Welcome to Scribd!

The Leader in Session Border Control

Uploaded by

0% found this document useful (0 votes)

25 views8 pages

SBCs provide more robust security and functionality than firewalls with SIP ALGs. SBCs can terminate and modify SIP sessions and SDP headers, while firewalls with SIP ALGs are only able to inspect and modify addresses. SBCs support dynamic ACLs, session replication, disaster recovery, and quality of experience-based routing. They can also perform overload control and network abuse prevention. In comparison, firewalls with SIP ALGs only support static ACLs and have limited capabilities for terminating SIP sessions and ensuring availability. SBCs are therefore better suited to meet requirements for security, interoperability, availability and service level agreements.

Original Description:

apkt

Original Title

APKT PB Slides SBCs vs Firewalls 090608

Copyright

Available Formats

PPT, PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Copyright:

Available Formats

Download as PPT, PDF, TXT or read online from Scribd

Flag for inappropriate content

Download as ppt, pdf, or txt

0% found this document useful (0 votes)

25 views8 pages

The Leader in Session Border Control

Uploaded by

Nicolas Bonina

Copyright:

Available Formats

Download as PPT, PDF, TXT or read online from Scribd

Flag for inappropriate content

Download as ppt, pdf, or txt

Jump to Page

You are on page 1of 8

Search inside document

The leader

in session border control

for trusted, first class

interactive communications

Comparison of SBCs
to SIP firewall/ALGs

Summary comparison:
SBCs vs. Firewalls with SIP ALGs
SBC

Firewall with SIP ALG

Back-to-back user agent

Maintains single session

Fully state-aware at
layers 2-7

Fully state-aware at
layers 3 & 4 only

Inspects and modifies any

application layer header info
(SIP, SDP, etc.)

Inspects and modifies only

application layer addresses
(SIP, SDP, etc.)

Can terminate, initiate,

re-initiate signaling & SDP

Unable to terminate, initiate,

re-initiate signaling & SDP

Static & dynamic ACLs

Static ACLs only

Data center
SIP trunking

IP PBX
UC server

Acme Packet

IP PBX
UC server

SBC vs. firewall w/ SIP ALG comparison

Security scenarios
Use case
scenario

Business challenge

Technical requirements

SBC/FW
DoS/DDoS
self-protection

Prevent malicious or
non-malicious SIP
signaling or media
attacks & overloads
from making the SBC
or FW non-responsive

* Dynamically block attacks

* Detect/reject non-compliant

Prevent unauthorized
or fraudulent network
usage

* Control number & bandwidth

Network abuse
control

(signaling, protocol, traffic

levels) SIP sessions
* Initiate SIP BYEs to tear
down core-side sessions
* Statefully control legitimate
SIP registrations during
overloads
of simultaneous sessions
* Strip unauthorized codecs
from SDP headers
* Scan SIP header
attachments for
unauthorized content

Acme Packet

SBC FW w/
ALG

SBC vs. firewall w/ SIP ALG comparison

Application reach, regulatory scenarios
Use case
scenario

Business challenge

Technical requirements

IP PBX and
UC protocol
interworking

Translate dissimilar
signaling (SIP, H.323),
transport (UDP, TCP,
SCTP) & encryption
(none, TLS, SRTP,
IPsec)

* Terminate SIP sessions

and translate layer 2-7

protocol information
* Fix protocol anomalies &
inconsistencies

Enable users behind

Remote site
NAT traversal FW/NATs to originate

* Keep FW pinholes open by

Session
replication
for recording

* Replicate all SIP signaling

and receive VoIP calls

and UC sessions
Comply with regulatory
requirements and
maximize customer
service quality

resetting SIP registration

interval to less than FW
port TTL and caching SIP
registrations by FW IP/port

and media to recording

server(s) in addition to
intended recipient
* Replicate selective or all
sessions

