Rapport Session Border Controller

for access
With networks moving to all-IP, the role of Session Border Controllers (SBCs) is
rapidly evolving based on key triggers and challenges that are driven by Voice over
LTE (VoLTE) and its massive scale and by the launch of new services beyond voice
(video, IP messaging) for both consumers and enterprises. In this environment,
it becomes ever more important to economically secure and control media and
signaling streams that cross the edge of service provider network.

The Nokia Rapport™ Session Border Controller (SBC) product supports both access
and peering functions and delivers industry-leading performance and security
capabilities on a 10U commercial-off-the-shelf (COTS) IT server platform as well as
software-only delivery. The Rapport SBC software-only version is available to run
on an OpenStack®-based cloud environment including Nokia CloudBand™, Service
Provider-owned cloud, or Third-party (hosted model) cloud. The product support
integrated as well as decomposed deployment models and independent scaling of
signaling plane and media plane virtual machines (VM).

The Rapport SBC sits at the access edge of the

carrier network where it provides the access
functions. It connects the fixed, mobile or
PacketCable™ access network to the core IP
network while delivering a wide-range of Session
Border Controller functions such as security with
signaling and media firewalls and advanced control
of both the SIP signaling and multimedia flows
(voice, video, messaging, web, etc.).

The Rapport SBC also extends the access solution

to enterprise networks, allowing carriers to manage
IP connectivity service to enterprise customers by
connecting IP-PBX into carrier networks.

