alex_aldo - Fotolia

What are SBC configuration best practices?

Proper SBC configuration requires partnering with providers and security teams to examine circuits and potential traffic. Learn the best practices for implementing an SBC on your network.

The first step in network design for session border controllers is to determine the SBC functionality and decide which features you need to include. Not all SBCs have the same functions. Issue a request for information to learn which capabilities, such as quality of service functions, accounting features and equipment interoperability, are available from your provider.

Once you have figured out your required capabilities, it's time to consider your budget. Your circuit provider may have a preferred SBC vendor, but that doesn't mean you are required to use it. Make sure whichever vendor you choose supports IPv6 to prevent early upgrades, which could result in hardware changes, unscheduled downtime and shortened system life.

Choosing the right provider

When choosing an SBC provider, be sure to consider maintenance patches, lifecycles, availability of support during business hours, maintenance costs, power usage, design assistance and customer referrals.

No matter which SBC provider you choose, security should be your primary concern. It won't matter how good the SBC configuration is if you're hit with an attack. See what support your vendor offers in the event of a breach. Additionally, determine what application protocols, such as Session Initiation Protocol, will traverse the system and set quality of service accordingly.

When sizing SBCs for traffic, look to your current system statistics. The number of packets passed will indicate the traffic to expect with your new system. If you are new to SBCs and not sure how to size them for traffic, your vendor and industry peers can provide budgetary packet insight.

You will likely be working within your demilitarized zone, so coordinate with your security team if devices, including SBCs, firewalls and routers, are not under your supervision. It's a good idea to vet the SBC configuration prior to installation with all relevant departments and vendors, including your telco carrier, to ensure your lines can handle anticipated traffic. Build in some bonus space for traffic peaks and growth.

Many carriers enable you to increase your circuit size and bandwidth, but not all enable you to decrease them. When you do increase circuit size after the initial contract, some carriers will restart the contract period. While this isn't necessarily a problem, it can limit your options near the end of the contract term. Don't buy bigger circuits than you need.

However, if you are on the cusp of needing a faster circuit or more advanced SBC, it's generally better to upgrade than to struggle with a circuit or SBC that isn't up to par.

Evaluating network health

In all cases, you must ensure your network is healthy. If you see dropped packets or a lot of retransmissions, check whether the cable plant can support your hardware in an error-free manner. Don't rely on the specs on the cable jacket as a guarantee of performance. Even if the cable plant tested out correctly during the initial installation, degradation can occur due to moves, adds and changes to the system.

If you still have errors after checking the cable plant, the next step is to troubleshoot the switch ports, network cards, router ports and other electronics. You want the least number of port-to-port handoffs possible while maintaining a secure transmission link. Each handoff will add some latency.

Be sure to update any SBC configuration documentation with any upgrades or changes to the design during the installation process.

Dig Deeper on Collaboration and communication security