Acme Packet

SBC FW w/
ALG

SBC vs. firewall w/ SIP ALG comparison

Availability scenarios
Use case
scenario

Business challenge

Technical requirements

Data center
disaster
recovery

Assure constant service

availability and quality

* Network SBC detect

Remote site
survivability

Provide alternative path

for VoIP/UC traffic when
primary path becomes
unavailable

* Monitor link and routing

Ensure no loss of active

sessions or session state
during failover

* Checkpointing of SIP

High
availability
operation

failure of datacenter SIP

session agents and reroute SIP sessions
* Datacenter SBC translate
phone numbers in SIP
headers for SIP trunk
geo-redundancy
state of upstream router &
SIP registration state of
remote IP PBX/UC server
* Re-route SIP signaling and
media to alternative
trunking provider, PSTN
media gateway or Internet
signaling, media and
configuration state between
active & standby elements

Acme Packet

SBC

FW w/
ALG

SBC vs. firewall w/ SIP ALG comparison

SLA assurance scenarios
Use case scenario

Business
challenge

Technical requirements

QoE-based
routing

Maximize voice
quality and reliability
of services and
applications

* Actively monitor voice QoS

Ensure continuous
service availability
and quality, even
under adverse traffic
loads and/or attack

* Dynamically monitor server

IP PBX/UC server
session
admission &
overload control

thresholds and ASR

* Re-route or redistribute
traffic as needed
* Release media within
access network to optimize
quality
status and control SIP
signaling flows to IP
PBX/UC servers accordingly

