As bandwidth increases and the price of remote hosting drops, more and more businesses in every industry are making the move to outsource their unified communications to a third-party host. Unified communications as a service (UCaaS) makes it possible for companies to save money on infrastructure, hardware, maintenance and IT, all while receiving the benefits of a top-shelf UC system via the Internet from a company that specializes only in that. Why, then, would any enterprise not take advantage?


The answer has always been security.


When you move your UC VoIP network off site, you also move the control your business would have had in protecting and defending the sensitive data contained within. But as UCaaS is beginning to proliferate throughout every industry, so too are session border controllers (SBC).


As is the case with so many other breakthroughs, one innovation has lead to another, and it appears that UCaaS and SBC are symbiotic partners in what may be the next telecom revolution.




Unified communications as a service (UCaaS) is essentially unified communications (UC) that is hosted by one company and provided to another over the Internet. UC is a loosely-defined concept in which many communications mediums (data, voice, messaging, video, chat, etc.) are brought together in a single platform. Since its inception in the 1980s — when a pioneering company integrated an email reader into its voice-messaging service — UC has been a goal of every business that values simplicity and effectiveness in communication.


But building a legitimated UC network is expensive and complicated. It requires significant money up front, regular maintenance and upgrades, and a heavy investment in hardware and infrastructure.


UCaaS, however, removes those hurdles by allowing businesses to pay for access to the network of a UC specialist company. UCaaS can  be either a single-tenancy or multi-tenancy subscription. Single tenants receive a custom UC package just for them. Multi-tenant subscriptions work like an apartment building — each tenant gets their own secure, private apartment, which exactly the same as all the other units in the building.


SIP Security


A Session Border Controller (SBC) is a mechanism designed to protect VoIP networks. SBC can be either a dedicated hardware or software device, and its function is to regulate not only the way phone calls — or sessions — start and finish, but what happens while the session is taking place.


Like a firewall protects a data network, SBC serves as a gateway between a business and its carrier service, allowing only authorized sessions to pass. SBC also monitors quality of service, so that all parties can actually communicate, and emergency calls are prioritized. It also monitors session traffic to identify incoming threats.


SBCs are usually installed on both the carrier’s end and the business’s end.


UCaaS Security Pitfalls in a World Without SBCs


For most applications, cloud communications should be fairly simple. The business gets a few IP endpoints, connects to the cloud and hooks up with their host. When it comes to a VoIP network, however, things are a little more tricky than they seem.


Unlike with the similar, yet far less complicated process of SIP trunking, all traffic does not come from or go through a single point. In the case of VoIP-based UCaaS, signaling and RTP media come from each end point. Gumming things up even further, the P2P makes the far end point of the IP flow an end user. These access points can be VoIP-to-PSTN (Public Switched Telephone Network) or — more likely — IP endpoints with direct P2P RTP media flow (as is the case with Lync). When these systems are shared with other Internet-based systems (Skype, for example), security threats make UCaaS a complicated, risky affair.


In English, the main benefit of UCaaS — the ability to share UC with peers outside of a given network — open gaping holes in the security of that network.


SBCs close those holes.


SBCs solve the problems with UCaaS


SBCs control everything coming into and going out of a VoIP network, from video to phone calls to data. They also handle the signaling, intermediation and translation required to make a UCaaS network run smoothly. It maintains control over a network by allowing or forbidding sessions to travel between two end devices (such as a VoIP call traveling between two telephones).


SBCs also work to prevent denial-of-service (DoS) attacks, like the one that liquidated a New Jersey-based code hosting firm after a failed extortion attempt.


SIP Security


It appears that UCaaS may owe its dominance to the rise of SBCs, but without UCaaS, the concept of an SBC may never have risen in the first place. From parachutes and airplanes to ice rinks and Zambonis to coal mining and the steam engine, history is replete with innovation breeding problems, and those problems being solved with further innovation. UCaaS and SBCs are no different. One can’t function without the other — but when working in conjunction, they form a cohesive whole — one that may just change an entire industry.