Post on 30-Oct-2014
transcript
Session border control applications
Session border controller functions & features
Multi-protocol – SIP, H.323, MGCP/NCS, H.248; H.248 border gateway control; interworking – SIP IMS-H.323 & H.323-H.323
Security – SBC DoS protection, access control, topology hiding, privacy, VPN separation, service infrastructure DoS prevention, fraud preventionService reach – surrogate registration IP PBX & IAD endpoints, adaptive NAT traversal, OLIP/VPN bridging, interworking: signaling, transport & encryption protocols; transcoding, address & response code translationsSLA assurance – admission control: session agent constraints, bandwidth, policy server, QoS metrics; peer-peer media release;QoS marking/mapping; QoS reporting, session agent load balancing Revenue & profit protection – bandwidth policing, QoS theft protection, accounting, session timers, routingRegulatory compliance – emergency service (E911) & lawful intercept
Directory
SBC applications
Termination/origination& IP transit services
PSTN O&TIP transit
Hosted IP IC services(network facilities-based)
Voice & video Unified messaging ConferencingPresence & IC
Multimedia collaborationGaming IP PBX trunking
ResidentialServices
BusinessServices
IP Transit& PSTN O&T
PSTN Origination & Termination
PSTN Termination
Customer care
PSTN
ITSP/Voice ASP services
Hosted voice Customer care centers
DirectoryCalling cardMessaging
MobileServices
Security – SBC DoS protection, access control, topology hiding, privacy, VPN separation, service infrastructure DoS prevention, fraud prevention
Service reach – SIP, MGCP/NCS, H.248, SIP-H.323 PBX IWF; adaptive NAT traversal; OLIP bridging; interworking: transport & encryption protocols, surrogate registration IP PBX & IAD endpoints
SLA assurance – admission control:session agent constraints, bandwidth, policy server; peer-peer media release; QoS marking/mapping; QoS reporting
Revenue & profit protection – bandwidth policing, QoS theft protection, accounting, session timers
Regulatory compliance – emergency service (911) & lawful intercept
Hosted IP IC services – residential & SME (SBG-NE)
Signaling Media
H.248
H.323MGCP
Cable Frame/LL
SIP
MGCP
SIP
H.248
DSLWIFI
Wimax
Italtel S.p.A.
PSTN
Netmeeting
H.323 Video Zone
STB + TVCam Microsoft
Messenger
SIP Video Zone
SIP Videophone
Web Video Zone
PC client
PC client
Video Telephony over Three Networks
Cl. 5 iMSS
FastWebNetwork
MediaGateways
STB + TVCam
i-WTS
H.323 VDC Domain
SIP / UMTS VDCDomain
Cl.4 iMSS
3Network
Telecom Italia IP Backbone
China Unicom – residential & enterprise services
3G Video – wireless/IP Convergence
Security – SBC DoS protection, access control, topology hiding, VPN separation, service infrastructure DoS prevention
Service reach – surrogate registration IP PBX endpoints, SIP IMS-H.323 PBX IWF; VPN bridging
SLA assurance – admission control:bandwidth per VPN & site, session agent constraints, policy server; intra-VPN media release; QoS marking/mapping; QoS reporting
Revenue & profit protection – bandwidth policing, QoS theft protection, accounting, session timers
Regulatory compliance – emergency service (911) & lawful intercept
Hosted IP IC services – MPLS VPN-based enterprises
H.323
SIP
SIP
MPLS VPN
Signaling Media
Site2
Site 1
Site3
SIP
Ericsson CSCF
ASHSS
ENUM/DNS
RESIDENTIALDSL ACCESS
NETWORK
MPLS BUSINESS VPNs
Video Over xDSL
MPLS VPNs
SIP/ 3G-324M ViGW
MSC
EricssonMGC/SG
EricssonMGW
H.248
SIP
SIP
SIP
SIP
SIP
MS
SD
SD SD
SIPDiameter
ISUP
ISUP
STP
STP
SSPTDM
Telefonica GPRS/UMTS
Mobile Network
SIP to IMS SD
PSTN
CORE TRANSPORT NETWORK
ACT IADsHotSIP SoftUA
Mediatrix GWsCisco IP PhonesHotSIP SoftUA
Set Top BoxSIP UA
Overall architecture
BGP/MPLSRFC2547
Core Network
VPN ASite 1
10.0.1.0/24
VPN BSite 1
10.0.1.0/24
VPN ASite 2
10.0.2.0/24
VPN BSite 2
10.0.2.0/24
PE
PE PE
VLAN20 VLAN30
BWKS AS
SD HA Node
BWKS NS
Ericsson MGC/SGEricsson
MGW
BWKS MS
Enterprise MPLS VPN services
VoIP Network Architecture
IP PBX
SIP IPPhones
Enterprise
IP VPN
MPLS Backbone
VoIP
PSTN
PSTN
PSTN
IP
On-Net Call
Off-Net Call
GSX
Architecture provides security, quality & scalability Private IP Backbone Session Border Controller (Firewall) Toll Quality
VoIP packets receive highest class of service (QOS) resuting in: Increased security Increased reliability Carrier quality service Minimized latency, packet loss, and jitter
Technology (Best in Class) Session Border Controller: Acme Packet Media Gateway: Sonus