Acme Packet

SBC FW w/
ALG

The leader
in session border control

for trusted, first class

interactive communications

Yokogawa ICSS Overview PDF
Document73 pages
Yokogawa ICSS Overview PDF
scribd8421
100% (2)
Building Telephony Systems with OpenSIPS - Second Edition
From Everand
Building Telephony Systems with OpenSIPS - Second Edition
Goncalves Flavio E.
No ratings yet
Application Layer - Computer Networks Questions & Answers - Sanfoundry
Document8 pages
Application Layer - Computer Networks Questions & Answers - Sanfoundry
raghad mejeed
No ratings yet
Soundwin 2 4 Ip PBX
Document2 pages
Soundwin 2 4 Ip PBX
Aris Sunaryo
No ratings yet
SIP Trunking and Customisation Manual 1.0
Document94 pages
SIP Trunking and Customisation Manual 1.0
Javi Katz
No ratings yet
Avaya - ASBCE Presentation, FINAL
Document23 pages
Avaya - ASBCE Presentation, FINAL
Inamullah Shaikh
No ratings yet
Session Border Controller
Document14 pages
Session Border Controller
dusangeratovic
No ratings yet
Session Border Contoller
Document14 pages
Session Border Contoller
dusangeratovic
No ratings yet
The Sip Schools S Cao Pics
Document6 pages
The Sip Schools S Cao Pics
Ira Slotnick
No ratings yet
Volte Ims Architecture and Sip Signalling
Document60 pages
Volte Ims Architecture and Sip Signalling
Mauricio Lamiña
100% (1)
The Course Outline Avaya Aura SIP Trunking PDF
Document8 pages
The Course Outline Avaya Aura SIP Trunking PDF
Vikash Singh
No ratings yet
ASBCE PortMatrix 6.3
Document14 pages
ASBCE PortMatrix 6.3
Juan Pablo Torres Ferrada
No ratings yet
Acme Packet Session Border Controller
Document35 pages
Acme Packet Session Border Controller
Manuel Eliseo
No ratings yet
Sip Notes New
Document7 pages
Sip Notes New
win_raman
No ratings yet
Tp-Link: Load Balance Broadband Router
Document3 pages
Tp-Link: Load Balance Broadband Router
Luis Dark-passenger
No ratings yet
SBC - Acme Tutorial
Document14 pages
SBC - Acme Tutorial
Bhekisizwe Musi Sikhosana
No ratings yet
04 BroadSoft Technical Overview
Document69 pages
04 BroadSoft Technical Overview
Badr Aziz
100% (1)
D4C1S1 - SEVT Best Practices
Document122 pages
D4C1S1 - SEVT Best Practices
Neo
No ratings yet
Sip
Document10 pages
Sip
Patricia Vaz
No ratings yet
Toc Sip SDP Rel Protocols
Document12 pages
Toc Sip SDP Rel Protocols
Egy Spark
No ratings yet
LSP, Ess, SLS
Document19 pages
LSP, Ess, SLS
shyamu_cgs
No ratings yet
5 Sip 63
Document63 pages
5 Sip 63
ali_zavieh5258
No ratings yet
MA BRKIPM-3007 284349 156-1 v1
Document90 pages
MA BRKIPM-3007 284349 156-1 v1
Onno Manush
No ratings yet
Factsheet AVP254 V1.0
Document4 pages
Factsheet AVP254 V1.0
Sam
No ratings yet
Implementation of Cisco Physical Access Control Solutio
Document114 pages
Implementation of Cisco Physical Access Control Solutio
wong vui torng
No ratings yet
Session Initiation Protocol 1 2002
Document71 pages
Session Initiation Protocol 1 2002
Payal_C
No ratings yet
Tutorial Sip
Document47 pages
Tutorial Sip
sanjeevkry
100% (1)
Durable, Affordable, Feature Rich IP Telephone For The Home Office and Business
Document4 pages
Durable, Affordable, Feature Rich IP Telephone For The Home Office and Business
jortega21
No ratings yet
Next 1
Document139 pages
Next 1
mightytharos123
No ratings yet
IMS Registration Flow Analysis ISSUE 1.0
Document81 pages
IMS Registration Flow Analysis ISSUE 1.0
Florina Ciorîcă
100% (2)
Cisco SPA-112 IP-phone Adapter
Document5 pages
Cisco SPA-112 IP-phone Adapter
frans.eriksen
No ratings yet
Siemen BSC 72
Document2 pages
Siemen BSC 72
Thoranin Taisawad
No ratings yet
A Gateway For SIP Event Interworking: - Sasu Tarkoma & Thalainayar Balasubramanian Ramya
Document20 pages
