|
Interconnect & peering
VoIP growth is undeniable. Many service providers are using IP networks to reduce the operational and capital costs of trunking PSTN traffic between their networks and data centers and the number of VoIP service subscribers is growing around the world. Yet, this growth resides in VoIP islands that, in most cases, require PSTN connections to go from one service provider network to the next. The next step in network evolution uses IP to interconnect these “islands” of VoIP to expand network reach and revenue potential while minimizing PSTN termination costs. IP interconnects enable service providers to realize several benefits, including: - Lower costs through reduced capital and operational expenditures made possible by leveraging IP service infrastructure of other providers and eliminating PSTN termination or transit costs
- Extend service reach by securely and quickly increasing accessible geographies and subscribers
- Improve quality by eliminating unnecessary IP-to-TDM-to-IP translations and exploiting high fidelity IP codecs
- Enable new service opportunities that require end-to-end IP connectivity such as interactive video, gaming, multimedia collaboration and more
At IP network borders, a session border controller (SBC) is used to mediate the differences in various IP networks as well as provide security, quality and cost control at the ingress and egress of those networks. Our SBCs satisfy the critical security, service reach maximization, cost revenue management, and SLA assurance requirements in IP interconnect and peering deployments. 
Service providers are directly connecting to one another using IP as opposed to costly TDM hand-offs for a variety of revenue-generating service offerings and cost-saving applications, including: - PSTN termination or origination
- IP transit
- VoIP interconnect exchanges
- Neutral registry services
- Regulatory services—lawful intercept, emergency services
- Wholesale hosted services—residential, enterprise or mobile
- Wholesale specialized services—directory, calling card, contact centers
The traffic exchanged today is predominately VoIP, but in the future it will include IP video, gaming, multimedia/collaborative sessions and other services making use of IP signaling protocols.
Interconnecting to other service providers directly via IP introduces challenges and unique requirements for building a trusted and controllable border, including: - Security—hide and protect network resources from attack
- Service reach maximization—exchange routing information and session traffic across heterogeneous networks with conflicting network characteristics to ensure reachability and interoperability
- SLA assurance—maintain service and network availability during abnormal busy periods
- Cost and revenue management—protect against theft of service, minimize session routing costs and capture session data for accounting and billing
Acme Packet’s Net-Net SBCs support all the functional elements required to enable secure, high-quality IP interconnects as defined by the following standards organizations: 
SecurityIn IP networks, critical resources can be exposed to external parties elevating risks of denial-of-service (DoS) and other malicious attacks. To protect revenue-producing elements in the service core, such as softswitches, application servers and media gateways, our unique Net-SAFE security architecture helps service providers build trusted and secure interconnect borders.
Hardware-based packet filtering and access control |
- Prevents DoS and DDoS attacks on the SBC and service infrastructure
- Prevents unauthorized media access
- Detects and isolates malicious sources
|
Dynamic trust management |
- Classify devices or users as trusted, untrusted, or malicious based on signaling behavior
- Trusted user traffic is prioritized over untrusted user traffic
|
Dynamic, signaled NAPT and back-to-back signaling |
- Hides IP layer (layer 3) and signaling topologies (layer 5) from attack
- Allows architectural and topology changes in the core without affecting interfaces from customers and peers
|
Encryption (TLS, IPsec, SRTP) |
- Protects signaling privacy
- Increases service scalability by aggregating encrypted connections and offloading processing from the core
|
Programmable header and parameter manipulation |
- Protects confidential signaling information
- Prevents intrusions and malware
|
Session layer rate limiting |
- Prevents session layer overload of upstream devices
|
Call authentication and authorization |
- Enforces service contract per-user/device
- Prevents fraud
|
VPN separation |
- Enables backbone separation of signaling and media VPNs
|
Per-session media bandwidth policing |
- Prevents media-based DoS attacks
- Prevents bandwidth theft
| Service reach maximizationAll IP networks are not the same. Many use different signaling protocols, codecs or overlapping IP address spaces. To allow calls to cross from one VoIP network to another, our Net-Net SBCs mediate between heterogeneous networks and deliver maximum service reach allowing service providers to increase their addressable customer base and accelerate time to market.
Multiservice architecture with service virtualization |
- Partition and dedicate resources to specific customers
- Reduces the number of network elements
- Allows for unique service profiles and signaling options
- Fine grained traffic, security and QoS controls per service or peer
|
Interworking signaling (SIP, H.323), encryption (TLS, IPsec) and transport (TCP, UDP, SCTP) protocols |
- Maximizes number of networks for interconnection
- Eliminates need to change service core
- Allows changes in service core and mediates differences at ingress and egress
|
Protocol normalization and repair |
- Increases vendor interoperability
- Accelerates time-to-market
|
Programmable header and parameter manipulation |
- Rapid product and vendor interoperability
|
Number normalization, header and response code translations |
- Allows heterogeneous networks to interconnect without changing core elements
|
Overlapping IP address domain mediation and VPN bridging |
- Directly interface to multiple VPNs to minimize equipment costs
- Supports connections to partners using overlapping private address space
- Securely separates and bridges customer or peer traffic
|
Transcoding and filtering of wireline and wireless codecs |
- Increases service reach through codec normalization
- Optimize network bandwidth
| SLA assuranceWith growing VoIP call volumes, IP interconnection can lead to oversubscribed and burdened networks that impact customers. Our Net-Net SBCs provide call admission control, load balancing and QoS marking and reporting features that deliver assured service quality and network availability during abnormal busy periods or network events.
Flexible call admission control: policies defined by session agent constraints, bandwidth, QoS metrics and external policy servers |
- Prevents service core overload
- Increases service availability
|
Session agent load balancing |
- Ensures network uptime and availability during peak call times
|
Layer 2 and layer 3 QoS marking (ToS, DiffServ, MPLS) |
- Enables priority treatment of traffic for premium service quality
|
QoS reporting (packet loss, jitter, delay, MOS) |
- Determines quality of session from a media perspective
- Provides media quality data for SLA reporting
- Speeds time to identify and isolate problems for resolution and network optimization
|
Answer Seizure Ratio (ASR) reporting |
- Determines quality of session from signaling perspective
- Provides data for SLA reporting
- Speeds time to identify and isolate problems for resolution and network optimization
| Cost and revenue managementVoIP and other IP interactive communication services are designed to make money for service providers; yet, inefficient network utilization, improper billing and fraud can ruin these revenue streams or detract from profitability. Acme Packet’s Net-Net SBCs deliver call routing, bandwidth policing and accounting features to help ensure the most profitable usage of a service provider’s network.
Flexible routing policies: least cost routing, ASR-based, codec-based, etc. |
- Enables cost effective call transit and termination
- Lower operational and capital expenditures via traffic grooming and minimizing load on softswitches and core network
|
ENUM (electronic numbering) |
- E.164 phone number routing decisions based on external ENUM database
- Enables VoIP calls to remain IP end-to-end, avoiding costly and unnecessary PSTN termination and call degradation
|
Bandwidth policing |
- Protects against bandwidth theft and abuse
|
Accounting via call detail records (CDRs) or RADIUS |
- Enables session-based billing and settlement
- Supports traffic planning and performance management
|
Session timers |
- Prevents fraudulent and stranded calls
- Enables audit trails for fraud detection
|
|