“SIP用例”的版本间的差异

来自最权威最新完整开源SIP,语音通信,融合通信中文技术文档资料,提供详细的Asterisk Freepbx, FreeSBC, 免费会话边界控制器,网关,语音板卡,IPPBX,SBC配置资料-asterisk,freepbx,freesbc 用户手册 界面配置,呼叫路由,IVR, 网关对接,拨号规则,SIP 分机呼叫,pjsip, IVR, 录音, CDR, 队列呼叫,振铃组,CLI 命令中文资料手册
跳转至: 导航搜索
(创建页面,内容为“'''SBC usecase overview''' * [ Why SBC] ** [ Real Time IP Communications are Complex] ** [ Security and Fraud] ** [ Standard Firewalls are not enough] * [ Ent...”)
(没有差异)

2015年11月11日 (三) 21:50的版本

SBC usecase overview

  • [ Why SBC]
    • [ Real Time IP Communications are Complex]
    • [ Security and Fraud]
    • [ Standard Firewalls are not enough]
  • [ Enterprise Security Threats]
    • [ Denial of Services]
    • [ Theft of service / Fraud]
    • [ BYOD]
  • [ Firewall is not enough]

 


 

Sangoma SBC acts as the interface between 2 SIP networks:

  • Solve firewall and NAT issues
  • Normalize and fix SIP messaging
  • Register with SIPtrunking provider
  • Hide Network Topology
  • Secure SIP and Voice (TLS, SRTP)
  • Codec Conversion (Transcoding)

 

Why SBC

Real Time IP Communications are Complex

  • Sessions initiated from inside or outside firewalls – NAT
  • QOS is needed to provide voice quality over internet
  • Interoperability problem between vendors

Security and Fraud

  • State full session security
  • Media security and encryption
  • Session Limits: call per second, max calls per user
  • Intrusion detection and prevention

Standard Firewalls are not enough

  • Unlike firewalls SBC maintains session state
  • SBC opens pin holes for ports associated with the session
  • The firewall will close and reopen different port numbers breaking the session
  • SBC inspects, controls and manipulates all network layers: 2 to 7
  • The firewall only works on layer: 2 to 4 (IP/TCP)

Enterprise Security Threats

Denial of Services

  • Call/registrationoverlaod
  • Malformed messages (fuzzing)
  • Configuration errors
  • Mis-configured devices
  • Operator and applicatoin errors

 

Theft of service / Fraud

  • Unauthorized users
  • Unauthorized media types

BYOD

  • Smartphones running unauthorized apps
  • Viruses and Malware  attacks your VoIP network

Firewall is not enough

Traditional firewalls cannot:

  • Prevent SIP-specific overload / SIP DOS
  • Open/Close RTP media ports in sync with SIP signaling
  • Track session state and provide uninterrupted service
  • Perform inter-networking  or security on encrypted sessions
  • Solve multi-vendor SIP interoperability
  • Topology Hiding

 

SBC do all of the above.