[VOIPSEC] SBC and Firewalls
Rob Welbourn
robert at welbourn.com
Mon Apr 26 20:50:45 CDT 2010
Mo,
So what aspects of control do you think a conventional firewall will give
you that an SBC does not?
The *only* reason that SBCs are used in conjunction with firewalls is
because corporate IT security people have strict rules about using approved
firewalls, and don't understand what SBCs do. The path of least resistance
to getting an SBC in place is to acquiesce to this dictate.
If you *must* implement a firewall in front of or behind an SBC, or have the
SBC between an inner and outer firewall, then make sure you turn off any SIP
awareness in the firewall, as it will most likely degrade performance and
introduce problems for the SBC.
Rob
Disclaimer: I work for an SBC vendor, and have had to deal with this issue
on multiple occasions.
-----Original Message-----
From: voipsec-bounces at voipsa.org [mailto:voipsec-bounces at voipsa.org] On
Behalf Of Mo Khan
Sent: Saturday, April 24, 2010 12:54 PM
To: voipsec at voipsa.org
Subject: [VOIPSEC] SBC and Firewalls
Hello. I was wondering if there are folks who have implemented the use of
SBC and Firewall together to protect their voip environments. I was looking
to see if it makes sense to use SBC along with an enterprise level Firewall
to secure SIP Trunks over MPLS. I know most SBCs come with a built in
application layer firewall feature which is voice friendly but to gain
control of the environment we want to introduce Firewall to the mix. The
SIP Trunks are setup from corporate HQ over to multiple outsourced partner
contact centers. To create a defense in-depth strategy, a SBC, FW and an IDS
will be used. Any suggestions comments experiences on this type of setup
would be help full.
Regards.
_______________________________________________
Voipsec mailing list
Voipsec at voipsa.org
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
More information about the Voipsec
mailing list