Firewalls, SIP Servers and SBC - What's the Differences?

•

0 likes•3 views

There are a lot of building blocks that make up a reliable and secure voice network. Firewalls, SIP Servers and Session Border Controllers each play an important, but different, role in facilitating a secure and reliable network. Join us as we take a closer look at each in a modern voice network, answering the questions: -What are they? -Why do I need them? -What do they do? -What do they not do? -Your questions Each of the series will be recorded and library of recordings made available to registrants. Who should view: Network architects at service providers and enterprises, networking consultants, analysts and decision-makers involved in acquiring network technology Download your FreeSBC software: www.freesbc.com Frequently Asked Questions at: forums.freesbc.com Other educational webinars at: freesbc.com/video-library

Technology

SIP Security
Firewalls, SIP Servers and SBCs
Explained
• December 2018
1

2
What are the Risks?
Extortion Intrusion Theft of Services

3
The Risk is Real
Hackers targeted the phone system at Bob
Foreman’s architecture firm in Georgia,
making $166,000 in calls in a weekend.
Credit: Tami Chappell for The New York Times

4
Today’s Presenters:
Alan D Percy
Senior Director of Product Marketing
alan.percy@telcobridges.com
Luc Morissette
Director of Technical Support
luc.morissette@telcobridges.com

5
Agenda
Firewalls, SIP Servers and SBCs
• What are they?
• Why do I need them?
• What do they do?
• What do they NOT do?
• Where to learn more?

6
The Right Tool …
“Every tool is a
weapon if you
hold it right”
- Ani DeFranco

7
Just a little SIP
SIP is the foundation of the
new voice network…but:
• Specification is “loose” with
interoperability issues
• Separates call control
signaling from media
• “Chatty Cathy”
• Asynchronous
• “Stateful” By Korolev Alexandr
RFC 3261

8
OSI Model
Application SIP User Agent
Presentation G.711, G.729…
Session SIP
Transport TCP, UDP, RTP
Network IP, ICMP
Data Link Ethernet, 802.11
Physical CAT5, 2.4GHz
Network Switches
Firewall
/ Router
Session Border
Controllers SIP
Servers

9
Function of a Firewall
Internet
LAN
WAN
34.x.x.x
192.168.1.2 192.168.1.3 192.168.1.4
Trusted Network
Untrusted Network

10
Firewall Functions
 Packet Filtering – Layer 2-4
Tracking and passing “good” traffic
 Blocking “unsolicited” traffic
 Pinhole Management
 Packet Forwarding
 NAT – Network Address Translation
 DHCP – Assigning IP addresses to devices

Header Manipulation
Routing Engine
Media
SIP
Session
s
Public
WAN
34.0.0.
1
SIP Server
SIP
Application
s
34.0.0.X
SIP Server Architecture

12
SIP Server Functions
SIP Proxy/Router
SIP Header Manipulation
SIP Routing / Load Balancing
Script-based configuration
 No B2BUA
Exposes network topology
 No Media Handling

What is a SBC?
Local Area
Network
Network
Border
Wide Area
Network SBC
• Anywhere two SIP networks intersect
• Software-based “Network Function”
• Most often between a WAN and a LAN
SIP SIP

Routing Engine
Media
Media
Engine
SIP
Session
s
B2BUA
UAS UAC
Private LAN
192.168.0.X
Public WAN
34.0.0.1
Session Border Controller
SIP
Applicatio
ns
Session Border Controller Architecture

15
Firewall / SBC Deployment Models
SBC Behind the Firewall
LAN
WAN
34.1.1.1
192.168.1.2
192.168.1.4
Trusted Network
Untrusted Network SBC
Internet
Call Servers

16
Firewall / SBC Deployment Models
SBC Beside the Firewall
LAN
WAN
34.1.1.1
192.168.1.2
192.168.1.4
Trusted Network
Untrusted Network
SBC
Internet
Call Servers
34.1.1.2

17
Use Case – Hosted IP-PBX/UC
Tasks:
 Security – DDOS & Topology Hiding
 Registration/Subscription Forwarding
 NAT Traversal
IP-PBX / UC / Contact Center with Local & Remote Users
Asterisk
Work-at-home users
SBC

