查看“SIP用例”的源代码

'''SBC 用例介绍'''

Sangoma SBC 作为一个介于两个网络之间的接口:

* 解决防火墙和NAT问题
* 规范和修复SIP消息
* 通过运营商使用SIP中继注册
* 网络拓扑隐藏
* 提供对SIP和Voice(TLS,SRTP)安全保护
* 编码转换
http://wiki.freepbx.org/download/attachments/49578352/sbc-overview%5B1%5D.png


'''为什么使用SBC'''

'''实时IP通信越来越复杂'''

* SIP会话从内网或者外网发起，可能有NAT问题。
* QOS 是非常必要的
* 厂家之间的兼容性问题需要解决

'''Security and Fraud'''

* State full session security
* Media security and encryption
* Session Limits: call per second, max calls per user
* Intrusion detection and prevention

'''Standard Firewalls are not enough'''

* Unlike firewalls&nbsp;SBC&nbsp;maintains session state
* SBC&nbsp;opens pin holes for ports associated with the session
* The firewall will close and reopen different port numbers breaking the session
* SBC&nbsp;inspects, controls and manipulates all network layers: 2 to 7
* The firewall only works on layer: 2 to 4 (IP/TCP)

'''Enterprise Security Threats'''

'''Denial of Services'''

* Call/registrationoverlaod
* Malformed messages (fuzzing)
* Configuration errors
* Mis-configured devices
* Operator and applicatoin errors

&nbsp;

'''Theft of service / Fraud'''

* Unauthorized users
* Unauthorized media types

'''BYOD'''

* Smartphones running unauthorized apps
* Viruses and Malware &nbsp;attacks&nbsp;your VoIP network

'''Firewall&nbsp;is not enough'''

Traditional firewalls cannot:

* Prevent&nbsp;SIP-specific overload /&nbsp;SIP&nbsp;DOS
* Open/Close&nbsp;RTP&nbsp;media ports in sync with&nbsp;SIP&nbsp;signaling
* Track session state and provide uninterrupted service
* Perform&nbsp;inter-networking &nbsp;or security on encrypted sessions
* Solve multi-vendor&nbsp;SIP&nbsp;interoperability
* Topology Hiding

&nbsp;

SBC&nbsp;do all of the above.

&nbsp;

&nbsp;