codecs work differently on computers and tablets, dedicated VoIP phones and mobile smartphones. So if an organization’s PBX switch supports one specific codec, and an incoming call is using a different codec, an SBC will understand both codecs. In real time and in both directions, an SBC will transcode between the two codec types as the call passes through it.

Bandwidth restrictions – Calls made outside of 4G or even 3G coverage – or limited WiFi connections can be of poor quality. There are codecs available that can compromise by trading fidelity and audio/video quality for greater compression, therefore using less bandwidth. An SBC sitting between networks recognizes this situation and transcodes to and from lower bandwidth codecs when necessary.

Premises-based/outsourced SBC or SBCaaS?

To decide which option is most suitable for any organization depends on the company’s philosophy on in-house management, outsourcing and use of cloud services.

Session border controller on premises/outsourced

Where the SBC remains onsite, a company may choose to have it installed and managed by IT teams in house. However, this option may overload busy IT staff, require additional hardware, and prevent them from focusing on more strategic endeavours. Outsourcing to a service provider can be an option. Increasingly however, providers are moving towards the virtual SBC model, where they can handle it from their cloud environment.

Session Border Controllers as a Service (SBCaaS)

As many companies are choosing the option of having less hardware to manage on premises, SBCaaS is a good fit for companies using more cloud-based services. It means that IT teams can utilize the benefits of virtualizing servers, storage and other infrastructure. Those benefits include faster deployment, higher utilization rates, ease of management and scalability, resulting in lower overall operating costs.

Session border controller trends

Global Session Border Controller (SBC) Market 2019 Industry Research Report is a professional and in-depth study on the current state of the global session border controller industry.

In recent months, we’re seeing remote working now becoming the norm rather than the exception, and the 3CX SBC is a popular High Availability (HA) clustering solution that creates a secure tunnel to connect remote IP phones to your PBX.

SBCs are mission-critical for enterprises and service providers. As such, you need to work with a vendor who has the experience and expertise to deliver a resilient, high availability solution with a low to zero failure rate. Whether you’re deploying an SBC as an appliance or in a virtual cloud solution, your SBC vendor needs to understand what you need for success. To find out more about SBCs and their role in your UC network, download Session Border Controller for Dummies.

Summary

The modern unified communications (UC) ecosystem is often comprised of complex, multi-vendor systems, and its efficient operation relies on the compatibility and communication between all the moving parts - including session border controllers.

Now that we’ve established that SBCs are one of the many elements that keep your unified communications environment working seamlessly, it’s important to add that monitoring and troubleshooting is vital for every element of your UCC infrastructure.

IR Prognosis provides end-to-end support and visibility across all SBCs and media gateways, including Cisco, AudioCodes SBC, Oracle SBC, Sonus SBC and more. Get the support you need to effectively monitor, troubleshoot and optimize SBCs, and deliver seamless, reliable and high-quality customer and remote working interactions.

Topics: Communications eBooks, Guides & Reports

Subscribe to our blog

Stay up to date with the latest
Communications, Payments and HP Nonstop
industry news and expert insights from IR.

We're committed to your privacy. IR uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our privacy policy.