18
Comparison Summary
Function Firewall SIP Server SBC
Layer 2-4 Packet Filtering   
Router / NAT / DHCP   
Prevent DOS / DDOS Attacks   
SIP Header Manipulation / Interoperability  
SIP Routing  
Toll Fraud Protection  
Topology Hiding 
Block Robocallers (STIR/SHAKEN) 
QOS Measurement / Reporting 
Media Transcoding / Transcryption 
Prevent Media DDOS Attacks 

19
Introducing…
Learn more at: www.FreeSBC.com

20
Congratulations!
You now know
enough to be
dangerous!
How do you continue
your knowledge?

21
Q&A
Download your FreeSBC software:
www.freesbc.com
Frequently Asked Questions at:
forums.freesbc.com
Other educational webinars at:
freesbc.com/video-library
Q/A?

Similar to Firewalls, SIP Servers and SBC - What's the Differences?

F5 Infosec Israel 2013 Application Centric Security

Tzoori Tamam

As presented at ITExpo 2017 and the April Peerlyst Tel-Aviv security Meetup. Can your company afford to ignore VoIP security? With the number of attacks on your telephone services and mobile devices your chance of being attacked and financial liability is at an all time high. This session offers an introductory primer to securing your VoIP PBX. This talk will include explanations about common attacks, how they can find you, and common techniques you can use to defend your company.

VoIP Security 101 what you need to know

Eric Klein

Avaya Aura® Session Border Controller, powered by Acme Packet, secures the IP border for the real time interactive communications that flow outside your internal network. With Avaya Aura® Session Border Controller, your Unified Communications and Contact Center Solutions can securely leverage SIP, while simultaneously extending the power of the Avaya Aura® architecture throughout your enterprise to realize the true benefits of open standards.

Why Do I Need an SBC

PacketBase, Inc.

Enterprise companies are increasingly using Microsoft Lync 2010/2013 (a.k.a Skype for Business 2015) services as call centre, internal communication, cloud communication and video conference platform. These services are based on the VoIP and instant messaging protocols, and support multiple client types such as Microsoft Office 365, Microsoft Lync, Skype for Business, IP phones and teleconference devices. Also the official clients are available for mobile devices (e.g. Windows phone, Android and iOS), desktops (Mac, Linux and Windows) and web applications developed with .NET framework. Although the Microsoft Lync platform has been developed along with the new technologies, it still suffers from old VoIP, teleconference and platform issues. Modern VoIP attacks can be used to attack Microsoft Lync environments to obtain unauthorised access to the infrastructure. Open MS Lync frontend and edge servers, insecure federation security design, lack of encryption, insufficient defence for VoIP attacks and insecure compatibility options may allow attackers to hijack enterprise communications. The enterprise users and employees are also the next generation targets for these attackers. They can attack client soft phones and handsets using the broken communication, invalid protocol options and malicious messaging content to compromise sensitive business assets. These attacks may lead to privacy violations, legal issues, call/toll fraud and intelligence collection. Attack vectors and practical threats against the Microsoft Lync ecosystem will be presented with newly published vulnerabilities and Microsoft Lync testing modules of the Viproy VoIP kit developed by the speaker. This will be accompanied by live demonstrations against a test environment. • A brief introduction to Microsoft Lync ecosystem • Security requirements, design vulnerabilities and priorities • Modern threats against commercial Microsoft Lync services • Demonstration of new attack vectors against target test platform

VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)

Fatih Ozavci

Expocomm VoIP Presentation

diego gosmar

Offre revendeurs UC

Rachid ZINE

SIPfoundry CoLab 2013 - Solving the Bring Your Own Device BYOD problem with o...

SIPfoundry

why-your-network-needs-an-sbc-guide.pdf

tardis2

AudioCodes Session Border Controller Update

John D'Annunzio

This presentation dives into where Session Initiation Protocol (SIP) and eXtensible Messaging and Presence Protocol (XMPP) are used on Linux platforms, and ultimately why SIP is the best thing to hit our communications infrastructure since the Central Office (CO). I'll discuss DNS SRV in bind to enable SIP calls via domain lookups of User Resource Identifiers (URI). I'll also go over Linux desktop and Android clients that can register to varios call control platforms.

LinuxCon North America: SIPPing from the Open Source Well

Matt Bynum

IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014

Brian Knopf

The Voice over Internet Protocol (VoIP). The VoIP is relatively new and is gaining more and more popularity as it offers a wide range of features and is much more cost effective as compared to the traditional PSTN. But the VoIP brings with it certain security threats which need to be resolved in order to make it a more reliable source of communication. Session Initiation Protocol (SIP) today is considered the standard protocol for multimedia signaling, and the result is a very generic protocol. SIP is specified by the IETF in RFC 3261. From a structural and functional perspective, SIP is application layer signaling text-based protocol used for creating, modifying, and terminating multimedia communications sessions among Internet endpoints. Unfortunately, SIP-based application services can suffer from various security threats as Denial of Service (DoS). attacks on a SIP based VoIP infrastructure that can severely compromise its reliability. In contrast, little work is done to analyze the robustness and reliability of SIP severs under DoS attacks. In this survey, we are discussing the DoS flooding attack on SIP server. Firstly, we present a brief overview about the SIP protocol. Then, security attacks related to SIP protocol. After that, detection techniques of SIP flooding attack and various exploited resources due to attack were discussed and finally the paper reviews previous work done on SIP based DoS attacks.

Review of SIP based DoS attacks

Editor IJCATR

Microsoft Unified Communications Summit

Concurrency, Inc.

We'll hear from a few local industry experts on the war stories, design considerations and best practices of NAC (Network Admission Control / 802.1x ) deployments. Each lightning talk will feature different point of views and vendors. After the talks, we'll host a Q/A panel with questions from our audience. Please come with some questions! Feel free to enter them in the RSVP or post on the meetup page. Talks and Q/A panel will be done by: Kyeyeon Kim, Andy Richter, Josh Trivilino

BOSNOG NAC stack 2018

GENIANS, INC.

OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar

Santhosh Kumar

IoTNEXT 2016 - SafeNation Track

Priyanka Aash

WiFiSlax es una distribución GNU/Linux diseñada y estructurada para la auditoría de seguridad, especializada en evaluaciones de seguridad inalámbrica. Contiene una amplia lista de herramientas de seguridad y auditoría donde se incluyen escáneres de puertos, de servicios y de vulnerabilidades, herramientas para creación y diseño de exploits, ‘sniffers’, herramientas de análisis forense y herramientas para la evaluación de la seguridad de dispositivos wíreless. En esta presentación oficial de la versión 4.0 se mostrarán una serie de importantes cambios estructurales que han permitido al grupo de desarrolladores continuar innovando en cuanto al soporte hardware tal y como han hecho en sus anteriores versiones anticipándose al resto de distribuciones. Estos cambios les han permitido mantenerse en la vanguardia en las tecnologías inalámbricas.

Sergio González - WiFiSlax 4.0 [RootedCON 2010]

RootedCON

Building IoT devices with ARM mbed - RISE Manchester

Jan Jongboom

ProSBC a Deep Dive

TelcoBridges Inc.

IPv6-Experte Joe Klein gab uns einen Überblick über den aktuellen Status der IPv6-Sicherheit, typische IPv6-Angriffspunkte, Auswirkungen von Technologien wie Cloud und Blockchain sowie Herausforderungen für effektive IoT-Sicherheitsmassnahmen (Internet of Things). Vor allem im Internet der Dinge, wenn es um Gesundheitsversorgung, selbstfahrende Autos, Flugzeugcockpits, Dämme, Kernkraftwerke und ähnliche kritische Infrastrukturen geht, ist es von entscheidender Bedeutung, dass Sicherheit gewährleistet werden kann.

