Acme Packet Session Border Controller
Acme Packet Session Border Controller
Acme Packet Session Border Controller
Agenda
Why should I care about SBCs? What is an SBC? Product Overview Working together
Beep Beep
Argh!~
Why should I care about SBCs? Reduce cost Deliver business agility Secure loyal customers
Market Trends
Service providers Making SIP value available to enterprises Relying on SBCs for peering and secure access
Enterprises and contact centres Embracing converged voice/data for UC, CC, & CEBP Migrating increasingly to SIP Moving to SIP trunking for lower costs & power consumption Recognizing identity, trust and security as critical to UC success Dealing with interworking and regulatory concerns
The Internet
The Federnet
F F F
In IP, we trust no one Addresses will forever be a collection of heterogeneous schemes SIP is not the only signaling protocol Codecs will never converge to a couple - audio & video Unlimited bandwidth, QoS and signaling resources will forever be a myth Some sessions are more valuable than others IP IC regulation will increase Business models will never be homogenous
CM
SM
TDM Trunks
SM
SM
SIP Trunks
Internet Avaya CM
Branch / Stand alone
Access
3rd
Party PBXs
G860
ooo
Defend SIP signaling elements against security threats, overloads Eliminate border signaling and many other interoperability issues Preserve session quality under load and adverse conditions Extend Avaya application reach across IP network borders Support regulatory compliance Key Benefits Faster Avaya solutions deployment at lower risk and cost Safe use of cost-effective SIP trunks High-quality session delivery to workers across the enterprise Improves customers options for customizing their networks
What is an SBC?
Session real-time, interactive communications voice, video & multimedia - using SIP,
Interconnect/peering: between service providers Subscriber access: enterprise, residential or mobile services Data center: retail or wholesale services Enterprise: intra- & extra-enterprise Security Service reach maximization SLA assurance Revenue & cost optimization Regulatory compliance
Large enterprise Mobile services Residential & business services PSTN origination & termination IP transit
IP contact center Directory services
PSTN termination
Control
Prevent SIP-specific overload conditions and malicious attacks Open / close RTP media ports in sync with SIP signaling Track session state and provide uninterrupted service Perform interworking or security on encrypted sessions Scale to handle many 1000s of real-time sessions Provide carrier class availability
applications
SIP trunking and border interworking Remote site & worker connectivity Reduced maintenance costs
Federated partners
APKT
To PSTN
APKT APKT
APKT
UC security
Private network
H.323 SIP
Internet
APKT
SIP
Regional site
Remote site
HQ/ campus
Teleworker
Remote site
3. Internet border
Product Overview
Large
Data Center Data Center (w/transcoding)
UC CC
750-2,500 75-250
1,250-40,000 125-4,000
5,000-80,000 500-8,000
20,000-360,000 2,000-36,000
150-500
250-8,000
1,000-16,000
4,000-72,000
Dynamic, session-aware access control for signaling & media Support for L2 and L3 VPN services & traffic separation SBC DoS protection Fraud prevention Service infrastructure DoS prevention Access control
NN-SD
Http Request
Source Source
IP address/range IP Port
X X X
Protocol
IP address IP port
+ Physical Port
NN-SD
Registration Status
SIP Invite
Traffic
or Destination URI
format
SIP Invite Reject with 503 Unavailable (configurable response) Bandwidth Exceeds Allowed LImit
Codec
type
Bandwidth
Next hop)
Signaling
Net-Net SD Dynamically Opens ports for RTP/RTCP (Media streams) Secure Latching
FW Must Keep ports open at all Times
10.0.0.1
Net-Net
136.2.7.100
Open a media port from pool X. Remember mapping from 10.100.1.100(Pool X) to 136.2.7.100:4300
Open media port from Pool Y. Remember mapping from 192.168.11.101 (Pool Y) to 10.0.0.1:1046;
BYE 200 OK
X
Close Media Ports and Removed from SBC cache
Details Regular expression search and store capability Ability to do repetitive search and replace Boolean logic support Supports operations on MIME body, e.g. SDP Allows codec re-ordering & stripping Ability to insert information into Call Detail Record VSAs HMR for ISUP (conversion between any variation of SIP, SIP-I, SIP-T)