1 Data Sheet
Rapport Session Border Controller for access
Security umbrella
Network security is an obvious requirement for
session border control. With IP networks, the
security issues we have experienced on our PCs
are now applicable to the plethora of end-user
devices. Viruses, denial of service (DoS) attacks,
spam over Internet telephony (SPIT), and theft or
misuse of resources and personal information are
just a few of the potential malicious attacks that can
affect smartphones, tablets, PCs, televisions and
other IP-connected devices. The Rapport Border
Controller offers superior protection from malicious
attacks through several dedicated virtual machines
for SIP firewall.
Quality of experience
The Rapport SBC delivers a safe and trusted quality
of experience (QoE) to your subscribers, across
any access (3G, 4G LTE, Wi-Fi®, etc.) and over any
device. Rapport Border supports a vast array of
endpoints, including SIP user equipment (UE), SIP
user agent (UA), softphone, Integrated Access
Device (IAD) and Analog Terminal Adapter (ATA),
enterprise Private Branch Exchange (PBX) as well as
Web Real-Time Communications (WebRTC)-enabled
device
Versatile class of services
Fully integrated with Rapport solution for Service
Providers that leverages Internet Multimedia
Subsystem (IMS) technology, Rapport SBC
preserves existing services such as Voice over
IP (VoIP) for consumers and Session Initiation
Protocol (SIP) trunking for enterprises. Rapport
Border also ensures that any new services,
access methods and devices remain safe from
evolving threats, including support of VoLTE, Video
over LTE (ViLTE), Voice over Wi-Fi (VoWi-Fi), Rich
Communications Services (RCS) and WebRTC.
2 Data Sheet
Bridging telecommunications and
the Web
WebRTC technology allows any device with a
browser to become a smart communicator with the
capability to support sessions that include audio,
video, conference and data (presence, file, image,
etc.). This capability extends the reach of real-time
communications into the Web and opens up new
opportunities to capitalize on existing network
investments and enhance the customer experience.
By using Rapport SBC to extend cohesive value across
telecommunications and the Web, service providers
can increase their total addressable market, create
new markets and inspire Web developers’ innovation.
Features
Access control
• Authentication based on Lightweight Directory
Access Protocol (LDAP) and OAuth protocol
• Call Admission Control (CAC) and bandwidth-
based session admission control
Accounting/reporting requirements
• Real-Time Transport Protocol (RTP) packet loss,
jitter and latency measurement and accounting
• Rf interface to Call Control Function (CCF) for billing
• ASCII and ITU-T Q.825 call detail record (CDR)
generation
Interoperability
• SRTP-SDES/SRTP-DTLS interworking
• MSRP/TLS to MSRP/TCP interworking
• IPv4/IPv6 interworking
• DTMF (RFC 4733) to SIP INFO interworking
Management
• Nokia 1360 Centralized Operations Manager
(COM) element management system
Rapport Session Border Controller for access
• Fault management: Simple Network Management
Protocol (SNMP)
• Provisioning management: XML/CLI
• Performance management: XML
• Accounting management: Diameter 3GPP™
standard Rf interface
Media and transcoding
• Multimedia support, including audio and video
calling, ITU-T T.38-compliant fax over IP and
Message Session Relay Protocol (MSRP)-based
data sessions
• RTP bundling
• RTP/RTCP multiplexing
• QoS remarking
• Optimal media path support
• Media-inactivity detection
• Support for native audio transcoding
Network Control Functions
• Proxy – Call Session Control Function (P-CSCF and
P-CSCF enhanced for WebRTC (eP-CSCF))
• Emergency – CSCF (E-CSCF)
• Breakout Gateway Control Function (BGCF)
• Service-based Policy Decision Function (SPDF)
• Access Transfer Control Function (ATCF)
• Emergency Access Transfer Function (EATF)
• Access-Border Gateway Function (A-BGF)
• Access Transfer Gateway (ATGW)
• WebRTC Gateway
• Web Gateway
Network integration
• Powerful SIP screening capabilities to add,
remove or modify SIP header or message body
based on direction, type of message and header
or parameter regular expression match
• Topology hiding, SIP Back-to-Back User Agent
(B2BUA) and proxy mode; registration caching
and surrogate registration for enterprise PBX
3 Data Sheet
• Support for Nokia and third-party IMS Application
Servers or next-generation network (NGN)
softswitches
Regulatory requirements
• Lawful Interception (LI) support
• Emergency call handling: Enhanced 911 (E911)
• Government Emergency Telecommunications
Service (GETS)
Security
• Integrated SIP firewall
– Handling of line-rate DoS/distributed denial of
service (DDoS) attacks
– Protection against malformed messages
– Per-subscriber rate limiting
• Support for security and transport protocols plus
signaling compression
• Support for Secure Real-Time Transport Protocol
(SRTP)
• Media security: bearer firewall, pinholing and
bandwidth policing
• Network Address Translation (NAT)/Port Address
Translation (PAT) and hosted NAT traversal
Specific service enablers
• VoLTE: enhanced Single Radio Voice Call
Continuity (eSRVCC)
• WebRTC services:
– Support for WebRTC endpoints
– WebRTC to SIP interworking
– MSRP over data channel support for WebRTC
data sessions
• Enterprise services
– Call Recording for enterprise traffic
– Support for trunk group routing and routing
based on called party
– Overlapping address domain/virtual private
network (VPN) support
Rapport Session Border Controller for access
Supported interfaces
• Gm
• Mw
• Mj
• Rf
• Gq
• Rx
• Ia (Ix)
• e2
• Mx
• W2
• W3
• W5
Benefits
• Optimized capital expenditures/operating
expenditures (CAPEX/OPEX) by providing vSBC
on COTS hardware supporting integrated and
decomposed deployment models for a range
of capacities and allowing future migration to
cloud-based deployment
• Built-in Load Balancer to distribute SIP and
Diameter traffic across multiple blades and
provide single IP address toward trusted and
un-trusted interfaces. Eliminates need for
expensive external application-aware load
balancers.
• Virtualized SBC with high performance Media
Plane supporting independent scaling of signaling
and media virtual machines
• Border controller functionality for both wireline
and wireless networks
• Optimal design, with processing power needed
for next-generation presence-based applications
• Best-in-class defense against DoS/DDoS attacks,
with dedicated interfaces for signaling and media
traffic and per-subscriber signaling rate limiting,
preventing communication disruptions when the
Rapport Border Controller is under attack
4 Data Sheet
• Faster service resumption in overload conditions,
with registration prioritization
• Protection of core call-processing assets with
optimal routing, making routing decisions at the
network edge
• Support for VoLTE, WebRTC, Consumer VoIP
(CVoIP) and SIP trunking applications on same
hardware and software
Technical specifications
Performance and capacity*
• Rapport SBC signalling plane for access
(Rapport ISC):
– Each virtual system supports up to 2 million
subscribers with IP Security (IPSec) or
Transport Layer Security (TLS) connections
– Entire chassis dedicated to signaling plane
supports up to 4 million subscribers across
two virtual systems
• Rapport SBC media plane for access (Rapport
MGW):
– Each Gen9 blade supports up to 40,000 RTP
sessions, 600 calls per second (cps) and 8 Gb/s
throughput
– Entire chassis dedicated to media plane
supports up to 320,000 RTP sessions, 4800
CPS and 40 Gb/s throughput
• Capacity for Rapport SBC software-only edition:
– The Rapport SBC signaling plane supports up
to 2 million subscribers per virtual system. The
underlying cloud resource needs vary from
cloud environment to cloud environment.
– The Rapport SBC media plane supports up to
16K RTP sessions per virtual machine.
* Performance and capacity numbers vary by call flow, CODEC,
configuration and feature usage.
Rapport Session Border Controller for access
Reliability
• 99.999% availability

