In a new survey conducted by Sapio Research, 69 percent of U.S. businesses report having suffered a distributed denial of service (DDoS) attack in the past 12 months. These organizations believe the most likely motives for these attacks were malicious competitors (32 percent) closely followed by blackmail (30 percent). Only 24 percent of victims believe they were targeted at random.
Whatever the motivation, a DDoS attack can be devastating. In a DDoS attack, a network is flooded with so much traffic that legitimate users can’t access systems and data. Attacks have become more common and are increasingly larger, with many “mega attacks” attributed to massive botnets comprised of thousands of compromised Internet of Things (IoT) devices. In addition, DDoS-for-hire services allow cybercriminals to launch an attack for as little as $2 per hour.
Because voice and other collaboration services are delivered via an IP network, they can be impacted by a DDoS attack. Imagine being unable to communicate with your customers and partners during one of these extended attacks. That very real risk is why organizations should implement a session border controller (SBC).
An SBC is a piece of hardware or software that governs how phone calls, or “sessions,” are initiated, conducted and terminated on an IP phone system. It works much like a firewall does on a data network, sitting between the customer and the carrier network and allowing only authorized sessions to pass through the border. It also provides Quality of Service (QoS) functions, ensuring that calls go through properly and emergency calls get top priority.
An SBC can help boost security by using its QoS rules to identify incoming threats such as DDoS attacks and toll fraud. It also offers deep packet inspection, policy enforcement and other security functionality, providing more control than an application-layer firewall.
Multiprotocol label switching (MPLS) and virtual private networks (VPNs) reduce cybersecurity risk but an SBC is still an important addition to a unified communications (UC) system. This is especially true with today’s distributed and hybrid solutions, which may combine on-premises and cloud-based systems to support geographically dispersed users.
SBCs can also improve interoperability between IP phone systems and legacy analog and digital PBXs. This is important for organizations that take an incremental approach to UC migration, enabling legacy and IP systems to coexist during the transition. The SBC intercepts calls from the telecom provider and routes them to the appropriate system in a way that is seamless from the end-user’s perspective.
Generally, SBCs are deployed on both the customer and carrier side of the connection to improve security. SBCs on the customer side are known as enterprise SBCs (eSBCs), and they are increasingly being packaged as part of UC and contact center solutions.
Do you need an SBC? The answer depends upon the types of systems you need to connect and the level of security your organization requires. However, SBCs are becoming increasingly important due to the rise of DDoS attacks. Let IPC’s engineers help you determine if an SBC makes sense for your UC environment.