Ask the SIP Trunk Expert

The Importance of E-SBCs

By Steven Johnson, President, Ingate Systems, Inc.  |  November 01, 2011

This article originally appeared in the Nov. 2011 issue of INTERNET TELEPHONY.

At ITEXPO (News - Alert) I participated in an engaging panel on the role of enterprise session border controllers in unified communications and SIP trunk deployments.

 E-SBCs sit at the edge of the enterprise network to provide control over the SIP traffic.  They serve as a crucial element in enabling SIP deployments for SIP trunking, UC and more.

In today’s environment, an E-SBC is often used to normalize the SIP signaling between the IP PBX (News - Alert) at the customer site and the service provider’s network.  Normalization allows what are commonly different implementations by the service provider and enterprise to communicate seamlessly. There is no need to conduct extensive trial and error to get the two systems to work together, with the E-SBC two networks can be connected in a matter of minutes. This also gives more choices to the enterprise when selecting a service provider, and permits the service provider to interact with more IP PBXs than would be possible otherwise.

E-SBCs resolve NAT traversal issues by securely permitting SIP signaling and related media to traverse the enterprise firewall. Without this function, most companies would have one-way audio only.

Additionally, an E-SBC will enable disaster recovery, rerouting SIP traffic to a secondary office to keep business up and running. The E-SBC can also shift traffic to alternate service providers, or load balance to multiple PBXs on the customer’s network.

Quality of service is another important role of the E-SBC, especially as high-bandwidth applications such as video become more popular.

On the security side E-SBCs are the first line of defense. They can provide authentication (which some IP PBXs do not natively support) and encryption. Deep packet inspection protects against buffer overflow attacks, denial of service attacks, sophisticated intrusions and a small percentage of worms that fit within a single packet.

Intrusion (News - Alert) detection/prevention detects DoS attacks based on SIP, and blocks malicious SIP signaling packets designed to attack certain SIP phones, servers or other devices on the LAN.

E-SBCs are an essential element in delivery SIP real-time communications to enterprises.  Whether the organization is using SIP for unified communications or only for voice, the benefits of the E-SBC are numerous.

Steven Johnson is President of Ingate Systems (News - Alert), Inc. To read more of Steven’s articles, please visit his columnist page.

Edited by Stefania Viscusi