As advancements in technology make remote working as seamless as ever, and burgeoning startups look to minimize their overhead, businesses in every industry are making the move to outsource their unified communications to a third-party host. Unified communications as a service (UCaaS) makes it possible for companies to save money on infrastructure, hardware, maintenance, and IT, all while receiving the benefits of a top-shelf UC system via the Internet from a company that specializes only in that. Why, then, would any enterprise not take advantage?


For many, the answer is security.


When you move your UC VoIP network off-site, you also move the control your business would have had in protecting and defending the sensitive data contained within. However, with the advancement of UCaaS throughout industries, there also came the advancement of session border controllers (SBC).


As is the case with so many other breakthroughs, one innovation leads to another, and UCaaS and SBC have become symbiotic partners in the telecommunication industry.




Unified communications as a service (UCaaS) is essentially unified communications (UC) that is hosted by one company and provided to another over the Internet. UC is a loosely defined concept in which many communications mediums (data, voice, messaging, video, chat, etc.) are brought together in a single platform. Since its inception in the 1980s — when a pioneering company integrated an email reader into its voice-messaging service — UC has been a goal of every business that values simplicity and effectiveness in communication.


But building a legitimate UC network is expensive and complicated. It requires significant money up front, regular maintenance and upgrades, and heavy investment in hardware and infrastructure.


UCaaS, however, removes those hurdles by allowing businesses to pay for access to the network of a UC specialist company. UCaaS can be either a single-tenancy or multi-tenancy subscription. Single tenants receive a custom UC package just for them. Multi-tenant subscriptions work as an apartment building — each tenant gets their own secure, private apartment, which exactly the same as all the other units in the building.


SIP Security


A Session Border Controller (SBC) is a mechanism designed to protect VoIP networks. SBC can be either a dedicated hardware or software device, and its function is to regulate not only the way phone calls — or sessions — start and finish, but what happens while the session is taking place.


Like a firewall protects a data network, SBC serves as a gateway between a business and its carrier service, allowing only authorized sessions to pass. SBC also monitors the quality of service, so that all parties can actually communicate, and emergency calls are prioritized. It also monitors session traffic to identify incoming threats.


SBCs are usually installed on both the carrier’s end and the business’s end.


UCaaS Security Pitfalls in a World Without SBCs


For most applications, cloud communications should be fairly simple. The business gets a few IP endpoints, connects to the cloud, and hooks up with its host. When it comes to a VoIP network, however, things are a little more tricky than they seem.


Unlike with the similar, yet far less complicated process of SIP trunking, all traffic does not come from or go through a single point. In the case of VoIP-based UCaaS, signaling and RTP media come from each end point. Gumming things up even further, the P2P makes the far end point of the IP flow an end user. These access points can be VoIP-to-PSTN (Public Switched Telephone Network) or — more likely — IP endpoints with direct P2P RTP media flow (as is the case with Lync). When these systems are shared with other Internet-based systems (Skype, for example), security threats make UCaaS a complicated, risky affair.


In English, the main benefit of UCaaS — the ability to share UC with peers outside of a given network — open gaping holes in the security of that network.


SBCs close those holes.


SBCs solve the problems with UCaaS


SBCs control everything coming into and going out of a VoIP network, from video to phone calls to data. They also handle the signaling, intermediation and translation required to make a UCaaS network run smoothly. It maintains control over a network by allowing or forbidding sessions to travel between two end devices (such as a VoIP call traveling between two telephones).


SBCs also work to prevent denial-of-service (DoS) attacks, like the one that liquidated a New Jersey-based code hosting firm after a failed extortion attempt.


SIP Security


It appears that UCaaS may owe its dominance to the rise of SBCs, but without UCaaS, the concept of an SBC may never have arisen in the first place. From parachutes and airplanes to ice rinks and Zambonis to coal mining and the steam engine, history is replete with innovation breeding problems, and those problems are being solved with further innovation. UCaaS and SBCs are no different. One can’t function without the other — but when working in conjunction, they form a cohesive whole.