With reports in the news of high-profile hack attacks against major corporations like Sony, many businesses are wisely looking at their own defenses and asking “Are we vulnerable?” By and large, the answer is probably “Yes.”
The state-of-the-art hacking and intrusion techniques currently in use are generally effective well beyond the usual security measures installed by businesses. Firewalls are typically only installed near the access level, well inside the network, leaving the network border just as open as an unprotected physical border between nations.
Like national borders, proactive measures at the network border are far more effective than tracking intrusions after they’ve occurred. This is a key reason Enterprise Session Border Control (SBC or eSBC) is quickly becoming a necessity. The combination of smart, proactive Intrusion Prevention Systems and firewalls along a network border delivers more robust internal security.
Five Reasons eSBC Is A Necessity For Modern Business Security
#1. Distributed Denial-of-Service Prevention
Distributed Denial-of-Service (DDoS) attacks are among the biggest fears in modern corporate security. The attacks are easy for hackers to launch, and currently there are no security systems which can entirely defeat a large DDoS attack.
That said, large-scale attacks (involving millions of bots) are generally reserved for high-profile targets. For most smaller businesses, eSBC will provide adequate warning and protection against smaller attacks.
#2. Voice over Internet Protocol (VoIP) Traffic Control
Internet traffic management, a standard addition to eSBC packages, provides software or hardware control over the number of VoIP connections allowed in and out of a business’ network. These systems monitor traveling data packets for any sign of malicious activity. Newer DDoS variations target VoIP systems rather than primary servers. eSBC can prevent these types of intrusions as well.
#3. Hidden Topography
Many forms of packet requests used by hackers, such as VoIP transmissions, will send back information about the topography of the network. Similar to bank robbers “casing” a bank before a crime, it is common for hackers to use such techniques to probe a network and map out its structure in preparation for more specific targeted attacks.
eSBC systems can combat network probing by preventing network information from being sent back to attackers. When hackers can’t see the internal network topography, they are likely to pick a more vulnerable target instead of pursuing a full attack.
#4. Toll Fraud Protection
Toll fraud is niche of system cracking that is dedicated entirely to getting access to a company’s on-site VoIP system and relaying calls through so they are more expensive. The costly charges are passed on to the business. eSBC technology can prevent this by automatically blocking all secondary dial tone sources.
#5. Session Initiation Protocol (SIP) Encryption Services
SIP, a technology used to negotiate VoIP sessions is also a vulnerable part of a business network. Most SIP packets are in plain text, making them easy to intercept, exploit, or mimic. eSBCs use Secure Realtime Protocol with encrypted handshakes to remove this weak point in system defenses.
The Year Of Computer Security
A power imbalance in computer security, tilted heavily in favor of hackers, currently exists. The year 2015 is likely to be one that separates companies that are serious about security from those who are not. It is very likely that a network-reliant company without Enterprise Border Security will be among those companies that are open to attack.