SBC vs. SIP Server – What is the difference?

by Alan Percy, Senior Director of Product Marketing at TelcoBridges

The question came early and often during our participation at Astricon 2018 in Orlando.  “What’s the difference between an SBC and a SIP Server like Kamailio or OpenSIPs?”   Reminding us that in our world of telecom jargon, sometimes we need to stop and explain what we are talking about.

Let’s step back for a moment to look at the big picture.  When deploying SIP-based applications like Asterisk or FreeSWITCH, at some point, there is a need to divide the call load amongst multiple servers (physical or virtual).  Possibly because of traffic or simply to hedge bets against outages from a server crash, spreading traffic across multiple physical servers is a wise strategy.  The next challenge is routing incoming traffic from one or more service providers to those SIP applications.  Both SIP servers and SBCs can route traffic based on a range of programmable criteria including: dialed number, originating number, randomly, round-robin, availability and more.

Both SIP Servers and SBCs can also handle some of the interoperability and security services, but this is where the differences start to be more apparent.

So, what is an SBC and how does it differ from a SIP Server like Kamailio or OpenSIPs?

The simplest explanation is – SIP Servers manipulate and route SIP messages, never touching the media path.   However, SBCs broker SIP messages and media, acting as an intermediary between two networks, applying complex manipulations, security and routing rules on both the signaling and media.

SIP Server Functional Architecture

SIP message and media brokering within an SBC is accomplished via a Back-to-Back User Agent (or B2BUA for short), essentially terminating the SIP session on one network and re-initiating a new session on another network.  This can be between a WAN and LAN, between two WANs or two LANs.   The most common use case for SBCs puts them in the DMZ, putting one side on the WAN and the other side on a private (and secure) LAN with SIP applications (Asterisk, FreeSWITCH or other) on the protected LAN.  In this role, the SBC protects and distributes the traffic load across the various SIP applications.

Session Border Controller Functional Architecture

Using a B2BUA is more resource intensive than a simple SIP Server, but this is balanced by the additional functionality and security provided.

Beyond greater control over security policies, SBC’s B2BUA capabilities have other benefits, including:

  • Real Topology Hiding – of both SIP messages and media, ensuring the internal network topology of your network is not exposed to the outside world.
  • DOS and DDOS Protection – Intelligent security that stops DOS attacks in their tracks before they can get into your network.
  • Registration Flood Detection and Protection – preventing “network probing” and attempts to overload Asterisk servers with bogus registration attempts.
  • Media conversion and transcoding
  • Advanced call routing and traffic management capabilities across multiple networks.
  • Multi-application support – distributing and adapting SIP traffic between dissimilar applications from different vendors.

Beyond that, there are many other reasons to use commercial SBCs like FreeSBC for scaling Asterisk and FreeSWITCH implementations:

  • Ease of configuration – with FreeSBC’s easy to use web portal, there are no cryptic script languages to learn!  Most configurations can be completed in a few minutes with a web browser.   Want to see how it’s done?  Take a tour of the web portal and learn how to configure FreeSBC for SIP Trunking on YouTube at:   https://youtu.be/GvfKSw1H6gU
  • Low cost subscription-based pricing that allows “pay as you grow” $1/session/year/server for FreeSBC Pro Edition
  • Carrier-grade – with scaling up to 60,000 sessions per server with 1+1 redundancy for High Availability
  • Platform choices – with versions for bare-metal, VMware, KVM and Amazon AWS
  • 24/7 Technical support availability
  • Regular software updates without having to wade through forum recommendations and Github branches

Understanding the difference between these two important network elements gives network designers the tools to build more efficient and secure solutions.

You can learn more by attending the upcoming webinar “What is an SBC?” at:  https://www2.telcobridges.com/WhatIsAnSBC

Download your free evaluation copy of FreeSBC TODAY at: www.FreeSBC.com

 

Battling Robocallers – Round 3

by Alan Percy, Senior Director of Product Marketing

This last month, a telemarketing firm hawking health insurance was fined $82 million for their role in 21 million illegal unsolicited robocalls.  Are the legal consequences enough to put an end to the nuisance calls?

As reported by the Washington Post, the Federal Communications Commission imposed an $82 million fine against a telemarketer who made more than 21 million unsolicited calls to consumers to try to sell health insurance and generate leads.

Despite this stiff penalty against one firm, the phones of Americans continue to ring with offers of bogus credit card protection offers, free vacations and fake IRS scams.

