Solved

what are session border controllers

Posted on 2014-12-08
3
131 Views
Last Modified: 2014-12-15
Hi,
I was reading about sip and rtp. But couldnt understand what a session border controller is. How they help in solving rtp firewall issue.
Also i read that they protect network from dos (denial of service attack) . whats a dos and how does sbc help prevent them

Thanks
0
Comment
Question by:Rohit Bajaj
  • 2
3 Comments
 
LVL 56

Accepted Solution

by:
Cliff Galiher earned 500 total points
ID: 40486846
Different vendors define SBCs differently, and not all have the same features.

But in general, one thing all SBCs have in common is that they sit at a network's edge (hence "border"), can read inside SIP packets and understand the SIP protocol...not just the port but actual SIP messages (hence "session"), and can modify IP addresses within the message, open ports dynamically as necessary for audio or video (such as those needed for RTP streams), close ports after a session ends, and filter unwanted SIP messages from ever reaching the SIP endpoint (hence "controller.")  

Some offer denial-of-service protection, QoS, and other advanced features, but not all SBCs do so. Some are written specifically for SIP while others can operate as a more generic firewall and/or router, but have SIP specific functionality. As I said, each vendor is different in this regard.

-Cliff
0
 

Author Comment

by:Rohit Bajaj
ID: 40487564
Hi
What exactly is a dos and qos?
0
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 40487880
DoS is the acronym for "denial of service."  That is *exactly* what it sounds like.  ANYTHING that denies service is a DoS attack. If I have a very fast internet connection and you have a very small one, I can literally just throw enough data at you that...unless you call your ISP and get them to block me at their end...I saturate your connection. That is one type of DoS.  Another type is if I see you are running apache and I know of a bug that can make your server crash. I am not flooding your network connection at all. I am just exploiting a bug with almost no data at all. But your server crashes and your service is now denied.

A DoS attack can take many many forms. There is no single quick answer here. But if an attacker can prevent you from getting service, or if they can block you from providing service, then it is...by definition...a DoS attack. And nobody is 100% immune. Just look at the recent Sony PlayStation and Xbox Live outages that the Lizard hacker group has claimed responsibility for. Those were (presumably) DoS attacks.

QoS stands for Quality of Service. And that usually comes in if you have a smaller pipe and want to make sure phone call traffic takes higher precedence than web browsing. Or if you  want to make sure any call to or from the boss's phone number takes precedence over other numbers. QoS is implemented a variety of ways, but it all boils down to a set of rules to decide whether a packet gets passed along or dropped in the event of conjestion...hence ensuring "quality" of the higher priority services.

-Cliff
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Hey there Heard about jingle, the add on for XMPP that enables point to point audio between two XMPP clients. No server config necessary. Actually quite a cool feature. However, how good is it if you can not use those voice capabilities to do a P…
As companies replace their old PBX phone systems with Unified IP Communications, many are finding out that legacy applications such as fax do not work well with VoIP. Fortunately, Cloud Faxing provides a cost-effective alternative that works over an…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now