Acme Packet IP trunking for PBX solutions

IP trunking makes use of two main signaling protocols, SIP or H.323. The decisions to use which one is based on the IP PBX installed, service provider service options and availability of signaling interworking functionality. Session Initiation Protocol (SIP) is the predominant signaling protocol in new unified communications deployments and is the favored method for interconnecting enterprise and service provider networks in North America. H.323 signaling is also still widely used by enterprises worldwide and a number of service providers offer H.323-based IP trunking as a service, especially in Europe.

Enterprises—including contact centers, universities and government organizations—have a growing interest in using SIP and H.323 trunks from fixed line service providers for interconnecting IP PBX islands and enabling native IP communications for voice, conferencing, messaging and collaboration applications. As enterprises migrate to an all-IP communications environment, they are looking to service providers to take VoIP traffic from their sites and provide IP-to-PSTN gateway services for inbound and outbound traffic.

Fixed line service providers can help enterprise customers reduce costs by leveraging more efficient and economical IP connections. Direct VoIP peering between enterprise sites also simplifies the introduction of enhanced communications services for enterprise customers.

Our SBCs allow fixed line service providers to provide enterprise customers with IP trunks for connectivity to the PSTN and other enterprise IP networks so their enterprise customers can:

Reduce costs, both capital and operating, by eliminating media gateways and TDM voice trunks, while collapsing applications on existing data network
Simplify operations by transferring media gateway and PSTN interconnection management to a service provider
Accelerate provisioning and deployment since IP interconnects can be provisioned in days as opposed to months
Enhance operations with flexible routing policies that provide cost-effective call termination, disaster recovery and business continuity
Improve quality by eliminating unnecessary IP-to-TDM-to-IP conversions and exploiting high-fidelity codecs
Enable new applications that require end-to-end IP connectivity, such as interactive video, presence, instant messaging, multimedia collaboration and unified communication

Our Net-Net SBCs are compliant with SIPconnect, a SIP Forum initiative that builds on existing IETF standards to define a method for interconnection between IP PBXs and VoIP service provider networks. SIPconnect specifies a reference architecture, required protocols and features, and implementation rules necessary for seamless IP peering between IP PBXs and VoIP service providers.

Enterprises are connecting their VoIP networks to service providers and other organizations using IP as opposed to costly TDM hand-offs for a variety of cost-saving applications, including:

PSTN termination or origination
Enterprise VoIP peering
Hosted services—call recording, conferencing, contact center
Regulatory services—lawful intercept, emergency services

The traffic exchanged today is predominately VoIP, but in the future it will include IP video, multimedia/collaborative sessions and other services making use of IP signaling protocols.

Challenges

Connecting IP PBXs to service providers’ networks using IP trunks introduces challenges and unique requirements for building a trusted and successful border between the enterprise and service provider. Some of the critical capabilities required at this border include:

Security— hiding and protecting network resources and user information from attack and misuse
Application reach— exchanging traffic across heterogeneous networks with differing or conflicting network characteristics, such as IP addresses, signaling and transport protocols, codecs, encryption, etc.
SLA assurance— handling latency-sensitive traffic with high priority and maintaining network availability and high service quality during abnormal busy periods
Regulatory management— enabling emergency service routing and call recording in order to comply with government regulations for VoIP
Cost management— routing calls in cost effective manner and capturing session data for accounting and traffic management and planning

To overcome these challenges, enterprises and services providers are deploying Acme Packet SBCs at both ends of the IP trunk. The SBC enables seamless communications across network borders between the enterprise sites and the service provider network.

Benefits

Our SBCs mediate the differences in the various networks as well as provide security, quality and cost control at the ingress and egress of those networks. Our Net-Net SBCs are designed to satisfy the critical security, service reach maximization, SLA assurance, cost management and regulatory compliance requirements to enable IP trunking for enterprises.

Security

In IP networks, critical resources can be exposed to external parties, thus elevating the risks of denial-of-service (DoS), eavesdropping and other malicious attacks. To protect critical service elements, such as IP PBXs, SIP proxies, Automatic Call Distributors (ACDs) and application servers in the network, our unique Net-SAFE security architecture helps organizations build trusted and secure borders. Our security features protect user and corporate privacy and ensure network availability.

