One way to make the PBX available to users from any location is to run it on a public IP address. A session border controller (SBC) is a necessary component for operating a telephony service in the cloud. Vodia has had its own SBC from the beginning , and it's grown into a core component of our PBX.
From version 1.0 on, the Vodia PBX has included an SBC designed for running on a public IP address, similar to email and web servers that serve multiple tenants simultaneously. Our SBC dramatically reduces costs for cloud instances, number of IPv4 addresses and server maintenance such as software updates.
Our SBC handles all necessary encryption algorithms for secure communication. The Vodia PBX terminates WebRTC traffic natively, making it possible to call internally from WebRTC-based clients such as web browsers or Android apps to standard VoIP phones. It comes with built-in support for Let’s Encrypt® service, which makes it quick and easy to obtain the necessary certificates.
Transport Layer Security, and its older iteration, Secure Sockets Layer, are cryptographic protocols designed to provide communications security over a computer network. Vodia uses TLS wherever possible to secure communication with the PBX.
The Secure Real-Time Transport Protocol is a profile for Real-Time Transport Protocol intended to provide encryption, message authentication and integrity, and replay attack protection to the RTP data in both unicast and multicast applications. If necessary, the PBX translates between devices that are unable to encrypt and devices able to encrypt to maximize the security of the call.
Datagram Transport Layer Security (DTLS) is a protocol used to secure datagram-based communications. It's based on the stream-focused Transport Layer Securitysimilar level of security
Network address translation traversal is a computer networking technique for establishing and maintaining Internet protocol connections across gateways that implement network address translation.
When operated on a public IP address, the PBX automatically detects a device is located behind a firewall and adjusts the routing to that destination. This is important for users who work from home and for users using the iOS or Android app. There is no need to use a STUN server, which dramatically reduces the installation complexity.
Sometimes the PBX cannot be run on a public IP address - for example, when the PBX is run in the LAN or on Amazon EC2. In this case, the PBX needs to present the routable address when devices are connecting from outside addresses; at the same time, traffic in the LAN or through VPN will use the private addresses.IPv4
When operating on public addresses, it is only a question of time as to when a scanner will attempt to use the PBX for to make phone calls. The PBX keeps track of these attempts and automatically blocks these devices and services.
The Vodia load balancer can distribute incoming traffic for SIP, HTTP and other protocols to the right server instance in a cluster; when using multiple instances, this improves the resilience against DoS attacks. Multiple SIP trunks can be combined into a single trunk, making it possible to use a single SIP trunk for all PSTN termination needs. Used as a global load balancer, this makes it possible to access PBX instances behind a firewall for maintenance purposes, without having to set up rules in the firewall. This is useful when operating devices such as the Vodia IOP on customer premises.
The Vodia PBX was one of the first to support dual stack IPv4 and IPv6 operation. It's possible to establish calls between IPv4 and IPv6 clients - this makes the migration to IPv6 easier, and it makes the Vodia PBX a safe investment.
It is one of the core protocols of standards-based working methods for the Internet and other packet-switched networks. It still routes most Internet traffic today, despite the ongoing deployment of a successor protocol, IPv6. IPv4 uses a 32-bit address space ,which provides 4,294,967,296 (232) unique addresses, but large blocks are reserved for special networking methods.
IPv6 provides other technical benefits, as well as a larger addressing space: it permits hierarchical address allocation methods that facilitate route aggregation across the Internet, thus limiting the expansion of routing tables. IPv6 uses a 128-bit address, theoretically allowing 2128 (approximately 3.4×1038 addresses).IPv4