How to protect my VoIP/UC network

Published October 24, 2017 10:48

Security 265130 1920

What is toll fraud and should I be worried?

Toll fraud is an unauthorized use of a phone system to make long distance calls without the intention to pay or stealing minutes from an enterprise VoIP network and reselling them.

A report published by the Communications Fraud Control Association (CFCA) that says that the estimated 2013 global fraud loss was 46.3 billion USD that is roughly around 2.09% of total telecom revenues.

In their report for 2015, there is an 18% decrease, but the amount is still astonishing – 38.1 billion USD. According to the same report, the top five methods for committing toll fraud are:

  • PBX Hacking
  • IP PBX Hacking (VoIP)
  • Subscription Fraud (Application)
  • Dealer Fraud
  • Subscription Fraud (Identity)

Toll frauds happened even before VoIP but now are more sophisticated. You can check this Wikipedia page just to see which types of phone frauds there are.

So yes, you should be worried.

But… I have a network firewall

That is excellent. But saying you’re safe because you have a network firewall is only partially true. Traditional firewalls protect data network, but they are not fully aware of SIP signaling.

When you add SIP Trunking to your system, the calls cannot get through the firewall because firewalls are not designed to operate within VoIP. If you want to get past this issue, you need to open a port in your firewall so voice traffic can go through. This moment your entire network becomes vulnerable because hackers can use that same port to enter the network. So your firewall is just not enough.

As an addition to network firewall, you can (and should) use a Session Border Controller (SBC) to be sure your network is safe from attacks.

Sip Network With Sbc

What is a Session Border Controller?

An SBC is a device that manages phone calls on your VoIP network. It allows only authorized calls to enter. It is installed between service provider network and enterprise network.

Sbc Position

Its primary function is security, but not the only one. Some of the other functions are interoperability, transcoding, call routing, etc.

Let’s focus on security.

When a call from the outside reaches the SBC, SBC accepts it, inspects SIP packages, cleans everything that needs to be cleaned and re-originates only SIP packages. Only this "cleaned" and replicated traffic is going to be terminated inside your network.

The same process takes place in the opposite direction as well. All sensitive information is filtered out and cannot exit your network so potential hackers cannot use it to enter the enterprise network.

Within SIP packages, there are hidden tools that hackers can use to pass through the open ports and collect the data about your network structure. An SBC will cut them off making the SBC itself the only visible part of your network to a potential hacker and it’s like hitting the wall.

The SBC functionality that prevents hackers to retrieve information about your network design and content is also called topology hiding.

An SBC protects not only your voice data, but also your video streams which – in today’s environment where companies use UC systems more and more – is important.

Apart from toll fraud, an SBC protects your network from DDoS/DoS attacks, secures media with SRTP and calls with TLS/SRTP.

Another important function of an SBC is interoperability. VoIP solutions have different SIP variations. To put it in a simple way, imagine that VoIP systems are persons from different countries and SIP variations are their languages. In order to understand each other, these systems need a "translator". That is the role of an SBC – to translate the communication between different SIPs.

Which SBC do I need?

If you are concerned about the security of your enterprise network we can offer you the protection you need. There are three types of SBCs in our offer, depending on your company’s size and needs.

All of them are interoperable with major IP PBXs and UC systems. Browser based GUI enables quick and easy installation. Possible use cases include SIP Trunking, core session router and load balancer, remote worker, hosted PBX.

For small to medium businesses there is Vega SBC for SMB which supports 5-20 simultaneous calls.

On Premise Pbx With Vega Smb

For medium to large businesses there is Vega Enterprise SBC which supports 25-250 simultaneous calls.

On Premise Pbx With Vega Enterprise

For large businesses and carriers there is NetBorder Carrier SBC which supports 250-4000 simultaneous calls.

Sip Trunking With Netborder Carrier

If you need more information or clarification, drop us a line.



Back to all news