Presentation is loading. Please wait.

Presentation is loading. Please wait.

The leader in session border control

Published byJackson Gorman Modified over 10 years ago

Similar presentations

Presentation on theme: "The leader in session border control"— Presentation transcript:

1 The leader in session border control
for trusted, first class interactive communications

2 SIP trunking & enterprise SBCs

3 Positive outlook for SIP trunking and SBCs through 2013
CAGR of 91% Still in early stages CY08, $130M in revenue, K SIP trunks North America driving SIP trunking 74% total trunk shipments in CY08 Two dominant SBC players – Acme Packet and Cisco Systems 68% of enterprise SBC revenue from NA in 2008 Session Border Controller CAGR of 49% Infonetics: June 2009

4 Acme Packet is leader in delivering SIP trunking services
SIP trunking availability from APKT service providers exploding 80 deployments and trials today 30 countries Many different IP PBX/UC environments supported APKT in service provider network + APKT in enterprise network = guaranteed interoperability and faster time-to-trunk Same border controls for service provider & enterprise Security SLA assurance Service reach/interoperability All IP trunking protocols supported – RFC 3261 SIP, SIP-I, SIP-T and H.323

5 Why do you need an enterprise SBC?
Many PBX and UC vendors have SIP interfaces or other methods for connecting PBX and UC elements to a carrier SIP trunk service This causes some enterprise telephony and UC managers to ask: If my PBX or UC platform supports a native SIP trunk interface, why can’t I just connect this interface directly to the carrier SIP trunk service? This presentation will address this question and others such as: Why do I need an enterprise SBC for SIP trunking interoperability? Why do I need an enterprise SBC for SIP trunking security? Why do I need an enterprise SBC for SIP trunking control? How does using an enterprise SBC enhance my disaster recovery, troubleshooting, and monitoring capabilities? How is the Acme Packet solution packaged? 5

6 Acme Packet enterprise SBC solution controls four IP network borders
VoIP & UC security SIP trunking SIP & H.323 interoperability Data center disaster recovery Remote site survivability Contact center virtualization Remote site & worker connectivity via the Internet Regulatory compliance – recording & privacy Data centers Contact center, audio/video conferencing, IP Centrex, etc. PSTN Service providers SIP IP subscribers Internet Tele- worker Nomadic/ mobile user H.323 Regional site Remote Private network 1. SIP trunking border 4. Hosted services border 2. Private network border 3. Internet border HQ/ campus IP PBX UC Security – protecting UC resources Service reach maximization – connecting UC islands SLA assurance – guaranteeing capacity and quality Secure connectivity Dynamically defining trusted users/devices Containing unidentified/untrusted users/devices Protecting PBX and HQ/data center core Encryption and privacy Service reach maximization Interworking between H.323/SIP Hosted NAT traversal Normalizing protocol variations – misformed or non-compliant headers Transcoding SLA assurance Call admission control QoS marking/VLAN mapping QoS reporting, bandwidth policing Revenue & cost optimization Increased session control Unified dial plan - DNS, ENUM, LDAP, Local Route Tables (LRT) Policy-based session routing -ToD/DoW, cost, media, etc. Reduced time to deployment 6

7 SIPconnect - enterprise SIP trunking profile accelerates time-to-trunk
SIP Forum spec ratified August 2006, now V1.13 Specifies RFCs that must be supported for SIP trunking SIP, TCP, TLS, RFC 4733 DTMF, G ms, E.164 & URI addresses, SIP server discovery, response codes, IPv4 addresses Service provider Enterprise This SIP Forum document aims to address this issue. In short, this document defines the protocol support, implementation rules, and features required for a predictable interoperable scenario between SIP-enabled IP PBXs and SIP-enabled Service Providers. SIP signaling RFC 3261, Session Initiation Protocol (SIP) Signaling encryption RFC 2246 and 3261, Transport Layer Security (TLS) Media encryption None specified SIP addresses ITU-T recommendation E.164, The international public telecommunications numbering plan DTMF tones RFC 2833, RTP payload for DTMF digits, telephony tones and signals NAT traversal RFC 3489, Simple Traversal of UDP through NAT (STUN) SIP server discovery RFC 3263, Session Initiation Protocol (SIP): Locating SIP servers RFC 2782, DNS RR for specifying the location of services (DNS SRV) PSTN SIP RFC 3261 Media G.711, 20ms TLS