IPv6 Security Talk mit Joe Klein

Digicomp Academy AG

Similar to Firewalls, SIP Servers and SBC - What's the Differences? (20)

F5 Infosec Israel 2013 Application Centric Security

VoIP Security 101 what you need to know

Why Do I Need an SBC

VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)

Expocomm VoIP Presentation

Offre revendeurs UC

SIPfoundry CoLab 2013 - Solving the Bring Your Own Device BYOD problem with o...

why-your-network-needs-an-sbc-guide.pdf

AudioCodes Session Border Controller Update

LinuxCon North America: SIPPing from the Open Source Well

IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014

Review of SIP based DoS attacks

Microsoft Unified Communications Summit

BOSNOG NAC stack 2018

OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar

IoTNEXT 2016 - SafeNation Track

Sergio González - WiFiSlax 4.0 [RootedCON 2010]

Building IoT devices with ARM mbed - RISE Manchester

ProSBC a Deep Dive

IPv6 Security Talk mit Joe Klein

More from TelcoBridges Inc.

Despite the wishes of the equipment makers and regulators, there still is a lot of TDM circuits and equipment in the global telecommunications network. How do we know? We talk to service providers every day that are working in mixed TDM and IP networks. What we have found is that Service providers are often challenged with navigating the complications of migrating their network to IP infrastructure, dealing with new regulatory mandates, replacing obsolete technologies, and finding the expertise to make the transition. To help our customers make the transition, TelcoBridges has invited ZT Technology Solutions to join us as our newest Alliance Partner, bringing a host of experience in planning service provider migrations from TDM to IP. During this event, we discuss our Network Transformation strategy, get to meet the team from ZT Technology Solutions and hear their FIVE best network transformation practices. Best of all, we have saved some time to answer your questions. A recording is available at: https://youtu.be/WQjpTPNS4qM

Network Transformation - Top 5 Best Practices

TelcoBridges Inc.

The Role of SBCs in Fraud Protection

TelcoBridges Inc.

Tmedia for Metaswitch - a FAQ Session

TelcoBridges Inc.

Illegal robocalls continue to be a significant problem for consumers and businesses of all sizes. STIR/SHAKEN is expected to reduce illegal spam calls, but those behind the illegal calls will persist, wasting time, clogging up phone lines, and in some cases, perpetrating phishing attacks. Join us as we discuss the current state of STIR/SHAKEN and explain why further Robocall Mitigation is required. Stay with us as Gerry Christensen, VP of Business Development and Strategic Partnerships at YouMail joins us to share an AI-powered robocall analytics platform that can be used by service providers and enterprises to block much of the unwanted traffic. Video recording of the session is available at: https://www2.telcobridges.com/videolibrary

Will STIR/SHAKEN Solve the Illegal Robocall Problem?

TelcoBridges Inc.

Marketing Open Source Software - 10 Tips

TelcoBridges Inc.

Contact Center as a Service - Challenges and Successes

TelcoBridges Inc.

In January of 2021, over 4 billion robocalls were placed, many were part of an international scam and designed to ensnare unwitting victims. Illegal robocalling continues to be the #1 consumer complaint to the FCC. To address this, the FCC has issued numerous orders, designed to stamp out illegal robocalling and protect US consumers from fraud and other various scams. One of these orders requires development of a robocall mitigation program at the originating service provider. In this session, we are joined by Mike Rudolph, the CTO of YouMail, to learn about their AI-powered robocall sensor network, and show how service providers and enterprises can use YouMail along with ProSBC to quickly implement a highly-effective robocall mitigation program. Links: Full video: https://youtu.be/9BpuYSY4mR4 YouMail consumer call screening product: www.youmail.com ProSBC Pricing and product information: www.prosbc.com Implementation notes on TBwiki: https://docs.telcobridges.com/tbwiki/ProSBC:Youmail

Robocall Mitigation with YouMail and ProSBC

TelcoBridges Inc.

Poor voice quality is one of the leading complaints for VoIP systems. Dropouts, echoes, static, and latency can ruin a conversation. Knowing how to measure voice quality and isolate the cause is an important part of delivering a quality experience to users and customers. In this presentation, we share some background on voice quality in VoIP systems, examine the various causes of poor voice quality, and consider the role that SBCs can play in monitoring and isolating voice quality issues. Questions covered in this session: > Why is voice quality important to the customer experience? > How is voice quality measured? > What causes poor voice quality? > How is voice quality measured on-the-fly? > What is the role of SBCs in measuring voice quality? > How do you isolate voice quality issues? > Your questions Who should attend: Network architects at service providers and enterprises, networking consultants, analysts and decision-makers involved in acquiring network technology

How to Measure VoIP Voice Quality

TelcoBridges Inc.