A root of the problem is the ease at which bulk phone calls can be made with spoofed caller-ID information, tricking unsuspecting victims to answer call they think are from friends or neighbors.  While there are legitimate reasons to substitute caller-ID information (Doctors office reminders, school notifications, etc) fraudulent abuse continues to be an industry-wide problem.

Meanwhile, progress is being made in the standards bodies with further refinement of the STIR/SHAKEN framework that will allow service providers to “certify” that the originating caller and communications service provider owns the rights to the calling number.

In August, the ATIS and SIP Forum announced the release of two key specifications needed to standardize the user experience and APIs needed for implementation of SHAKEN.  The first specification Technical Report on a Framework for Display of Verified Caller ID (ATIS-1000081) defines a standard user experience for calls from known callers, likely SPAM callers, suspect and potential fraudulent callers with color icons and information on screen-based devices.  The second specification Technical Report on SHAKEN API for a Centralized Signing and Signature Validation Server provides a proposed RESTful API for the implementation of the SHAKEN specification

This next couple weeks will see two industry speaking sessions addressing the issues, including:

Battling Robocallers – a Tutorial on STIR/SHAKEN presented by yours truly at Astricon in Orlando on Tuesday, October 9th at 10:00 AM

Comprehensive Approach to Illegal Robocalls presented by Eric Burger, CTO at the Federal Communications Commission at the Illinois Institute of Technology Real-Time Communications Conference on Tuesday October 16th at 9:00 AM

Later in December, the SIPNOC event has a dedicated Robocall Summit track specifically addressing the problem, including a number of industry thought leaders.

However, questions do remain on the timeframe and motivation of the service provider community as to when they plan to implement any or all of the recommendations, giving consumers a break from the fraudulent robocallers.

 

FreeSBC takes to the Cloud on AWS

by Alan D. Percy, Senior Director of Product Marketing

As a greater range of communications applications are migrating to the cloud, there is a greater need for affordable cloud-hosted session border controller network services.   To answer this need, TelcoBridges recently announced that the company’s FreeSBC session border controller software is now available on Amazon Web Services.   Offering feature-rich services comparable to native bare-metal installations and virtualized platforms, the AWS Amazon Machine Image (AMI), provides core network security, interoperability and media services for service providers and enterprises.

Across the industry, cloud-based communications is on a steady growth trend.  As application architects piece together their solutions using cloud-bases services, it makes sense to have an affordable SBC to provide security, interoperability and media services.

Greg Collins at Exact Ventures forecasts that by 2022 nearly 75% of all session border controller shipments will be cloud-based

Luc Morissette, Director of Customer Support at TelcoBridges will be joining me for a live webinar on Tuesday, September 25th to deliver an overview of the new FreeSBC on AWS offer, covering the capabilities, limitations and demonstrating the activation process.

During the webinar we explain the three distinct offerings, including:

  1. FreeSBC on AWS as a fully hosted offering – making testing and evaluation much easier for prospective customers, allowing evaluation without dedicating a VM or hardware servers.
  2. FreeSBC PRO-edition – offered as an Amazon Machine Image (AMI) with all the PRO-edition features and standard support for $1/session/year
  3. FreeSBC free-edition – offered as an Amazon Machine Image (AMI) without support

The session will wrap up by putting a spotlight on the many use cases, showing how hosted contact centers, hosted Unified Communications and traditional telephony services will benefit from cloud-based FreeSBC.

Register for the live event today at:  https://www2.telcobridges.com/FreeSBConAWS

For more information on FreeSBC, visit www.freesbc.com

Battling Robocallers – Round 2

By Alan Percy, Senior Director of Product Marketing, TelcoBridges

The battle to tame fraudulent robocalling made some significant advancements this week as the SIP Forum released two new technical reports.

If you’ve been following along, you know that fraudulent robocalling and caller-ID spoofing have become the tools-of-the-trade for criminals trying to trick unsuspecting victims into their scams.   (By now you’ve come to realize that you can’t trust the caller-ID on your phone.) The FCC and the CRTC have put deadlines in front of the carriers, requiring implementation of secure caller-ID technologies to prevent spoofing of caller-ID.

To address these requirements, the ATIS and SIP Forum announced this week the release of two key specifications needed to standardize the user experience and APIs needed for implementation of SHAKEN.