8 SBCs assure service availability & quality
Session admission control – signaling element, network, user Signaling-based – number of call /sessions, signaling rates Media (bandwidth)-based Overload control Non-malicious – load balancing, SIP registration avalanches, mass calling rejection/diversion Malicious Failure detection & recovery - data center redundancy, remote site survivavbility L3 router IP PBX or UC server Service provider SIP trunk/SBC Transport control Packet marking and mapping Media release peer-peer Quality of Experience (QoE) QoS & ASR monitoring, reporting & routing 1. SIP trunking border 4. Hosted services border Contact center, audio/video conferencing, IP Centrex, etc. IP subscribers PSTN Service providers Data centers IP PBX UC Private network Internet H.323 SIP Remote site HQ/ campus SIP Remote site Nomadic/ mobile user Tele- worker Regional site 2. Private network border 3. Internet border

9 SBCs enable regulatory compliance
Call and session recording Replicate session (signaling and media) for recording Session privacy Secure signaling and/or media Emergency calls E-9-1-1 Retrieve location information, add to signaling Route based upon location Prioritize routing (SIP RPH) & IP transport Exempt from admission control polices Data centers Contact center, audio/video conferencing, IP Centrex, etc. PSTN Service providers SIP IP subscribers Internet Tele- worker Nomadic/ mobile user H.323 Regional site Remote Private network 1. SIP trunking border 4. Hosted services border 2. Private network border 3. Internet border HQ/ campus IP PBX UC

10 Contact center, audio/video conferencing, IP Centrex, etc.
SBCs control costs Least cost routing Accounting Fraud prevention Encryption off-load – TLS, IPsec Data centers Contact center, audio/video conferencing, IP Centrex, etc. PSTN Service providers SIP IP subscribers Internet Tele- worker Nomadic/ mobile user H.323 Regional site Remote Private network 1. SIP trunking border 4. Hosted services border 2. Private network border 3. Internet border HQ/ campus IP PBX UC

11 Why use SBC for enterprises & contact centers?
Real-time IP communications is different Sessions initiated from inside or outside of firewall Continuous stream vs. traffic bursts, 2-way flows Latency & jitter very important, loss not so important Security is paramount Multi-protocol and real-time nature of VoIP demands sophisticated stateful defense strategy Signaling overloads occur with network outages, attacks simple to launch Today’s firewalls are insufficient, unable to: Protect themselves or IP PBX/UC resources Open / close RTP media ports in sync with SIP signaling Perform VoIP signaling deep packet inspection Track session state and provide uninterrupted service upon failure Enable VoIP interoperability for all layers/protocols SBCs deliver more than security using back-to-back user agent approach vs. ALG Service reach maximization SLA assurance Regulatory compliance Cost control Traditional firewalls cannot: Prevent SIP-specific overload conditions and malicious attacks Open / close RTP media ports in sync with SIP signaling Track session state and provide uninterrupted service Perform interworking or security on encrypted sessions Scale to handle many 1000s of real-time sessions Provide carrier class availability InfoSec deploy defense-in-depth model with application-level security proxies for and web applications Same model applies for IP telephony, UC and IP contact center applications

12 Summary comparison: SBC vs. firewall with SIP ALGs
SBC (B2BUA) Firewall with SIP ALG SIP trunk IP PBX UC server Data center SIP trunk IP PBX UC server Data center Terminates, re-initiates and initiates signaling & SDP Two sessions - one on each side of system Layer 2-7 state aware Inspects and modifies any application layer header info (SIP, SDP, etc.) Static & dynamic ACLs Unable to terminate, initiate, re-initiate signaling & SDP Single session across system Layer 2-4 state aware Inspects and modifies only application layer addresses (SIP, SDP, etc.) Static ACLs only Acme Packet 12

13 Why use SBC for enterprises & contact centers?
Real-time IP communications is different Sessions initiated from inside or outside of firewall Continuous stream vs. traffic bursts 2-way flows Security is paramount Multi-protocol and real-time nature of VoIP demands sophisticated stateful defense strategy Signaling attacks are simplest to launch Today’s data focused solutions are not enough Lack ability to dynamically correct VoIP connectivity issues Unable to perform VoIP signaling/media deep packet inspection Inability to track session state and provide uninterrupted service Firewalls and routers cannot protect UC resources Back-to-back user agent proven superior to ALG SBCs deliver more than security Service reach maximization SLA assurance Cost optimization

