A session border controller acts as a router between a network and carrier service, enabling only authorized sessions to pass through the connection point or border. An SBC defines and monitors the quality of service (QoS) status for all sessions, ensuring that callers can actually communicate with each other and that emergency calls are delivered correctly and prioritized above all other calls. An SBC can also serve as a firewall for session traffic, applying its own QoS rules and identifying specific incoming threats to the communications environment.
Generally, communications providers secure their own environment to their own standards. But with so many network touchpoints and layers required to deliver an application, a continuously expanding number of attack surfaces means near endless vulnerabilities that fall out of this purview.
What happens when a carrier needs help evaluating the SBC deployed in their environment, especially when they have critical customer relationships dependent on the carrier’s QoS? How do they know their vulnerabilities and how do they address those gaps in their security strategy?
The solution involves penetration tests that conform with the recommendations in NIST 800-115 section 5, using a large set of known threat signatures. The process consists of multiple phases – planning, reconnaissance, scanning, exploitation, post-exploitation, and reporting.
Having a real-world view of this kind of challenge, where numerous vulnerabilities were discovered, is valuable to see a methodology of turning challenges into solutions. To learn more, read the case study.