Microsoft Teams Direct Routing is being adopted as the most popular method to activate business telephony via Microsoft Teams. The majority of Direct Routing connections are based on Session Border Controllers (SBCs). Recent reports on SBC vulnerabilities show that SBCs are the weak link in the chain and continuous expert effort is needed to ensure risks are being handled. A secure VoIP solution is the ultimate necessity of a company to thwart the increasing VoIP attacks emerging each day. Let’s have a look at how Microsoft deals with SBC security in its Microsoft Teams Direct Routing Solution.
THE “FRIENDLY” ATTACKS DURING CONFIGURATION
An IT communications expert who was hired to deploy Microsoft Teams Direct routing , narrates his experience:
“While I was deploying Microsoft Teams Direct Routing with SIP trunks and a Session Border Controller (SBC), I happened to sense various SBC security vulnerabilities soon after I turned up the public interface. Long before the Teams configuration was complete there appeared a number of OPTIONS requests and huge SIP traffic from unknown sources. This traffic was supported by IP addresses trying to connect to my systems from around the world via malicious SIP scripting and scanning utilities. It was an alarming situation for me. Headers like “SIP Vicious”, “friendly-scanner”, and “PPLSIP”.
This scenario is not a unique one. All over the internet, attackers are in search of vulnerabilities. While SBCs are scanned in order to attempt hijack calling capabilities, admins can take this opportunity while deploying Microsoft Teams Direct Routing to configure and test the security rules provided by Direct Routing.
The best way to use Direct Routing is not using an SBC at all. By eliminating the man-in-the-middle, you automatically eliminate the man-in-the-middle threats.
MachCloud eliminates the SBC and public cloud in the Direct Routing set-up and is the only technology with a direct connection to Microsoft Team’s end-to-end encryption. Moreover, the platform provides multi-factor authentication to Microsoft’s domain, avoiding third-party access to Admin credentials. Thus any security risk related to SBC usage is eliminated.