Feature	Benefit
Hardware-based packet filtering and access control	Prevents DoS and DDoS attacks on the SBC and enterprise core infrastructure Prevents unauthorized access Malicious sources are detected and isolated
Dynamic trust management	Classify devices or users as trusted, untrusted or malicious based on signaling behavior Trusted user traffic is prioritized over untrusted user traffic
Dynamic, signaled NAPT and back-to-back signaling	Deep packet inspection of signaling messages strips out confidential information Hides IP layer (layer 3) and signaling topologies (layer 5) from attack Allows architectural and topology changes in the core without affecting interfaces from external parties
Encryption (TLS, IPsec, SRTP)	Protects user privacy Increases scalability by aggregating encrypted connections and offloading processing from the core
Programmable header manipulation	Removes confidential signaling information Signature matching for intrusion detection and virus/worm/malware scanning
Signaling rate limiting	Prevents overload of IP PBX, SIP proxy and other signaling elements
LDAP interface for employee authentication and authorization	Prevents fraud Reduces cost by leveraging existing database
VPN separation	Secure separation of enterprise traffic to different service providers or on internal network
Intrusion detection protection and reporting	Provides protection against and awareness of unknown security threats and suspicious behavior Monitors potential security breaches while limiting false positives
Per-session media bandwidth policing	Prevents media-based DoS attacks Prevents bandwidth theft

Service reach maximization

All IP networks are not the same. They use different signaling, encryption or transport protocols, codecs or overlapping IP address spaces and dial plans. To allow calls to cross from one VoIP network to another, our Net-Net SBCs mediate between heterogeneous networks and maximize the reach of applications, allowing organizations to increase their addressable user base and accelerate deployments.

Feature	Benefit
Multiservice architecture with application virtualization	Partition and dedicate resources to specific applications Reduces the number of network elements Allows for unique application profiles and signaling options Fine-grained traffic, security and QoS controls
Interworking signaling (SIP, H.323), encryption (TLS, IPsec) and transport (TCP, UDP, SCTP) protocols	Maximizes number of networks for interconnection Eliminates need to change service core Freedom to make changes in core network and mediate differences at ingress and egress
Protocol normalization and repair including programmable header manipulation	Increased vendor interoperability Accelerated time-to-market
SIPconnect compliance	Eliminates need for IP PBX or SIP proxy compliance Ensures service provider interoperability
Number normalization and response code translations	Allows heterogeneous networks to interconnect without changing core elements
Overlapping IP address domain mediation and VPN bridging	Directly interface to multiple VPNs to minimize equipment costs Supports connections to external networks using overlapping private address space Secure separation and bridging of traffic Speeds integration of merged entities
Transcoding and filtering of fixed line and mobile codecs	Increases service reach through codec normalization Optimize network resources

SLA assurance

With growing VoIP call volumes, interconnecting enterprise PBXs to service provider VoIP networks can lead to oversubscribed and burdened networks that impact users. Our Net-Net SBCs provide call admission control, load balancing and QoS marketing and reporting features that deliver assured service quality and network availability during abnormal busy periods or network events.

Feature	Benefit
Flexible call admission control: policies defined by session agent constraints, bandwidth and QoS metrics	Prevents network overload Increases network availability
Session agent load balancing	Ensures uptime and availability during peak call times
QoS marking (ToS, DiffServ, MPLS)	Enables priority treatment of VoIP traffic
QoS reporting (jitter, delay, packet loss, MOS)	Determines quality of session from a media perspective Provides data for SLA reporting Aides network optimization Accelerates identification and resolution of problems
Answer Seizure Ratio (ASR) reporting	Determines quality of session from signaling perspective Provides data for SLA reporting Speeds time to identify and isolate problems for resolution and network optimization

Regulatory compliance

Public safety and law enforcement regulations for traditional phone networks are being applied to VoIP networks around the world. Our Net-Net SBCs deliver call routing and replication features and interfaces for regulatory compliance for IP interactive communications.

Feature	Benefit
Emergency session identification and breakout routing and admission control exemption	Enables priority treatment for emergency sessions
Call recording interfaces for external provisioning and post call processing systemsx	Facilitates selective or complete capture of call information, eliminating the need for additional components, reducing costs and complexity Reduces the number of devices for call recording, eliminating costs and decreasing complexity

Cost management

VoIP and other IP interactive communication services are designed to reduce expenses for enterprises. Yet inefficient network utilization and fraud can ruin the intended cash flow benefits. Our Net-Net SBCs deliver call routing, bandwidth policing and accounting features to help ensure the most cost-effective usage of an organization’s network, and the use of ENUM can reduce costs by keeping calls and transfers on-net via SIP trunking.

Feature	Benefit
Flexible routing policies: least cost routing, ASR-based, codec-based, etc.	Enables cost-effective PSTN termination Enables traffic grooming and optimizes call routing Unifies dial plans across IP PBXs and sites
ENUM (electronic numbering)	E.164 phone number routing decisions based on external ENUM database Enables VoIP calls to remain IP end-to-end, avoiding costly and unnecessary PSTN termination and call degradation due to media conversion
Bandwidth policing	Protects against bandwidth theft
Accounting via call detail records (CDRs) or RADIUS	Supports traffic planning and performance management Fraud prevention
Session timers	Prevents fraudulent and stranded calls Enables audit trails for fraud detection