As more businesses migrate to cloud-based communications, whether Skype for Business Cloud PBX or a UCaaS platform, protecting the communications network becomes an immediate concern. Every business understands the importance of keeping their lines of communications open, avoiding downtime and keeping themselves safe from attack, so it’s no wonder that security is a top priority. According to a report released by Akamai earlier this year, DDoS and web application attacks are up 23% and 26% year over year. And once a hacker has you targeted, they don’t let up. The rate of repeat DDoS attacks has skyrocketed and target organizations get hit an average of 29 times, with one company targeted 283 times.
As we’ve covered in the past, Session Border Controllers are the answer for businesses looking to secure their communications network, in much the same way that firewalls are for data networks.
But for companies, especially small and medium businesses, focusing on security and deploying an SBC isn’t always top of mind. Although Microsoft ‘strongly recommends’ deploying an SBC with any Skype for Business deployment, it’s estimated fewer than half of the companies do so. To learn more about how businesses - and the service providers they rely on - are addressing this issue in an increasingly cloud-based world, I recently spoke with Rich DeFabritus, the Senior Product Marketing Manager at Sonus, a leading maker of Session Border Controllers. “There is no question that as SMBs transition their communications to the cloud, they should be increasingly aware of the need for an SBC,” says DeFabritus. “As with most technology, they are looking for ways to make it simple to deploy and ideally prefer to minimize the outlay of CAPEX.”
SMBs Looking Towards Communications Service Providers for Cloud Based Security
In the past, we’ve discussed the various options that businesses have when it comes to SBCs, virtualization and the cloud. This includes the concept of SBC-as-a-Service. As we explained:
In this instance, the service provider handles all aspects of delivering SBC capabilities as a service from their own cloud. Customers eliminate all hardware requirements and rely on the Communications Service Provider (CSP) for setup and management, software upgrades and network configuration and security for their SBC instance. “In this scenario, service providers have their own orchestration software which allows them to adapt to identified traffic spikes,” says [Walter] Kenrich [Director of Marketing at Sonus]. “They can utilize load balancing across instances to elastically react and can even take advantage of analytics to do so dynamically and proactively.” Just like every other area of computing, expect to see more businesses providing as-a-service offerings for SBCs.
As DeFabritus pointed out, the concept of SBCaaS is very appealing to SMBs because they may not have the internal resources or expertise to deploy and manage their own SBC, even if it is virtualized. “Our service provider partners have expressed a growing desire among their SMB clients to outsource the management of their entire communications stack, including the security layer. From their perspective, the optimal solution must be ‘right-sized’, meaning the virtual SBC requires a much smaller footprint than has traditionally been available.”
Delivering SBCaaS With the Right Footprint
According to DeFabritus, the level of interest among smaller businesses for communications security as a service has been a real eye opener for service providers. “Larger service providers like AT&T and Verizon have relationships with tens of thousands of SMBs and they have customers asking them for solutions on everything from Unified Communications to security. They want to offer their customers SBCaaS, but only at the level their customers need and a price they can afford.”
This has been a challenge, as the initial software edition SBCs were designed for larger businesses that were early adopters and were comfortable with virtualizing or even outsourcing network functions. These virtual SBCs can be resource intensive and tend to have a larger footprint, both from a software and hardware perspective, as they need to process the interworking, transcoding and security components of an SBC for a larger enterprise, but do so on COTS (common-off-the-shelf) hardware without specialized hardware and chip sets.
This is overkill for most businesses, says DeFabritus. “We have been getting a tremendous amount of interest in our SBC SWe Lite, which is a fully featured SBC that uses the same code base as our SBC 1000 and 2000, but consumes about half the resources of the nearest competitor.” The reason this is important to service providers is because the solution can be quickly deployed on a standardized server that hosts other virtual applications they manage on behalf of their clients. It is easy to set up, move, manage and scale as customers need, which comes in handy when a customer needs to quickly ramp up their call center for the holidays, for example.
“SBCaaS is gaining traction because enterprises are beginning to realize the importance of securing their mission-critical communications network, and many of them have been putting it off. Now they have an option that their service providers can offer them on a per user, per month basis that addresses their needs.”
Sounds like a Goldilocks solution...not too big, not too small, just right.