Session Border Controller and Gateway

• NetDevices Systems are architected for Voice support from ground up
• Modular architecture enables plug-in of 3rd party Session Border Controller Applications
• Addresses VOIP challenges at edge of the network
  • SBC
    • Security
    • QOS
    • Remote Survivability
    • Voice Gateway
    • Policy based forwarding option
    • Provisioning
  • VRF-CE (MPLS support at the Customer Edge)

SBC - Architecture

• All signaling packets are delivered to/thru SGx only after security check
• Call Admission Control through RSVP-Lite like API( done automatically through SIP ALG CAC Client)
• PBR (if configured) enables selective packets redirection (source based), packet sniffing/collection

SBC - Security

• Supports all the critical ALGs for VOIP at edge
  • SIP, TFTP, DHCP, RTSP, UA
• Flexible Session Manager enables rapid development of new ALGs
  EX: UA ALG
• SIP PAD (Protocol Anomaly Detection)
  • Security beyond just Deep Packet Inspection
  • Functionality delivered quickly, programmed through BNF like syntax
• SIP DOS
  • INVITE, REGISTER etc flood attacks
  • Extensible through user configurable SIP message strings

SBC - QOS

• Call Admission Control
  • Ability to configure BW/Call limits
  • Seamlessly implemented through ALGs
    • Ex:- SIP ALG , reserves and tears down BW by passively sniffing the Call Flows
    • Similar extension could be added for UA ALG
• RTP Packet Marking
  • ALG recognizes and marks RTP or/and signalling packets
• Rest of QOS features were discussed in previous sections

SBC – Remote Survivability

• Industry Standard
  • Host Call Manager Lite (for remote survivability) as an ASE application
  • Support for both Passive or Active Survivability modes
• NetD Innovation
  • Leverage SIP-ALG SBC functionality for Heart Beat detection, through passive signal sniffing
  • Cut-over to CM Lite , triggered by SIP-ALG SBC event
  • Leverage dynamic NAT rule generation, redirecting phone registration or signaling

SBC – Voice Gateway

• Analog line based Gateway is under development
• Initially, will support SIP signaling
• Targeted as Voice Gateway during Survivability mode
  • FXO ports providing 911 functionality
• Single Control point (Unified GUI and CLI) to configure the Voice Gateway along with other routing and security features

SBC – PBR

• Policy Based Routing allows routing of packets based on policies specified on egress interface
  • Ex: SBC/AT&T voice solutions for SMB/SMEs requires voice traffic to be directed through a dedicated WAN interface
• PBR enables the applications to treat certain traffic in a special way
  • Allows recognition of voice (signaling, rtp) traffic
    • Ex: Voice recording/sniffing applications

SBC: Provisioning

• Leverage NetDevices Lifeline™ for remote configuration, troubleshooting
• Seamless IP Phone bring-up and Provisioning
  • Supports several DHCP options required for various Phone Vendors
    • Ex: Option 66, Option 150
  • TFTP at the edge
    • TFTP Cache, to handle phone TFTP image requests influx
    • Avoids multiple image requests to pass through WAN
• Hard Disk Line cards, USB memory cards
  • Persistent storage for Voice end points images and configuration files
• HTTPS, ssh for secured remote access

Voice Infrastructure – VRF-CE

• Functionality of Cisco’s “VRF Lite”, “Multi VRF”
• Supports multiple and isolated routing domains, Overlapping address spaces
• Valuable for distributed enterprise branch networks
  • Leverage Alcatel PE based MPLS networks
• End-to-End VOIP application
  • LAN side
    • separate Voice VLAN and Data VLAN
  • WAN
    • Configure two VRF tables - “vrf Voice” and “vrf Data” on each router
  • Bind two OSPF instances , configured for each VRF table.