SIP trunking ensures the privacy of all calls traversing the enterprise network, while maintaining a well-defined demarcation point between the core and access network. In addition, with the SIP Trunking feature in Avaya SBC, an enterprise can maintain granular control through well-defined domain policies. These domain policies secure SIP implementations or servers of customers from known SIP and Media vulnerabilities.

Because the Avaya SBC security device is deployed in the enterprise DMZ as a trusted host, all SIP signaling traffic destined for the enterprise is received by the external firewall and sent to the SBC device for processing. See Figure : 1. If the signaling traffic is encrypted, the Avaya SBC device decrypts all TLS encrypted traffic and looks for anomalous behavior. Then, Avaya SBC forwards the packets through the internal firewall to the appropriate IP PBX in the enterprise core to establish the requested call session.