02-22-2021 01:30 AM
We are wanting to connect our on prem CUCM to a cloud based SBC. Is there any reason that I can't create a secure sip trunk directly from CUCM to the cloud based SBC? I am assuming, that as long as it is encrypted, all security aspects are covered? I appreciate the Sip trunk would normally be terminated at the Cube, but I am curious as to any reason a direct approach cannot be taken?
Solved! Go to Solution.
02-22-2021 10:52 AM
Number one reason is that you would have to open up for all devices in your network to communicate directly with the cloud SBC as the RTP stream would go directly between the phone and the cloud SBC. The trunk from CM to the cloud SBC will only handle signaling. This would expose you’re entire network to the service provider. With a SBC (Cube) on your side this would not be the case as it acts as a demarcation point between your internal network and the service provider SBC. With a SBC both signaling and media streams flows through the device and as such hides the internal network from the service provider.
02-22-2021 10:52 AM
Number one reason is that you would have to open up for all devices in your network to communicate directly with the cloud SBC as the RTP stream would go directly between the phone and the cloud SBC. The trunk from CM to the cloud SBC will only handle signaling. This would expose you’re entire network to the service provider. With a SBC (Cube) on your side this would not be the case as it acts as a demarcation point between your internal network and the service provider SBC. With a SBC both signaling and media streams flows through the device and as such hides the internal network from the service provider.
02-23-2021 07:41 AM
yes, that makes perfect sense, thank you Roger for identifying a very good reason.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide