A Session Border Controller or SBC is a device that is deployed in SIP-based VoIP networks to protect and regulate communication sessions. In the early days of SBC, it was focused on the borders between service provider networks and controlling VoIP systems. Its role has expanded to regulating all forms of real-time communications, like video, text and other media.
Whether you’re a big corporation or a small business, an SBC is a vital element that’s recommended when using VoIP and SIP systems, to ensure network security and efficiency.
To understand what an SBC is and does, it’s best to break the terminology down into simple terms.
A ‘session’ refers to communication between two parties, typically a phone call. Each call is made up of two streams. The first stream consists of one or more signaling message exchanges that controls the call. The other is made up of one or more call media streams that carries the audio, video and data within the call, along with other information, statistics and quality of the exchange. Together, these streams make up a ‘session’. The SBC controls and supports the data flows of each call session.
A ‘border’ is the boundary between one part of a network and the other. The border allows information, calls and other media to flow from the internet into a network, while upholding security and filtering regulations. The SBC’s job is to assist with managing the flow of data across these borders.
Finally, a ‘controller’ is the part of the SBC that controls and influences data streams and sessions as they travel across borders and from one part of a network to another.
In simple terms, the SBC controls and regulates any form of communication that comes from the internet or an outside connection into your personal network.
The main reason Session Border Controllers are used within businesses is for security. SBC protects against hacking, cyber-attacks and any bad influence from outside the network. The SBC is essentially a more efficient and secure firewall. Where a firewall is in place for most general systems and networks, an SBC is specifically designed to protect your personal network. The SBC also encrypts data, signaling and media, preventing outside influences from monitoring your information and activity.
SBCs allow different parts of a network to communicate and share data with each other. An example of how SBCs do this is through SIP normalisation. A key role of an SBC is to mediate SIP communication between different devices, systems or gateways that use or ‘speak’ SIP differently. The SBC modifies (or normalises) and translates SIP signaling and messaging so everything is properly communicated.
The SBC implements the Quality of Service or QoS policy, that measures the performance of a service or network. The SBC regulates and prioritises rate limiting, traffic policing, call admission control and data flows that come into or go out of the network.
The newer version of the SBC regulates real-time communications, particularly media services. This includes supporting voice and video calls, data and fax interworking and media transcoding. Media transcoding is where the SBC translates between different codecs. Essentially, codecs convert voice and video signals for digital transmission. The SBC can translate these through transcoding, resulting in better sound quality and reducing network bandwidths. This in turn results in a better call experience for your colleagues and clients.
One increasingly common use for SBCs is in Direct Routing. which connects Microsoft Teams to the PTSN, or the Public Service Telephone Network. Not sure what Microsoft Teams is? It’s an internal communications tool from Microsoft which provides you with instant messenger, app integrations and document management.
Direct Routing uses a combination of SIP Trunking and SBC to connect the Teams system so it can be used as an official business phone system. This allows you to take advantage of cheaper call rates, better support and full flexibility to choose your own telephony provider.
Ultimately, SBCs are for anyone who uses IP technology, especially if you’re using SIP. We recommend any business, however big or small, that is installing phone systems to get an SBC.
As SBCs control the flow of data that comes in and out of networks, they can also limit the amount of data that is exchanged at one time, if you’re experiencing high call traffic. SBCs have speed limiting capabilities if too many calls are coming in or going out at the same time. For example, if there has been a recent power outage and your system is just coming back online, you may be bombarded with calls because of the time you’ve been offline.
The SBC handles congestion, where it slows your responses and incoming call flow, by forming your calls in a queue. It also decides a maximum number of inbound and outbound calls, to limit the amount of traffic at one time.
A firewall is a network security device that prevents unauthorised access to or from a private network and monitors incoming and outgoing traffic, based on security rules. Where a firewall differs from an SBC is how much it covers.
A firewall is focused on monitoring and controlling data from networks to networks, whereas an SBC can do this on a wider scale and through telephony systems, like SIP and VoIP. Firewalls have limited awareness to SIP signalling and programs, however an SBC is more sensitive to telephony systems and can translate and scan them. Simply put, a firewall is for more general network use and protection and an SBC is more developed and tailored to VoIP systems.
Yes and no. For added protection and better integration with VoIP systems, it’s best to have both a firewall and an SBC. Depending on how big your organisation is and if you use VoIP and SIP systems on a regular basis, SBC is essential and will provide extra protection alongside a firewall. However, if VoIP and SIP aren’t part of your everyday, you can get by with only using a firewall.
SBCs are used in select VoIP networks so if you have a VoIP system, chances are you already have an SBC. SBCs are often installed at a point between one part of a network and another and will be installed by your VoIP provider.