14 SBC vs. alternative approaches
Function & feature examples Acme Packet SBC Firewall w/ SIP ALG IP PBX SIP proxy Router Security DoS/DDoS self-protection IP PBX/SIP proxy DoS prevention Access control-dynamic & static Static only Topology hiding NAT leaks Encryption – signaling & media IPSec tunnels only Software-based signaling only IPSec tunnels Malware & SPIT mitigation Application reach maximization Remote NAT traversal L3 & 5 OLIP/VPN bridging, IPv4-v6 interworking L3 only Interworking; signaling, transport & encryption protocols Overlapping dial plan translations SLA assurance Admission control – signaling resource & bandwidth Call counting only Signaling resource load balancing; QoS/ASR routing Signaling overload control QoS marking and reporting No L5 awareness

15 La Quinta & Extended Stay hotels – SIP trunking and session routing
Application SIP trunking for analog PBXs to reduce PSTN costs Interconnect over 1,000 hotel properties Problems overcome High costs and inefficient PRIs for individual hotels Protect data center VoIP infrastructure NATs block remote worker IP phone calls Inbound call routing & outbound load balancing Remote worker IP phones PSTN Internet Service providers Data center MPLS backbone VM Guest phones Guest phones Guest phones Hotel properties

16 Hanjin – SIP trunking & unified communications
Application SIP trunking to service provider Unified communications across Hanjin Group companies Problems overcome Protect UC and VoIP infrastructure Interoperability with Microsoft Solution for Enhanced VoIP Services using Sylantro’s Synergy Unify offices, reduce complexity Hanjin offices MPLS WAN Uniconverse data center AS AS AS MS PSTN Local service provider

17 Insurance – SIP trunking & Internet access
Application Interconnection of HQ data center to remote sites and agents over Internet SIP trunking to rest of world Problems overcome Protecting core IPT infrastructure Mediation of network differences - overlapping IP addresses and differing protocols Firewall/NAT traversal Privacy for Internet-transported calls Data centers PSTN Service providers SIP Internet Tele- worker Nomadic/ mobile user 1. SIP trunking border 3. Internet border Remote site IP PBX

18 Financial services – SIP trunking & remote worker
Application Connect 40 locations via SIP trunking Multivendor IP-PBX interoperability Support nomadic mobile worker Problems overcome Security on SIP trunks Reduce access & toll costs by changing TDM trunking to SIP SIP-H.323 interoperability NAT traversal for remote workers SIP trunking border PSTN Service providers Data centers IP PBX UC Company overview 600+ PBXs, 800+ voic s, 60+ contact centers worldwide 80,000+ endpoints Multiple IP-PBX vendors $160M+ annual trunking, LD & local calling charges Private network Internet H.323 SIP Remote site HQ/ campus SIP Remote site Nomadic/ mobile user Tele- worker Regional site Private network border Internet border

19 Financial services – SIP trunking & remote worker
Application Connect 40 locations via SIP trunking Multivendor IP-PBX interoperability Support nomadic mobile worker Problems overcome Reduce access & toll costs by changing TDM trunking to SIP Security on SIP trunks SIP-H.323 interoperability NAT traversal for remote workers SIP trunking border PSTN Service providers Data centers IP PBX UC Private network Internet H.323 SIP Remote site HQ/ campus SIP Remote site Nomadic/ mobile user Tele- worker Regional site Private network border Internet border

20 SIP trunking savings spans access, local and long distance costs
PRI trunking SIP trunking Savings

21 Net-Net Enterprise and contact center are transitioning to IP trunking and unified communications Driving need for increased security and connectivity Users pushing boundaries, creating need for increased control Security, service reach and SLA assurance are major issues Voice is mission critical, solution must meet demands Intelligent, dynamic solution required to protect real-time communications services – only SBCs provide this Acme Packet is leading the way Category creator and industry leader Feature rich products led by real-world experience Channel and interop partners in place

22 The leader in session border control
for trusted, first class interactive communications

Download ppt "The leader in session border control"

Similar presentations

Cloud Communications Ecosystem Panel Alan Bugos, Vice President of Technology October 15th, 2013.

Cloud Communications Ecosystem Panel Alan Bugos, Vice President of Technology October 15th, 2013.
Copyright © 2013, Oracle and/or its affiliates. All rights reserved. 1 NG 9-1-1 security: What is a BCF.