A Gateway For SIP Event Interworking: - Sasu Tarkoma & Thalainayar Balasubramanian Ramya
Madhunath Yadav
No ratings yet
SIP-Based Architectures For Cisco Contact Center Solutions and Collaboration
Document77 pages
SIP-Based Architectures For Cisco Contact Center Solutions and Collaboration
mky212
No ratings yet
3BDD013090 H en Freelance Version 2013 - Distributed Control System For Process Applications PDF
Document16 pages
3BDD013090 H en Freelance Version 2013 - Distributed Control System For Process Applications PDF
AdelmoKarig
No ratings yet
SP Edge Aggr Ha Bcp.2013 Eur PDF Brkspg-2402
Document120 pages
SP Edge Aggr Ha Bcp.2013 Eur PDF Brkspg-2402
Helios De Creisquer
No ratings yet
Cisco Srw224G4P 24-Port 10/100 + 4-Port Gigabit Switch: Webview/Poe Cisco Small Business Managed Switches
Document5 pages
Cisco Srw224G4P 24-Port 10/100 + 4-Port Gigabit Switch: Webview/Poe Cisco Small Business Managed Switches
Mayobanex Mena
No ratings yet
Cisco Unified Call Manager 5.1 TCP and UDP Port Usage
Document11 pages
Cisco Unified Call Manager 5.1 TCP and UDP Port Usage
Onechina Citeabc
No ratings yet
G250 G350 Security PDF
Document40 pages
G250 G350 Security PDF
José Dalmi
No ratings yet
Configure Cube Cucm Sip 00
Document6 pages
Configure Cube Cucm Sip 00
Şerif Şahin
No ratings yet
VoIP Soft Switch 1
Document33 pages
VoIP Soft Switch 1
Ajaykumar Singh
No ratings yet
Mizu WebPhone
Document53 pages
Mizu WebPhone
Prasad Prasada
No ratings yet
Session Initiation Protocol Gateway Call Flows and Compliance Information
Document148 pages
Session Initiation Protocol Gateway Call Flows and Compliance Information
V4mpjr3
No ratings yet
An Overview of IPMI
Document53 pages
An Overview of IPMI
Basin Buldeo
No ratings yet
PB SIMBA Profibus Hardware Platform-En
Document2 pages
PB SIMBA Profibus Hardware Platform-En
sybaritz
No ratings yet
SR - No. Specifications A Basic: Technical Specifications of Dcs
Document12 pages
SR - No. Specifications A Basic: Technical Specifications of Dcs
Mahesh Chaudhari
No ratings yet
Enterprise Networking Assignment
Document19 pages
Enterprise Networking Assignment
Harris Nantikwa
No ratings yet
10/100/1000 Ethernet MAC With Protocol Acceleration MAC-NET Core
Document7 pages
10/100/1000 Ethernet MAC With Protocol Acceleration MAC-NET Core
陳思明
No ratings yet
OpenScape Session Border Controller
Document8 pages
OpenScape Session Border Controller
Kossay Ben Achour
No ratings yet
SANBlaze FC Emulation Datasheet PDF
Document2 pages
SANBlaze FC Emulation Datasheet PDF
Yilmer Zorrilla
No ratings yet
Broadsoft Solutions Guide For Vvx1500
Document24 pages
Broadsoft Solutions Guide For Vvx1500
Vinod Kumar Dhiman
No ratings yet
Cisco SPA901 1-Line IP Phone Cisco Small Business IP Phone
Document6 pages
Cisco SPA901 1-Line IP Phone Cisco Small Business IP Phone
Eden
No ratings yet
Model 450: 4 Port Wifi Modem
Document1 page
Model 450: 4 Port Wifi Modem
Rajesh Maurya
No ratings yet
DDR 4 Verification Ip
Document1 page
DDR 4 Verification Ip
Sam
No ratings yet
Alu MX52 CM
Document57 pages
Alu MX52 CM
Omar Alejandro Valdez Duran
No ratings yet
Cisco Spiad - Labv1.3.1
Document91 pages
Cisco Spiad - Labv1.3.1
fernando Jmz
No ratings yet
FreeSWITCH 1.2
From Everand
FreeSWITCH 1.2
Anthony Minessale
No ratings yet
IP Telephony: Deploying VoIP Protocols and IMS Infrastructure
From Everand
IP Telephony: Deploying VoIP Protocols and IMS Infrastructure
Olivier Hersent
No ratings yet
FPGAs: Instant Access
From Everand
FPGAs: Instant Access
Clive Maxfield
No ratings yet
Advanced Internet Protocols, Services, and Applications
From Everand
Advanced Internet Protocols, Services, and Applications
Eiji Oki
No ratings yet
