Securing Unified Communications
Session Initiation Protocol (SIP) technology truly changes the way we think about communications. With SIP, unified communications (UC) becomes just another application running on the network. Without appropriate security measures in place, however, SIP can open the network to new threats and vulnerabilities, exposing business, technology, privacy and compliance to new attack vectors.
Unfortunately, bad actors are constantly looking for new ways to infiltrate corporate networks, becoming progressively more brazen in the process. Even if your business has not experienced a SIP/UC security breach, it does not mean that your network has not been compromised; bad actors may have already penetrated your network and could be waiting for ‘the right time” to initiate their C2 (Command and Control) to exfiltrate data or to shut down communications access for your customers.
As organisations move to SIP for their UC systems, the opportunity for hackers to access and steal services increases unless a session border controller (SBC) is deployed. Ribbon provides SBCs and UC security technology. With Ribbon SBCs, enterprises can focus on their core competencies while service providers can provide extraordinary communications features to their customers. Ribbon can make sure both can do this, without fear of theft on their networks.
Ribbon SBCs serve a critical role in securing UC
- Complete security for signaling and media, including traffic policing, Denial of Service (DoS) and Distributed Denial of Service (DDoS) attack detection and blocking and rogue Real-Time Transport Protocol (RTP) protection.
- Ensure privacy on the media (SRTP) and signaling (IPSec/TLS) path without sacrificing scalability or performance.
- By invoking back-to-back user agent (B2BUA) functionality, the SBC can hide the enterprise’s underlying network from bad actors attempting to infiltrate and steal mission critical data over the UC infrastructure.
- In the event of an equipment failure, physical attack or persistent DoS/DDoS attack, strong redundancy strategy will maintain service. Additionally, a disaster recovery plan with redundant sites should also be considered to maintain continuous service availability.