Inbound VoIP/UC cant get through DSL/cable modem firewall / NAT Home worker cant reconfigure FW/NAT NAT-T techniques (STUN / TURN / ICE) are limited and vary widely by device: an IT support headache
Remote User
Internet
Standardizes NAT methodology Proven solution: globally deployed Scalable with very low latency
IPT
UC
CC
No end-user action required One centralized box to manage One methodology for NAT traversal
Segment A
Benefits
Segment B
Enables real-time evaluation of network & route performance Enables Enterprises to validate SLAs from their service providers QoS based call admission control
Capabilities
Per-flow statistics including jitter, latency, packet loss, byte and packet counters Hardware based RTP/RTCP header inspection no performance impact Reported through call accounting interface (Radius) or via FTP
IP Session Replication
Benefit reduces costs and decreases
complexity
number of devices/interfaces involved in call capture and replication; SBC scales better than alternative methods provisioned per ingress realm SBC replicates and forwards signaling and media SBC load balances session across recording servers
Avaya PBX ACM/ASM
High Availability
No loss of active sessions (media
sd0.co.jp Active 10.0.0.1 Standby
and signaling)
Supports new calls 1:1 Active Standby architecture Failover for Node failure, network failure,
New call
Working together
UC Reference Architecture
SIP Trunking Service
Remote clients
Internet
SIP
SIP
RTP
PBX ACM / DO
SIP
SIP SIP
PBX Router
PBX Avaya SM
SIP
SIP
SIP
Branch Office
PBX Avaya CM
HQ/Regional Data Center
Customer choice of complete local call processing intelligence in branch or if desired, no survivability Avaya Session Manager implements session routing for inter-branch and branch to HQ; manages
locations
SBC provides secure access to centralized SIP trunking services for HQ/regional centers
27
SITL will certify SIP trunks Testing ongoing in NA, CALA, EMEA, and APAC
Top tier customers worldwide 600+ customers in 92 countries 29 of top 30, 89 of the top 100 service providers
Revenue ($M)
$84.1
$116.4 $113.1
Burlington, MA headquarters
$16.0 $3.3
2003
2004
2005
2006
2007
2008
Competition
Primary competitive threat: customer inertia Ignorance of need for SBCs IT security staffs must be educated
Next-best threat: Cisco Unified Border Element (CUBE) All software: small scale, low performance Lacks DoS protection, advanced routing, high availability Years behind on features and protocol support Very limited non-Cisco product interoperability
Go-to-market strategy
Channel focus in EMEA - over 60 people
Business and channel development provide commercial and technical support Direct touch Sales and Engineering team directly supports opportunities EMEA HQ in Madrid has training and lab facilities Field systems engineering supports evaluations & trials, informal training
Protocol and platform focus areas Telephone hotline for critical problems Web portal
Training
Reduce cost and increases value of Avaya solution Enables secure use of cost-effective SIP trunks Supports Flatten Consolidate & Extend (FCE) model
Provide a competitive advantage over Cisco Superior SBC solution Strong relationships with service providers Prevent Cisco from getting more foothold
33
Value proposition
The: is for: who need to: in order to:
Acme Packet SBC solutions Mid- to large-size enterprises and contact centres across all vertical markets and geographies Connect to public/private SIP Trunk Services, and support Remote / Mobile Workers Reduce cost Deliver business agility Secure loyal customers Meet regulatory compliance mandates
Andreas Waechter, Sales Director, Enterprise, awaechter@acmepacket.com (Germany) Margie Frasier, Channel Development Manager, mfrasier@acmepacket.com (Italy) Geraint Evans, Technical Director, gevans@acmepacket.com (UK)
HEADQUARTERS
Relationship Manager: Neil Segall nsegall@acmepacket.com Technical Director: Ray DeQuiroz, rdequiroz@acmepacket.com Chief Engineer: Mike Aglietti, maglietti@acmepacket.com Channel Development: Laurie Coppola lcoppola@acmepacket.com