What is SS7? An Introduction to Signaling System 7

TelcoBridges Inc.

RESTful APIs and SBCs

TelcoBridges Inc.

Building VoIP-based systems with SIP can be daunting. The entire telecommunications industry is a layered stack of technologies, some from the age of telephones with hand-cranks. Others from the Internet age of packet switching and VPNs. Over the years, the experts at TelcoBridges have built a knowledge base about underlying telecommunications and VoIP technology, SIP signaling, networking products and design methods. In this event, we pull some of our favorite Frequently Asked Questions from our video library, our forum, Wiki, and your emails, sharing answers and insight that both beginners and advanced designers will find helpful. A recording of the live webinar is available at: https://www2.telcobridges.com/videolibrary

VoIP Frequently Asked Questions

TelcoBridges Inc.

Phishing attacks are almost a daily event – the result of someone trying to trick an unsuspecting victim into sharing their username and password for their bank account or other valuable resource. Other attacks try to impersonate the victim attempting to change passwords in hopes of gaining access to their email, financial or other on-line accounts. Simple username/password combinations used to be enough to keep the bad guys out…not anymore. Two factor authentication or (2FA) is a security tool that has become the norm to protect high-value targets, using SMS or voice calling to verify the user identity. As financial services and many other industries work to secure their systems, they need access to two factor authentication tools, including APIs, ability to send SMS and make voice calls to deliver temporary passcodes. During this event, we’re joined by experts from both Telestax and Network Intelligence who are going to show us how 2FA can offered as a service by service providers, creating new revenue opportunities. Be sure to stay with us for information on a live demonstration you can try on your own.

New Opportunities with Two Factor Authentication (2FA) - A How To

TelcoBridges Inc.

Unified Communications as a Service (or UCaaS), is a relatively new opportunity for service providers, making a complete business communications solution available from virtually anywhere and billed on a monthly basis, without the cost of on-premises equipment. The OPEX model makes UCaaS extremely popular with growing and distributed companies. One of the popular software providers enabling the UCaaS market is 3CX, an open-standards communications solution. Service providers are discovering that deploying 3CX as a service is an excellent opportunity to grow their business, bringing business-class UCaaS to a range of vertical markets and geographies. As we’ll show today, TelcoBridges’ ProSBC offers a valuable set of capabilities to make hosted 3CX implementations secure, avoids on-premises CPE, is easy to manage and the subscription-based business model makes scaling easy and affordable. In this recorded webinar, we are joined by Matt Ussery, CIO and founder of Austen Consultants, and take a closer look at how he built his successful hosted cloud service based on 3CX and ProSBC. You can view the recording at: https://youtu.be/YX8C0UBtEec

UCaaS with 3cx and ProSBC

TelcoBridges Inc.

Media gateways are a fundamental building block of voice communications networks, interconnecting legacy TDM voice networks and equipment with voice-over-IP networks. Found in service provider and enterprise networks, media gateways range in scale and capabilities, meeting a range of diverse applications. However, with the increasing adoption of SIP and VoIP networks, what role will media gateways play going forward? Will they become obsolete and join the VCR in the dustbin of technology? Or will they evolve to take on new roles in converged voice networks? Welcome to “The Future of Media Gateways”, our 23rd monthly webinar, covering technical, business and partner topics to help service providers and enterprises build better voice networks. During this session, we take a closer look at the market for media gateways, some recent innovations, and a number of new use cases. We’ll finish up with a summary of the media gateway portfolio from TelcoBridges and leave time for your questions.

The Future of Media Gateways

TelcoBridges Inc.

