Session border controllers (SBC), a rapidly growing category of network equipment, provides critical control functions to deliver high quality interactive communications—voice, video and multimedia sessions—across IP network borders.
A “session" is any real-time, interactive voice, video or multimedia communication using IP session-layer signaling protocols such as SIP, H.323, MGCP, Megaco/H.248 or RTSP. The "border" is any IP-IP network border such as those between service provider and enterprise, residential or mobile customer/subscriber; or between two service providers. The "control" functions satisfy new requirements in five major areas - security, service reach maximization, service level agreement (SLA) assurance, revenue and cost management and regulatory compliance:
Security - SBCs protect themselves, softswitches, IP PBXs, UC servers and other elements of the service delivery infrastructure, as well as customer networks, systems and relationships. They protect customer networks and session privacy, and provide denial of service (DoS/DDoS) protection from malicious attacks and non-malicious overloads.
Service and application reach maximization - SBCs extend the reach of offered services by enabling interoperability to maximize the different types of networks and devices supported. Support is provided for enabling sessions to traverse existing data firewall/NAT devices, bridging private networks using overlapping IP addresses and virtual private networks, or VPNs, mediating between different signaling, transport and encryption protocols, converting between incompatible codecs, and translating signaling-layer telephone numbers, addresses and response codes.
Service level agreement assurance - SBCs play a critical role in assuring session capacity and quality. They perform admission control to ensure that both the network and service infrastructure has the capacity to support a session with high quality. SBCs also monitor and report actual session quality to determine compliance with performance specifications set forth in service level agreements between service providers, contact centers and large enterprises, and their external or internal customers.
Revenue and cost management - SBCs can help organizations increase revenues and/or control costs by protecting against both bandwidth and quality of service theft, by routing sessions optimally to minimize costs, and by providing accounting and related mechanisms to maximize billable sessions.
Regulatory compliance - SBCs enable compliance with government-mandated regulations worldwide, including emergency services such as E-9-1-1, national government priority services such as Government Emergency Telecommunications Service (GETS), lawful intercept such as the Communications Assistance for Law Enforcement Act (CALEA) in the United States and call recording.
Multiservice security gateways
Multiservice security gateways (MSG) are a very specific type of IP network “border controller” used by mobile service providers. A MSG securely connects subscribers to their mobile voice and data services over the untrusted Internet and/or untrusted wireless networks. As a “gateway” they are deployed at the border between the core mobile services network and the untrusted wired Internet and/or wireless networks that use public, unlicensed spectrum such as WiFi. They are “multiservice” in that they transport both voice and data services. Their “security” function authenticates mobile endpoints, secures the voice and data traffic within IPsec tunnels to ensure privacy and protect against theft, and defends against DoS/DDoS attacks on the mobile service infrastructure at the TCP/IP and IPsec networking levels to deliver non-stop service.
Used in conjunction with WiFi and femtocell access points in homes and businesses, MSGs overcome the poor radio access network coverage found in many geographic areas and inside large buildings. Consequently, they can accelerate fixed-mobile substitution - making the wireless phone the only phone - for today’s mobile circuited-switched TDM voice and IP packet data services. This solution also reduces mobile service provider networking costs by using the “free” Internet for backhaul.
MSGs will also help enable new revenue opportunities by delivering enhanced SIP-based applications such as video sharing, video calling, push-to-talk, home monitoring, instant messaging, multimedia collaboration, white-boarding, international toll bypass and others. Eventually, SIP-based voice will replace today’s circuited-switched TDM basic voice service. These SIP-based services are controlled by the SBC, making the integration of SBC and MSG a natural combination.
Session routing proxies
Session routing proxies (SRP) route SIP-based voice, video, instant messaging and multimedia sessions within and between the mobile, fixed-line and transit networks of service providers. Session routing proxies address scaling problems when session routing decisions become much more complex, requiring a dynamic, real-time routing decision for each individual session for multiple sources and destinations within a network. These source and destinations are other SIP signaling elements such as session border controllers, wireless Mobile Switching Centers (MSC), IMS subscriber call control elements, CLASS 5 softswitches, Cable Modem Termination Systems (CMTS) and softswitches controlling media gateways.
Provisioning routing information and control in each of these SIP elements is extremely expensive and error-prone. Enabling each element to make routing decisions also increases capital costs since additional hardware processing is required by each element. The use of a SRP centralizes and consolidates routing control, reducing costs. Since the source and destination SIP signaling elements are session-stateful, a SRP can operate in a stateless or transaction-stateful mode, maximizing routing performance.
Because the routing table size needed to support SIP-based services can be massive, session routing proxies are capable of using both internal and external routing databases. Internal routing databases best support static, localized routing decisions for up to a few million routes. Routing rules that are extremely dynamic, global or exceed a few million routes are best supported using the high-capacity, centralized external databases.
Acme Packet’s Open Session Routing (OSR) architecture features its session routing proxy using industry-standard ENUM, SIP, XML or DNS protocols to access industry-leading routing database products and services from Acme Packet’s OSR partners. This solution provides tremendous deployment flexibility and facilitates network evolution from small to large numbers of border points and from PSTN to IP network-focused connectivity.
Platforms
Our session border controllers, multiservice security gateways and session routing proxies leverage the rich functionality of Net-Net OS across the industry’s most comprehensive and scalable portfolio of platforms.
