ABC SBC for Government
The ABC SBC
The ABC SBC provides the core VoIP security technology of the Secunet (SBC) which was developed in cooperation with the Secunet GmbH.
The Secunet (SBC) is the only session border control solution that has received an EAL4+ certification from the German BSI and is hence the ideal solution for any customer looking to fulfill German governmental security compliance (VS-NFD) for their voice and video deployment.
Network Separation
The VS-NfD guidelines recommend dedicated networks for voice, video and data services. This ensures that a security breach in one network will not spill over to other services and networks. The Secunet (SBC) provides a combined firewall and SBC functionality that is designed to secure the transition between separate services and networks and hence enable soft- or desk phones to join a video conference for example.
Connection to High Security Networks
In order to enable voice and video communication between a local network and high security network such as NdB (Netzwerk des Bundes), a certified solution providing firewall and SBC functionality is required. The Secunet (SBC) as an EAL4+ certified solution is already deployed by multiple governmental institutions as the connection node towards the NdB as well as secured WAN connection.
Trusted WebRTC
Signaling protocols used in WebRTC are often proprietary and hence untrusted. The FRAFOS WebRTC solution extends trusted voice or video solutions with WebRTC in a transparent and secure manner. Using the FRAFOS WebRTC solution users can join a video session held on a trusted SIP-based video from conferencing system from their browsers.
Secure Connection to the Public Internet
Highly trusted solutions are a must when connecting an internal voice or video service of high security requirements with the public Internet or a public VoIP service. The VS-NfD guidelines require a so called PAP architecture consisting of a Packet filter facing the public Internet, a SIP-aware Application Level Gateway and a Packet filter facing the local network. All components need an EAL4+ certification and the two packet filters are to be provided by different vendors. The Secunet (SBC) provides the A and one of the P of such an architecture.
Central Management
Different Secunet (SBC and WebRTC gateway instances) might be needed to cover different security needs and scenarios. A single Secunet (SBC management and monitoring) can still be used to manage all instance. Beside managing the configuration and software from a central location, the Secunet (SBC management solution provides an overview of the availability and performance of the different instances as well as call statistics and detailed insight of any anomalous behavior).