The first specification Technical Report on a Framework for Display of Verified Caller ID (ATIS-1000081) defines a standard user experience for calls from known callers, likely SPAM callers, suspect and potential fraudulent callers with color icons and information on screen-based devices.   The specification details the user experience study that went into the graphical images, providing data on real-world user responses and behaviors to the information displayed.

The second specification Technical Report on SHAKEN API for a Centralized Signing and Signature Validation Server provides a proposed RESTful API for the implementation of the SHAKEN specification, used to authenticate and verify caller-ID for network-based calls.  This recommendation is an alternative to the SIP-based mechanism as specified in the SHAKEN recommendations, as is currently used by a number of vendors, including TransNexus and TelcoBridges.

“These two new resources are critical to helping service providers implement SHAKEN,” said ATIS President and CEO Susan Miller. “They are products of ATIS’ continued collaboration with the SIP Forum and are instrumental to industry efforts to address the robocalling problem and maintain consumer trust in the voice network.”

“The SIP Forum is committed to working together with ATIS to continue to develop the operational documents for the SHAKEN Framework, and these two new reports provide important additional guidelines and details essential to the successful deployment of the SHAKEN standard,” said SIP Forum Chairman Richard Shockey.

In addition to the above announcement, we’ve made significant progress with TransNexus on their SHAKEN fraud prevention framework, recently posted detailed configuration notes on how to configure both FreeSBC and TransNexus OSPrey server and completed our bench testing milestones.

Looking ahead and demonstrating the level of interest on the topic, a dedicated track and session on Robocalling is scheduled for SIPNOC 2018.

To learn more about STIR/SHAKEN, view the recording of our Battling Robocallers webinar and/or sign-up for one of the TransNexus Discover SHAKEN events.

Caller-ID Spoofing – No, That’s Not Your Neighbor Calling

By Alan Percy, Senior Director of Product Marketing, TelcoBridges

The phone rings and the number looks familiar, just a few digits off from your own.  You wonder if a neighbor or possibly your child’s school calling, so you answer only to hear “Congratulations, you’ve been selected for a three night vacation package”   You’ve been tricked into answering by a Robocaller, using caller-ID spoofing.  Continue reading Caller-ID Spoofing – No, That’s Not Your Neighbor Calling

Fraud and Robocalls – More Than an Annoyance

By Alan Percy, Senior Director of Product Marketing, TelcoBridges

This last week, the NY Times Tara Siegel Bernard published an article explaining the trends of Robo calls and their scams are surging.  With the International Telecommunications Week (ITW) conference this week in Chicago, Tara’s timing couldn’t have been any better.

Continue reading Fraud and Robocalls – More Than an Annoyance

TelcoBridges and Jerasoft – Connecting at ITW 2018

by Alan Percy, Senior Director of Product Marketing

Leading communication service providers depend on cloud-based and virtualized software to deliver services to their customers.  Like building blocks in a building foundation, communications software products fit together, creating an inter-locking base for reliable and profitable services. During the upcoming ITW event in Chicago (May 6-9th), CSPs have an opportunity to see the latest innovations in software solutions and learn how the various communications system building blocks fit together.

Continue reading TelcoBridges and Jerasoft – Connecting at ITW 2018

Notes from EC18: Why is Everybody Talking About Teams?

by Alan Percy, Senior Director of Product Marketing for TelcoBridges

As I pack my bags and head home from Orlando and put another Enterprise Connect event behind me, I wondered why (more than ever) has one communications platform gained so much mindshare as Microsoft Teams did this week?

Continue reading Notes from EC18: Why is Everybody Talking About Teams?

FreeSBC – A New Approach to the SBC

by Alan Percy, Senior Director of Product Marketing

Wow – what a response! Thanks so much for participating in the event and our apologies for those that arrived to find the webinar platform at capacity. Your response far exceeded our expectations.

The webinar recording is now available for playback:

Click here to play the Webinar.

You can also view the slides on Slideshare.

You asked so many great questions – we’ve captured all your questions and posted them with answers on the FreeSBC FAQ Forum – take a look!

In addition, many of the common questions about compatibility and installation procedures can be found on the TelcoBridges FreeSBC Wiki.

Moving to the Cloud – What’s the Issue?

By Alan Percy, Senior Director of Product Marketing

Migrating communications applications to the cloud is much more than a technical challenge for service providers and enterprises. The challenge of the cloud is fundamentally based on a significant shift in business model.

Continue reading Moving to the Cloud – What’s the Issue?