In the VoIP communication system, SBC is vital to NAT transversal on media and it enhances the security of the entire VOIP communication system.
The reason why enterprises prefer to build IP communication system by themselves is that they want to acquire the flexible of implement and business development. For example, long-distance access and mobile working could be realized via the broadband network. However, the security risks are hidden in the IP communication system which has flexible and rich business.
When the communication system access the IP telephone terminal via external Internet, it most likely to become a virus spread, DoS / DDoS attacks, illegal users to counterfeit the launch and access points.In addition to the traditional VPN, firewall, IPS, IDS and so on, SBC can be an effective means to enhance the security of IP communications system.
Hide the topology of the core network and the internal network
SBC acts as a proxy between user terminals and core devices such as IP-PBX, softswitch., and provides security for real-time sessions. External terminal equipments access to the core network and the core network topology is not visible to the terminal via SBC. So it effectively hides the core network and the internal network of the enterprise topology, to prevent its attack, improves the security of the entire network architecture.
User registration and IP address binding
The user information (user name, calling number and domain name) and IP addresses can be bound by SBC so that the users can register and prevent the terminal from roaming according to the binding rule when the user registers. The user registration address can also be handed over to the core control equipments, the core control equipments to determine whether to allow users to register.
The firewall function could be provided by SBC
SBC provides a session-based dynamic firewall function, supports time-based ACLs, and flexible configuration of ACL rule effective time. It also provides a blacklist function, which is quickly filtered the original IP address of the packet, which shields the packets sent by the specific IP address of the blacklist entry to prevent illegal intrusion.
Signaling DoS Attack Prevention
SBC provides anti-signaling message DoS attack function, in the event of signaling packets DoS attacks can still guarantee the maximum use of normal users, but also to prevent false source IP address signaling packets DoS attacks and prevent IP address fixed of the signaling message DoS attack, you can directly discard the bad signaling messages, reduce the pressure on the soft exchange processing. To protect the entire VoIP communication system stable operation.
SYnway SBC500, an organic component of communication solution, often is implemented as connection point between internal and external networks, being used for bridging IP-based multimedia transmission among different IP network and ensuring communication security in networks of enterprises, services providers and carriers.
Basic Features and Functions
QOS/ TOS/DSCP setting
Support IPV4、IPV6 and VPN
Transmission speed limit
Redundancy and Backup