Infrastructure // Unified Communications
04:00 PM
Connect Directly
Repost This

Session Border Controllers For UC: 3 Big Benefits

Using VPNs for unified communications access can be frustrating for users and IT. Session border controllers offer improvements in security, economy, and usability.

If you're like me, you're likely reading this on a mobile device -- which is quite appropriate, since it was written moving at 500 mph on a cross-country flight. Mobile devices have changed almost everything we do, and users are depending on their enterprise IT teams to enable their mobility and communications needs.

IT departments everywhere are being pressured to open voice over IP networks to mobile and teleworking clients, including softphones, employee-owned smartphones, and an increasing number of video-capable devices. Sales of laptop computers are declining as increasingly powerful mobile and tablet devices gain market share.

Providing users of mobile devices with rich unified communications (UC) functionality, enterprise-class security, and protected user privacy is no small task. The tools must be simple to use and easy to connect from any network. Until now, virtual private network (VPN) connectivity has been the most popular solution. But VPNs fall short in a couple of ways:

  • They provide broad, relatively uncontrolled access to a wide range of corporate network resources, placing those resources at risk.
  • For mobile users, manually configuring VPN connections is a hassle.

For example, enabling a mobile user with a UC platform like Avaya Flare for iPad requires the user to download Flare as well as a VPN client, such as Juniper's Junos Pulse. To use Flare, the user first launches Junos and connects to the VPN gateway with their corporate credentials. Their iPad gains full access to the entire corporate network. Then the user is able to launch Flare and use the Flare Experience for mobility and video -- if they can remember what they wanted to talk about.

If the iPad powers off or the VPN connection times out (as often happens), the user must log in to the VPN again before using Flare. This kind of experience can lead to two very unwelcome results. One, the user begins yelling at someone in the IT department, creating helpdesk tickets and driving up operational costs. Two, the user abandons the solution completely, turning the UC investment into a failure.

Using a session border controller (SBC) enables us to achieve several things that a VPN cannot, by implementing Session Initiation Protocol (SIP). We often deploy the Avaya Session Border Controller for Enterprise R6.2 to connect SIP-based UC clients without a VPN, while exposing only the resources needed for UC. The SBC also continues to inspect sessions and data for unexpected SIP request behavior, like abnormal phone call requests.

Why use an SBC? There are three main advantages:

Security: The SBC sets up a "mail slot" that securely connects UC devices only to your session manager and communication manager, rather than throwing open the front door and allowing mobile devices to connect to anything on your corporate network. This allows you to enable robust UC capabilities while preventing unauthorized access to enterprise databases and file systems.

Economy: Devices like the Avaya SBC provide sophisticated, application-layer security -- including a SIP firewall, intrusion detection and prevention system, access controller authentication, and UC proxy and policy enforcement functionality -- all in one box, on top of the basic SIP trunk-handling functionality. Fewer devices reduces administration and makes edge connectivity cheaper and easier on your IT staff.

Usability: Relieving users of the song and dance required to make VPN connections makes mobile enablement realistic for everyday, routine usage. Once the preconfigured SBC client resides on the mobile device, it can automatically find and connect to the enterprise network whenever it is available. Connections can be "always on" and secure.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
David F. Carr
David F. Carr,
User Rank: Author
11/19/2013 | 10:10:18 AM
Still exotic?
Is SBC still an exotic technology, unknown to most organizations? Or is it starting to become more commonplace?
Building A Mobile Business Mindset
Building A Mobile Business Mindset
Among 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps and it's past time for those with no plans to get cracking.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Elite 100 - 2014
Our InformationWeek Elite 100 issue -- our 26th ranking of technology innovators -- shines a spotlight on businesses that are succeeding because of their digital strategies. We take a close at look at the top five companies in this year's ranking and the eight winners of our Business Innovation awards, and offer 20 great ideas that you can use in your company. We also provide a ranked list of our Elite 100 innovators.
Twitter Feed
Audio Interviews
Archived Audio Interviews
GE is a leader in combining connected devices and advanced analytics in pursuit of practical goals like less downtime, lower operating costs, and higher throughput. At GIO Power & Water, CIO Jim Fowler is part of the team exploring how to apply these techniques to some of the world's essential infrastructure, from power plants to water treatment systems. Join us, and bring your questions, as we talk about what's ahead.