The phones won’t stop ringing…or they don’t ring at all. Contact center agents waste time answering bogus calls while customers complain they can’t get through. 9-1-1 agents waste time answering robo-callers instead of dealing with real emergencies. Telephony Denial of Service (TDOS) attacks clog up business telephone lines, causing disruption of business and wasting employee productivity. TDOS attacks can be the result of nefarious actors trying to extort money or a targeted grudge to settle, but also can be caused by rouge robocall campaigns, either way, TDOS attacks are becoming more common and difficult to prevent. Service providers are very often unprepared and unable to address TDOS attacks, leaving businesses vulnerable while they search for a solution. Welcome to “How to Protect Against TDOS Attacks”, our 22nd monthly webinar in the FreeSBC/ProSBC series, covering technical, business and partner topics to help service providers and enterprises better secure their voice networks. During this session, we describe methods that service providers and businesses can use to mitigate TDOS attacks, reducing or eliminating their impact. Toward the end of this session will also share three real end-customer case studies, showing how these businesses implemented their own TDOS solutions, deflecting hundreds of unwanted calls per day.

How to Protect Against TDOS Attacks

TelcoBridges Inc.

Microsoft's Azure is one of the top requested cloud platforms for communications solutions and a popular choice for hosting ProSBC and other cloud communications applications. During this session, we'll give a step-by-step tutorial and demonstration of the process to activate and configure ProSBC on Azure. At the conclusion of the tutorial, attendees will be prepared to provision ProSBC into their Azure communications solutions. Topics covered in this session: - Ordering process - Selecting a processor - Preparing the Azure account - Preparing and Loading the ProSBC on Azure Image - Activating the ProSBC Image - Configuring and operating ProSBC - Roadmap for ProSBC on Azure - Your Questions

ProSBC on Azure - A Tutorial

TelcoBridges Inc.

uCPE and VNFs Explained

TelcoBridges Inc.

How to Prevent Telecom Fraud in Real-Time

TelcoBridges Inc.

The programmable telephone network has always intrigued me. As a developer, having the ability to create custom applications within the service provider network seems to have endless possibilities. I can envision all sorts of applications that make businesses more productive and consumers better informed. I can also envision business opportunities for service providers, offering hosted development platforms that developers can use to create new customer-facing services. Communications Platform as a Service (CPaaS) is a means to offer an open API-based development environment to businesses of all sizes, allowing them to build custom business applications to improve their customer experience and better secure their data. Today we plan to explore opportunities for CPaaS, explain how service providers can integrate CPaaS into their existing networks and review a live customer case study of CPaaS in action.

Enabling business with CPaaS and SBCs

TelcoBridges Inc.

Slides from the June 4th, 2019 webinar, introducing ProSBC. In October 2017, TelcoBridges took the bold step to offer FreeSBC, a software-based session border controller product, to the market. Since then, over 10 million sessions of FreeSBC software have been downloaded by thousands of users around the globe. Many of those sessions are now in production or various stages of evaluation. During that time, we at TelcoBridges have been listening carefully to customer feedback and working diligently on a product development roadmap to implement those suggestions. The result is ProSBC, an enhanced session border controller offering that fits many more use cases in both service provider and enterprise applications. Today - We’re pleased to share with you an overview of ProSBC, explain its features, capabilities, target markets and use cases.

ProSBC Introduction

TelcoBridges Inc.

More from TelcoBridges Inc. (20)

Network Transformation - Top 5 Best Practices

The Role of SBCs in Fraud Protection

Tmedia for Metaswitch - a FAQ Session

Will STIR/SHAKEN Solve the Illegal Robocall Problem?

Marketing Open Source Software - 10 Tips

Contact Center as a Service - Challenges and Successes

Robocall Mitigation with YouMail and ProSBC

How to Measure VoIP Voice Quality

What is SS7? An Introduction to Signaling System 7

RESTful APIs and SBCs

VoIP Frequently Asked Questions

New Opportunities with Two Factor Authentication (2FA) - A How To

UCaaS with 3cx and ProSBC

The Future of Media Gateways

How to Protect Against TDOS Attacks

ProSBC on Azure - A Tutorial

uCPE and VNFs Explained

How to Prevent Telecom Fraud in Real-Time

Enabling business with CPaaS and SBCs

ProSBC Introduction

Recently uploaded

Design and Development of a Provenance Capture Platform for Data Science

Paolo Missier

Tales from a Passkey Provider Progress from Awareness to Implementation.pptx

FIDO Alliance

ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...

