The Network Engineer Just Got a Second Set of Eyes

We built a live AI-powered Oracle SBC analyzer during a client engagement. Here's what it does, why it matters, and where this kind of tooling is going.

The Network Engineer Just Got a Second Set of Eyes

There's a specific kind of dread that comes with opening a large enterprise network config file. For Oracle Session Border Controllers — the infrastructure layer that manages every SIP call, every Teams Direct Routing path, every E911 emergency — that config can run to six thousand lines. Inside it are the answers to questions like: why is the Canada leg using a different SRTP policy than the US leg? Why is there a steering pool for a realm that nothing references? Why does this SIP manipulation rule exist and does it still need to?

Finding those answers the traditional way means a senior engineer, a lot of time, and the kind of pattern recognition that only comes from having done this for years.

We just built something different.

What the SBC Analyzer Is

During a recent Oracle SBC engagement at an enterprise client, we built an AI-powered configuration analysis tool that takes a running config — the raw text output of show running-config — and produces a structured, prioritized analysis in about fifteen seconds.

Upload the config. The tool parses it, identifies every realm, session agent, session group, SIP interface, local policy, and manipulation rule. It runs each against a security and design audit. It maps every distinct call path — inbound PSTN, outbound Teams Direct Routing, E911 with Intrado, REFER loop-backs, callback routing. Then it lays it all out in a navigable dashboard: a summary with severity-weighted issue counts, a filterable issues list with descriptions and remediation steps, and interactive call flow diagrams for each path the config defines.

It found fourteen issues in the client's configuration that hadn't been surfaced in prior reviews. Five of them were high severity — including HTTP management enabled on port 80, TLS certificate revocation checking disabled across all four production TLS profiles, and SNMP v1/v2c with no v3 path despite twenty-plus authorized polling IPs. The others ranged from orphaned realms with no active call path to a Cisco SME workaround baked into production SIP manipulation that nobody had thought to document.

All from uploading a text file.

Why This Matters Beyond the Obvious

The obvious value is speed. A review that would take an experienced SBC engineer the better part of a day happens in seconds. But the more interesting value is consistency. Human reviews are shaped by what the reviewer has run into before. The AI model applies the same evaluation criteria to every config, every time — TLS version enforcement, cert revocation, SNMP version, orphaned objects, media security policy asymmetries, codec enforcement on safety-critical paths. It doesn't miss the E911 realm issue because it's focused on the Teams leg.

For an enterprise running multiple SBC sites across geographies, this kind of consistent baseline is genuinely difficult to achieve with traditional staffing.

Where This Goes

The current tool is built for Oracle / Acme Packet configs. The architecture extends naturally. The same approach applies to Cisco CUBE, AudioCodes, Ribbon/GENBAND — any vendor whose running config is structured text. You give it domain knowledge about what good looks like, and it flags what doesn't match.

Beyond single-file analysis, the expansion path looks like this:

Config comparison. Upload two configs — before and after an upgrade, or Site A versus Site B — and get a diff that highlights not just what changed, but which changes represent risk. A new realm with no session agent pointing to it. A SIP manipulation rule added without a corresponding local policy.

Pre-upgrade readiness. Before any firmware change, run the current config through the analyzer and get a report flagging every known incompatibility with the target version. Deprecated ACLI commands. Realms that need to be cleaned up before the upgrade can proceed.

Compliance baseline. Define your organization's standard config policy — TLS must be 1.2, cert revocation must be enabled, HTTP management must be disabled, SNMP must be v3 — and run any config against it. Every deviation is a finding. Every finding has a remediation command. Your compliance posture is auditable, repeatable, and not dependent on who's on shift.

Fleet intelligence. For MSPs managing SBC infrastructure across multiple clients, the tool becomes a fleet dashboard. Each client's config is analyzed on a schedule. Issues are triaged by severity. Changes since last analysis are flagged. The senior engineer's attention goes where it's actually needed.

AI-assisted remediation. The current tool identifies issues and recommends fixes. The next version writes the ACLI commands. You review them, run them, done.

The Honest Assessment

This kind of tooling doesn't replace senior SBC engineering judgment. It changes where that judgment is applied. Instead of spending four hours finding the issues, you spend four hours resolving the ones that matter. The config review that used to require blocking a senior engineer for a day becomes a starting point for a focused, prioritized conversation.

At Safire Business Services, we use tooling like this to do more careful, consistent work on network engagements — and to catch the things that are easy to miss at the end of a long review when you're looking at line five thousand and your eyes are crossing.

If you're managing Oracle SBC infrastructure and want to know what's in your config, we can help.