Copyright © 2013, Oracle and/or its affiliates. All rights reserved. 1 NG security: What is a BCF.
Unified Communications Bill Palmer ADNET Technologies, Inc.

Unified Communications Bill Palmer ADNET Technologies, Inc.
Polycom Unified Collaboration for IBM Lotus Sametime and IBM Lotus Notes January 2010.

Polycom Unified Collaboration for IBM Lotus Sametime and IBM Lotus Notes January 2010.
The leader in session border control for trusted, first class interactive communications.

The leader in session border control for trusted, first class interactive communications.
The leader in session border control for trusted, first class interactive communications.

The leader in session border control for trusted, first class interactive communications.
SIP, Firewalls and NATs Oh My!. www.dynamicsoft.com SIP Summit 2001 5.01.01 SIP, Firewalls and NATs, Oh My! Getting SIP Through Firewalls Firewalls Typically.

SIP, Firewalls and NATs Oh My!. SIP Summit SIP, Firewalls and NATs, Oh My! Getting SIP Through Firewalls Firewalls Typically.
Unleashing the Power of IP Communications Calling Across The Boundaries Mike Burkett, VP Products April 25, 2002.

Unleashing the Power of IP Communications Calling Across The Boundaries Mike Burkett, VP Products April 25, 2002.
IMS and Security Sri Ramachandran NexTone. 2 CONFIDENTIAL © 2006, NexTone Communications. All rights Traditional approaches to Security - The CIA principle.

IMS and Security Sri Ramachandran NexTone. 2 CONFIDENTIAL © 2006, NexTone Communications. All rights Traditional approaches to Security - The CIA principle.
Colombo, Sri Lanka, 7-10 April 2009 Preferential Telecommunications Service Access Networks Lakshmi Raman, Senior Staff Engineer Intellectual Ventures.

Colombo, Sri Lanka, 7-10 April 2009 Preferential Telecommunications Service Access Networks Lakshmi Raman, Senior Staff Engineer Intellectual Ventures.
Pune, India, 13 – 15 December 2010 ITU-T Kaleidoscope 2010 Beyond the Internet? - Innovations for future networks and services Ivan Gaboli, Virgilio Puglia.

Pune, India, 13 – 15 December 2010 ITU-T Kaleidoscope 2010 Beyond the Internet? - Innovations for future networks and services Ivan Gaboli, Virgilio Puglia.
SIP Trunking A VASP Perspective Thomas Roel Convergence Sales Engineer 651.796.7043

SIP Trunking A VASP Perspective Thomas Roel Convergence Sales Engineer
Addressing Security Issues IT Expo East 2011. Addressing Security Issues Unified Communications SIP Communications in a UC Environment.

Addressing Security Issues IT Expo East Addressing Security Issues Unified Communications SIP Communications in a UC Environment.
Johan Garcia Karlstads Universitet Datavetenskap 1 Datakommunikation II Signaling/Voice over IP / SIP Based on material from Henning Schulzrinne, Columbia.

Johan Garcia Karlstads Universitet Datavetenskap 1 Datakommunikation II Signaling/Voice over IP / SIP Based on material from Henning Schulzrinne, Columbia.
Unified Communications: The State of the Industry.

Unified Communications: The State of the Industry.
Aeonix & Ingate Role in Enterprise

Aeonix & Ingate Role in Enterprise
1 What’s Next For SIP Trunking? Carriers Enabling and Bringing WebRTC Features With Their Trunks © 2015 Ingate Systems AB Prepared for:Ingate SIP Trunking,

1 What’s Next For SIP Trunking? Carriers Enabling and Bringing WebRTC Features With Their Trunks © 2015 Ingate Systems AB Prepared for:Ingate SIP Trunking,
SIP Explained Gary Audin Delphi, Inc. Sponsored by

SIP Explained Gary Audin Delphi, Inc. Sponsored by
Sonus SBC1000, SBC 2000 Competitive Positioning

Sonus SBC1000, SBC 2000 Competitive Positioning
ONE PLANET ONE NETWORK A MILLION POSSIBILITIES Barry Joseph Director, Offer and Product Management.

ONE PLANET ONE NETWORK A MILLION POSSIBILITIES Barry Joseph Director, Offer and Product Management.

Similar presentations

Ads by Google