FIDO Alliance

Extensible Python: Robustness through Addition - PyCon 2024

Patrick Viafore

Because observability is such a broad topic – and often something we learn on the job – it can feel like there’s too much to learn at once. But you don’t have to tackle everything and can start with the basics and build from there! Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack. No matter what tooling is in place, there are still observability fundamentals that developers should know. That’s why I’ve put together a primer on the different telemetry types, when to use them, how to understand the data journey, and what to look for in time series graphs.

Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)

Paige Cruz

Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...

ScyllaDB

Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf

FIDO Alliance

Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.

2024 May Patch Tuesday

Ivanti

Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...

ScyllaDB

Intro in Product Management - Коротко про професію продакт менеджера

Mark Opanasiuk

The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf

FIDO Alliance

Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf

FIDO Alliance

Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots

Leah Henrickson

The Metaverse: Are We There Yet?

Mark Billinghurst

WebAssembly is Key to Better LLM Performance

Samy Fodil

This our Twelfth semiannual report on the global Cryptocurrency mining industry. Bitcoin is the world’s largest special purpose supercomputer. And it is globally decentralized. Millions of nodes all run the same open-source code to secure the Bitcoin network, create value, and put new transactions onto the distributed ledger. The latest Top500 list has just been announced at the ISC 2024 conference in Hamburg, and once again the Frontier supercomputer with 1.2 Exaflops peak performance is number one on the list. If assigned to SHA-256 hashing, Frontier would provide only the equivalent hash rate of about three cabinets of the latest high-end Bitcoin mining systems, costing less than 0.1% of Frontier’s cost. Michael Saylor, Chairman of MicroStrategy, has pointed out that GPUs are two orders of magnitude slower than the 5-nanometer technology of custom ASICs used for Bitcoin mining today. He makes the point that the Bitcoin network is unassailable by all of the hyperscale computing resources combined in AWS, Google, and Microsoft Azure cloud data centers today.

TopCryptoSupers 12thReport OrionX May2024

Stephen Perrenod

Discover the top CodeIgniter development companies that can elevate your project to new heights. Our blog explores the best firms known for their expertise in CodeIgniter framework development. From robust web applications to scalable solutions, these companies deliver excellence. Whether you're a startup or an enterprise, find the perfect match for your development needs on Top CSS Gallery's blog.

Top 10 CodeIgniter Development Companies

TopCSSGallery

Portal Kombat : extension du réseau de propagande russe

中央社

Intro to Passkeys and the State of Passwordless.pptx

FIDO Alliance

Welcome to this session on UiPath Manufacturing and AI. In this session, we will discuss the importance UiPath plays with technology in the manufacturing and we will do an overview of AI and Document Understanding. Please join us to hear from UiPath and Community experts on why you might consider leveraging UiPath in manufacturing. Topics covered Community team overview The importance of UiPath technology for manufacturing UiPath AI and Document Understanding overview What is Document Understanding? DU Process Studio Template Components of DU Framework Q&A Speakers: Sebastian Seutter, Senior Industry Practice Director, UiPath, Inc. Priya Darshini, UiPath MVP RPA Solutions Architect Dzmitry Belanovski, Account Executive, UiPath, Inc.

UiPath manufacturing technology benefits and AI overview

DianaGray10

Recently uploaded (20)

Design and Development of a Provenance Capture Platform for Data Science

Tales from a Passkey Provider Progress from Awareness to Implementation.pptx

ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...

Extensible Python: Robustness through Addition - PyCon 2024

Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)

Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...

Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf

2024 May Patch Tuesday

Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...

Intro in Product Management - Коротко про професію продакт менеджера

The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf

Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf

Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots

The Metaverse: Are We There Yet?

WebAssembly is Key to Better LLM Performance

TopCryptoSupers 12thReport OrionX May2024

Top 10 CodeIgniter Development Companies

Portal Kombat : extension du réseau de propagande russe

Intro to Passkeys and the State of Passwordless.pptx

UiPath manufacturing technology benefits and AI overview

Firewalls, SIP Servers and SBC - What's the Differences?

