Introducing - Session Border Controllers

Mark Carroll (mcarroll@cisco.com)

MSF – 04/04/2006
MSF SBC Intro Presentation_ID © 2005 Cisco Systems, Inc. All rights reserved. 1

Multiple Industry Drivers
• Network Convergence • Realization of QoS and SLAs for VoIP • Embedded Security for User and Service provider • Regulatory requirements

MSF SBC Intro Presentation_ID

© 2006 Cisco Systems, Inc. All rights reserved.

2

Session Border Controller – Network Interfaces
Class 5 SP3 IP/MPLS + PSTN
AAA AAA

SP to SP Border

SP to DC Border

SP2 IP/MPLS Network S/BC S/BC

Data Center

S/BC

S/BC

SP1 IP/MPLS Network
S/BC

Enterprise to SP Border
S/BC S/BC S/BC

SP to Enterprise/ Residential Border

S/BC

S/BC

V

Hosted and Managed IP Telephony
MSF SBC Intro Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved.

Broadband Local Infrastructure Solutions( Cable, Ethernet, T1, E1 )

3

Where Networks Interconnect?
SBC for Inter-Provider Networking
Class 5 AAA PSTN
V

SP2 IP/MPLS Network

AAA

V

V

SBC

SP1 IP/MPLS Network

SP- SP Interconnect:
• Eliminates back-to-back media gateways • Improves media quality • SBC provides admission control, security, billing, etc. • Can use the same peering router for voice, video and data

AAA SP2 IP/MPLS Network

MSF SBC Intro Presentation_ID

© 2006 Cisco Systems, Inc. All rights reserved.

4

Where Networks Interconnect?
SBC for SP-Access Peering
Class 5 AAA PSTN SP2 IP/MPLS Network AAA

V

SBC

SP-EP/Residential Peering:
• Enables seamless end to end VoIP • Eliminates TDM interconnect from Enterprise

SP1 IP/MPLS Network

SBC

• Provides protocol IW, NAT/FW traversal, admission control, security, VPN interconnect, billing

A

A

Managed Enterprise
MSF SBC Intro Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved.

Unmanaged Enterprise
5

So, What Is an SBC?
SBC Enables Direct IP to IP Interconnect Between Multiple Administrative Domains for Session-Based Services Providing: Protocol Interworking, Security, Admission Control and Management

Signaling IWF

+ +

NAT/FW Traversal

+ +

Billing and CDR Normalization

+

CAC and BW Management

Security Signaling/DOS

Media IWF (DTMF, Codec)

= SBC

• SBC is a tool kit of functions

• Depending on the application and deployment scenario, a different set of functions can be turned on/off
MSF SBC Intro Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. 6

High Level SBC Features/Functions
• Protocol Normalization and Interworking
 Normalization and repair of signaling  Inter-working between multiple control planes  Secure to Clear Signaling Interworking  Signaling Transport Interworking  VPN Interworking and Media Optimization

• Service Security
 Authorization and Authentication  NAT and Firewall Traversal  Topology and Address hiding ( Network & User)

 Guard against theft of service
 DoS and Overload Protection
MSF SBC Intro Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. 7

High Level SBC Features/Functions
• Service Assurance
Enforcing admission control policies Bandwidth reservation and management

Policing, Packet marking, SLA Monitoring
Prioritization of signaling messages ( Emergency services)

• Media Interworking
IPv4 to V6 Inter-working Transcoding Services and DTMF Interworking Secure to Clear interworking

• Load Balancing and Session Routing Services • Billing and CDR Generation • Support for Lawful Intercept

MSF SBC Intro Presentation_ID

© 2006 Cisco Systems, Inc. All rights reserved.

8

Deployment models Unified or Distributed
Distributed Model
S/BC
SBE H.248

DBE: Data Path Session Border Element Function Sample tasks: Media Relay, FW, Dynamic pinhole, Quality demarc

SBE: Signaling Path Session Border Element Function Sample tasks: Signaling IW, NAT/FW Traversal, Topology hiding (SIP/SDP mgs), Voice MG Interop

Unified Model
S/BC
SBE

DBE

DBE

Service Access Control

DBE

In the distributed model – one to many relationship between SBE and DBEs

In the unified model – one to one relationship between SBE and DBEs

• The interface between the SBE and DBE is being defined.

• Service Access Control is local to the box and can be message based

MSF SBC Intro Presentation_ID

© 2006 Cisco Systems, Inc. All rights reserved.

9

Cisco IP NGN Architecture
Achieving a Whole Greater Than the Sum of the Parts
Application Layer
Data Center PresenceBased Telephony Web Services Mobile Apps IP Contact Center

Gaming

Service Layer

Self Identity Policy Billing Service

Service Exchange
Mobility

Open Framework for Enabling ‘Triple Play on the Move’
(Data, Voice, Video, Mobility)

Network Layer

Customer Element

Access/ Aggregation

Intelligent Edge

Multiservice Core

Transport

Intelligent Networking
MSF SBC Intro Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. 10

Operational Layer

MSF SBC Intro Presentation_ID

© 2006 Cisco Systems, Inc. All rights reserved.

11