Session Border Controller Advantage Security – Access Control Network Address Translation (NAT) SIP & H.323 Mediation Bandwidth & QOS Management
IPVPNPrivate LineFrameDSLDIA Public Internet
Acme Packet SessionBorder
Controller
Voice ASP/ITSP application (SBG-NE)
Security – SBC DoS protection, access control, topology hiding & privacy, VPN separation, service infrastructure DoS prevention, fraud prevention
Service reach – SIP, SIP-H.323IWF; adaptive NAT traversal; OLIP/VPN bridging; interworking: transport & encryption protocols
SLA assurance – admission control: session agent constraints, bandwidth; peer-peer media release; app/media server load balancing QoS reporting
Revenue & profit protection – routing, accounting
Regulatory compliance – emergency service (911) & lawful intercept
Signaling Media
Data Center
SIP PSTN
SIP
H.323
Database(s)
Accounting
Service provider interconnect (SBG-NC) – VoIP trunking networks
Security – SBC DoS protection, access control, topology hiding, VPN separation, service infrastructure DoS prevention
Service reach – SIP, H.323, IWF: signaling, transport & encryption protocols; OLIP/VPN bridging; transcoding; address & response code translations
SLA assurance – admission control: session agent constraints, bandwidth, policy server, QoS metrics;QoS marking/mapping; QoS reporting
Revenue & profit protection – accounting, session timers, routing & load balancing
B
IP
A
$.03Europe 2Europe 1 $.05
SIPG.729
H.323G.711
SIPG.711
PSTN
USA
Signaling Media
ww
w.f
ibe
rne
t.c
o.u
k
Sw
itch
Soft
ipLCR - VoIP enables 110 operators A logical extension of the LCR trading
community It “bridges” VoIP and PSTN interconnects
It converts SS7 traffic to SIP or H.323 and vice versa
It’s unit of currency is the “trunk group”, mapping 30 VoIP calls to an E1
It supports SIP to SIP and H.323 to H.323
It supports SIP to H.323 and vice versa
Med
ia
Gatew
ayS.B
orde
r Controller
Sw
itch
Soft
S.B
orde
r Controller
Voi
ce
Switch
Sw
itchVoi
ce
Sw
itch
Voice
SDH
IP
Sw
itch
Soft
S.B
orde
r Controller
Sw
itch
Soft
S.B
orde
r Controller
Service provider interconnect (SBG-NC) – PSTN termination & origination
PSTN
Cisco BTS
Nortel CS 2000
NortelPVG
IXC
Cable
AcmePacket
4000 SD
MTA
MTA
CMTS
CMS
MTA
MTA
CMTS
Arris
SIP
NCS
CMS
MTA
MTA
CMTS
Private
Public
IXC– Security – access control,
topology hiding, SBC DoS protection, SS DoS prevention
– Service reach - private-public address space mediation
– SLA assurance - session agent availability testing & load balancing
Cable operator– Security– SLA assurance - QoS DiffServ
marking, QoS reporting – Revenue/profit assurance
- accounting
Contact center application (SBG-NE & NC)
IP MPLS
Internet
CSR 1b
Hosted services (e.g. contact center, ACD, recording)
CustomersCustomers
PSTN
Managed IP subscriber network
Site 1a
Contact center 1
CSR 1c
Site 2a Site 2b
Site 3
Contact center 2
Contact center application- VPN connected sites
MPLS
Internet
Customers
ManagedSIP/H.323, codec X
CSR5
Contact center - SIP/G.711
CSR1 CSR2 CSR3 CSR4
Site A Site B
Security – Net-SAFE: VPN separation, topology hiding, SIP ACD/AS DoS prevention, SBC DoS protection
SLA assurance – admission control – bandwidth per VPN & site, SIP ACD constraints; SIP ACD/AS load balancing & routing, QoS reporting & accounting
Service reach - VPN/OLIP bridging, SIP-H.323 interworking, transcoding
Regulatory compliance – lawful intercept (call data & content)
Contact center application- Internet CSRs
MPLS
Internet
Customers
ManagedSIP/H.323, codec X
CSR5
Contact center - SIP/G.711
CSR1 CSR2 CSR3 CSR4
Site A Site B
Service reach - NAT traversal
Security - signaling & media encryption termination, VPN bridging
SLA assurance - media release – CSRs to customers (no NAT), QoS reporting
Enterprise SBC application (SBG-CE)
Internet
IP access to PSTN, hosted services, IP extranet, other IP subscribers
ManagedSIP services
SOHO
Enterprise site, MPLS VPN or private network
Security – access control (FW), topology hiding (NAT), privacy, VPN separation, IP PBX/endpoint DoS prevention, SBC DoS protection
SLA assurance – admission control: IP PBX/SIP server constraints, bandwidth; QoS marking/VLAN mapping – voice vs. video; QoS reporting, bandwidth policing, accounting
Service reach - VPN/OLIP bridging, SIP-H.323 interworking, adaptive NAT traversal
Regulatory compliance – lawful intercept for universities
H.323 or SIP PBX
SIP
SIP endpoints/server
SIP/TLS
SRTP pass-thru
The leader in session border control
for trusted, first class IMS services