1. SIP Security Firewalls, SIP Servers and SBCs Explained • December 2018 1

2. 2 What are the Risks? Extortion Intrusion Theft of Services

3. 3 The Risk is Real Hackers targeted the phone system at Bob Foreman’s architecture firm in Georgia, making $166,000 in calls in a weekend. Credit: Tami Chappell for The New York Times

4. 4 Today’s Presenters: Alan D Percy Senior Director of Product Marketing alan.percy@telcobridges.com Luc Morissette Director of Technical Support luc.morissette@telcobridges.com

5. 5 Agenda Firewalls, SIP Servers and SBCs • What are they? • Why do I need them? • What do they do? • What do they NOT do? • Where to learn more?

6. 6 The Right Tool … “Every tool is a weapon if you hold it right” - Ani DeFranco

7. 7 Just a little SIP SIP is the foundation of the new voice network…but: • Specification is “loose” with interoperability issues • Separates call control signaling from media • “Chatty Cathy” • Asynchronous • “Stateful” By Korolev Alexandr RFC 3261

8. 8 OSI Model Application SIP User Agent Presentation G.711, G.729… Session SIP Transport TCP, UDP, RTP Network IP, ICMP Data Link Ethernet, 802.11 Physical CAT5, 2.4GHz Network Switches Firewall / Router Session Border Controllers SIP Servers

9. 9 Function of a Firewall Internet LAN WAN 34.x.x.x 192.168.1.2 192.168.1.3 192.168.1.4 Trusted Network Untrusted Network

10. 10 Firewall Functions  Packet Filtering – Layer 2-4 Tracking and passing “good” traffic  Blocking “unsolicited” traffic  Pinhole Management  Packet Forwarding  NAT – Network Address Translation  DHCP – Assigning IP addresses to devices

11. Header Manipulation Routing Engine Media SIP Session s Public WAN 34.0.0. 1 SIP Server SIP Application s 34.0.0.X SIP Server Architecture

12. 12 SIP Server Functions SIP Proxy/Router SIP Header Manipulation SIP Routing / Load Balancing Script-based configuration  No B2BUA Exposes network topology  No Media Handling

13. What is a SBC? Local Area Network Network Border Wide Area Network SBC • Anywhere two SIP networks intersect • Software-based “Network Function” • Most often between a WAN and a LAN SIP SIP

14. Routing Engine Media Media Engine SIP Session s B2BUA UAS UAC Private LAN 192.168.0.X Public WAN 34.0.0.1 Session Border Controller SIP Applicatio ns Session Border Controller Architecture

15. 15 Firewall / SBC Deployment Models SBC Behind the Firewall LAN WAN 34.1.1.1 192.168.1.2 192.168.1.4 Trusted Network Untrusted Network SBC Internet Call Servers

16. 16 Firewall / SBC Deployment Models SBC Beside the Firewall LAN WAN 34.1.1.1 192.168.1.2 192.168.1.4 Trusted Network Untrusted Network SBC Internet Call Servers 34.1.1.2

17. 17 Use Case – Hosted IP-PBX/UC Tasks:  Security – DDOS & Topology Hiding  Registration/Subscription Forwarding  NAT Traversal IP-PBX / UC / Contact Center with Local & Remote Users Asterisk Work-at-home users SBC

18. 18 Comparison Summary Function Firewall SIP Server SBC Layer 2-4 Packet Filtering    Router / NAT / DHCP    Prevent DOS / DDOS Attacks    SIP Header Manipulation / Interoperability   SIP Routing   Toll Fraud Protection   Topology Hiding  Block Robocallers (STIR/SHAKEN)  QOS Measurement / Reporting  Media Transcoding / Transcryption  Prevent Media DDOS Attacks 

19. 19 Introducing… Learn more at: www.FreeSBC.com

20. 20 Congratulations! You now know enough to be dangerous! How do you continue your knowledge?

21. 21 Q&A Download your FreeSBC software: www.freesbc.com Frequently Asked Questions at: forums.freesbc.com Other educational webinars at: freesbc.com/video-library Q/A?

Firewalls, SIP Servers and SBC - What's the Differences?

Recommended

Recommended

More Related Content

Similar to Firewalls, SIP Servers and SBC - What's the Differences?

Similar to Firewalls, SIP Servers and SBC - What's the Differences? (20)

More from TelcoBridges Inc.

More from TelcoBridges Inc. (20)

Recently uploaded

Recently uploaded (20)

Firewalls, SIP Servers and SBC - What's the Differences?