Redundancy
• 1:1 active/standby local redundancy
• Supports N+k geo-redundancy

HP C7000 Chassis front view

Security protocols
• IPSec
HP C7000 certifications
• TLS
The HP BladeSystem c7000 enclosure has been
• Secure Real-Time Transport Protocol (SRTP) evaluated against the following criteria:
• Network Equipment Building Standards (NEBS)
Transport protocols Level 3: GR-63-CORE and GR-1089-CORE
• Transmission Control Protocol (TCP) (GR-63-CORE Issue 3, May 2006; GR-1089-CORE
• User Datagram Protocol (UDP) Issue 4, June 2006)
• Stream Control Transmission Protocol (SCTP) • Climate: ETS-300-019-1, May 1994 and ETS-
300-019-2, May 1994
• CE Mark: EN-300 386
HP C7000 system highlights
• Safety: UL 60950 (or equivalent) and IEC950/EN
• Fully redundant 10U platform
60950
• Dual Onboard Administrators
• EMC qualification for FCC
• Contains six AC or DC power supplies
• Restriction of Hazardous Substances (RoHS)
• Contains 10 hot-plug active fans for cooling
• China RoHS labeling
• Up to 16 Gen 9 blades per chassis
• Waste Electronic and Electrical Equipment (WEEE)
• Each Gen 9 BL460c Server blade supports: marking
– Intel® Xeon® E5-2600 v3 processors
– 2x 12 core CPUs per blade
– 2x 1.2 TB 10K RPM disks, 128GB RAM
• Two HP Pro Curve 6125XLG Blade Switch with
8 x 10 Gb/s interfaces
• 1+1 local redundancy for all hardware
components

Chassis dimensions
• Height: 442 mm (17.4 in) – 10U rack-mountable
• Width: 447 mm (17.6 in) HP C7000 Chassis back view
• Depth: 813 mm (32 in)
• Weight: 224 kg (493 lb)

5 Data Sheet
Rapport Session Border Controller for access
Electrical and operating environment characteristics

Characteristics Typical/nominal value Maximum/range value

AC power

Input voltage 208 V AC 200 V to 240 V AC

Input frequency 50 Hz to 60 Hz —

Input current 5.06 A per input, 30.3 A per chassis at 13.9 A per input, 83.4 A per chassis at
208 V AC 200 V AC

DC power

Input voltage –48 V DC –36 V to –72 V DC

Input current 37.2 A per input, 111.6 per chassis 52.06A per input, 156.2 A per chassis (max)
(at 40 V DC)

Power 5358 W per chassis 6248 W per chassis

Heat dissipation 17,532 BTU/hour 21,319 BTU/hour

Operating temperature range — 10°C (50°F) to 35°C (95°F)

Non-operating temperature range — –30°C (–22°F) to 60°C (140°F)

Nokia is a registered trademark of Nokia Corporation. Other product and company names mentioned herein may be trademarks or trade names of their
respective owners.

Nokia Oyj
Karaportti 3
FI-02610 Espoo
Finland
Tel. +358 (0) 10 44 88 000

Product code: PR1509014191EN

© Nokia 2016 nokia.com