Session Border Controllers – The Standard for VoIP Security

By Mac McCarver

In the Unified Communications (UC) market, you hear a lot about the future because Voice over IP (VoIP) is the direction communication is headed.

It wasn’t too long ago that the FCC was conducting experiments in rapidly transitioning entire communities from PSTN lines to VoIP telephone service. In 2016, the VoIP market was valued at almost $100 billion, but in 2024, it’s projected to approach almost $200 billion as more businesses adopt VoIP services. In other words, there are more people than ever before using VoIP telephone systems, and as more people adopt VoIP, the appeal to hackers of compromising these systems only grows.

IP networks transmit a lot of data, and data is currently the most valuable resource in the world. Luckily, there is protection against this threat: proper implementation of a session border controller (SBC).

What is a Session Border Controller?

To understand what a session border controller is, you first need to understand what a session is. In IP telephony, a session is the collection and transmission of packets of signal data and media streams. In a two-way conversation, there are two sessions: one for Alice and one for Bob. The border is the point where one network ends and the other begins, such as between your business’ Local Access Network (LAN) and the Internet. So when one session transmits packets of voice data, it leaves that phone system’s LAN and enters the global Internet before reaching the other party’s LAN.

What a session border controller does is sit at the border of these transmissions like a stalwart security guard and decide, based on many factors, how to route incoming data. This is why a session border controller is referred to as a back-to-back-user-agent (B2BUA); it intercepts all VoIP traffic and manages its transmission path in the PBX network.

This is essential. The flexibility and efficiency of transmitting communications over the Internet allow for a greater spectrum of possibility while also saving money. But being more accessible brings security issues that didn’t exist with the inefficient end-to-end network management found in the PSTN. And a session border controller addresses these new concerns, closing the window of opportunity for digital burglars.

Why Your Phone System Needs a Session Border Controller

As stated above, the most pressing need that a session border controller answers is network security. When a hacker is trying to co-opt a VoIP transmission to access the other party’s network, their efforts are foiled by the session border controller that terminates their stream with each packet and replicates it on the other side of the network border. This keeps information about the network, including topology, private.

But the network is not the only thing kept safe by a session border controller. It also protects the integrity of your outgoing voice data packets. Traditionally, encryption is done with software, such as Transport Layer Security (TLS) or Secure Real-Time Transport Protocol (SRTP). With a session border controller, encryption is performed on a hardware-level by the controller, freeing up server bandwidth and helping boost call quality.

Besides security, a session border controller can play a number of other roles to boost the performance of a phone system. One great example is fostering interoperability. A session border controller can ensure interoperability between different SIP codecs and equipment. This allows a system to utilize hardware from different vendors, saving money and making system scaling easier.

Find Out More about Session Border Controllers

This brief overview just scratches the surface of what a session border controller can do and why it would benefit your organization’s phone system. To learn more about the function of session border controllers with practical use case examples, download our free whitepaper!

Related Posts

No Comments Yet

Get the conversation started!

Add to the Discussion

Your email address will not be published. Required fields are marked *

About the Author

Mac McCarver

Mac McCarver is the Content Creation Manager at Digium. His chief responsibility in this role is the creation of engaging content for distribution on all of Digium’s platforms. He graduated with honors from the University of North Alabama with a BA in English Literature. For his efforts, he was selected for membership in Sigma Tau Delta, the international honor society for distinguished achievement in English language, literature, and writing.

See All of Mac's Articles