Versatile Routing and Services with BGP: Understanding and Implementing BGP in SR-OS
From Everand
Versatile Routing and Services with BGP: Understanding and Implementing BGP in SR-OS
Alcatel-Lucent
No ratings yet
802.1x Ed-01
Document12 pages
802.1x Ed-01
Nicolas Bonina
No ratings yet
Tacacs+ Config
Document6 pages
Tacacs+ Config
Nicolas Bonina
No ratings yet
Intermediate Release Notes: Omniswitch 6860/6860E
Document3 pages
Intermediate Release Notes: Omniswitch 6860/6860E
Nicolas Bonina
No ratings yet
Nokia Flexi Zone Outdoor Micro-Pico Bts Datasheet
Document3 pages
Nokia Flexi Zone Outdoor Micro-Pico Bts Datasheet
Nicolas Bonina
100% (4)
Lte Mimo
Document35 pages
Lte Mimo
Cristian Benitez
100% (7)
TC1483en Ed01
Document5 pages
TC1483en Ed01
Nicolas Bonina
No ratings yet
Phasein - Omnipcx Office: Alcatel-Lucent Open Rce Fax Server
Document4 pages
Phasein - Omnipcx Office: Alcatel-Lucent Open Rce Fax Server
Nicolas Bonina
No ratings yet
Capture
Document8 pages
Capture
Nicolas Bonina
No ratings yet
Fortios v5.2.2 Release Notes
Document29 pages
Fortios v5.2.2 Release Notes
Nicolas Bonina
No ratings yet
AOS-W 6.2.1.4 Release Notes
Document78 pages
AOS-W 6.2.1.4 Release Notes
Nicolas Bonina
No ratings yet
Supported Upgrade Paths For FortiOS™ Firmware To 5.2.2
Document21 pages
Supported Upgrade Paths For FortiOS™ Firmware To 5.2.2
Nicolas Bonina
No ratings yet
Alcatel Lucent (ECS)
Document1 page
Alcatel Lucent (ECS)
Nicolas Bonina
No ratings yet
ClearPass With AOS - 802.1x UNP RoleMapping
Document11 pages
ClearPass With AOS - 802.1x UNP RoleMapping
Nicolas Bonina
No ratings yet
7.4.1 Packet Tracer - Implement DHCPv4
Document2 pages
7.4.1 Packet Tracer - Implement DHCPv4
Umayra Yusoff
No ratings yet
Switching Technologies-1
Document28 pages
Switching Technologies-1
Ali Kamil Aldulimy
No ratings yet
AIR-CT3504-K9 - Datasheet
Document9 pages
AIR-CT3504-K9 - Datasheet
Igor Luna Victoria García
No ratings yet
The ISCOM2100 Series: Complete Access Easy Management and Maintenance
Document2 pages
The ISCOM2100 Series: Complete Access Easy Management and Maintenance
berne
No ratings yet
Log
Document109 pages
Log
ANANDA Salsabila
No ratings yet
Show IP Protocols - Site-To-site IPSec VPN Configuration Example (Pt-Ipsec - PKT), Using Packet Tracer Version 5
Document4 pages
Show IP Protocols - Site-To-site IPSec VPN Configuration Example (Pt-Ipsec - PKT), Using Packet Tracer Version 5
mandolinaro
No ratings yet
NS2 Wired With TCP EXTRA
Document111 pages
NS2 Wired With TCP EXTRA
rbharath2009
100% (1)
Network Settings
Document3 pages
Network Settings
dhiec
No ratings yet
Infobip HTTP API and SMPP Specification
Document37 pages
Infobip HTTP API and SMPP Specification
Bat Moj
No ratings yet
AaKash CN 2019
Document10 pages
AaKash CN 2019
man iron
No ratings yet
CV - Tural Gasimov
Document3 pages
CV - Tural Gasimov
Tural Gasimov
No ratings yet
Erasmus Application Procedure 2014-2015
Document3 pages
Erasmus Application Procedure 2014-2015
Hindrescu Dragos
No ratings yet
Robust Header Compression - ROHC
Document5 pages
Robust Header Compression - ROHC
East Prepost
No ratings yet
Model Question Paper - Adhoc Networks
Document2 pages
Model Question Paper - Adhoc Networks
suresh viswam
No ratings yet
Lecture 05
Document24 pages
Lecture 05
Abdul Ghani Khan
100% (1)
HIKvision 123
Document4 pages
HIKvision 123
Nanang Ok
100% (1)
Mib 2
Document112 pages
Mib 2
William Negri
No ratings yet
21CS62 Tie Simp
Document4 pages
21CS62 Tie Simp
vtuhub2021
No ratings yet
CCNA3 1.2.5 Verifying RIPv2 Configuraiton Lab Handout
Document2 pages
CCNA3 1.2.5 Verifying RIPv2 Configuraiton Lab Handout
Awash Balyan
No ratings yet
Catalyst 4500 Installation
Document22 pages
Catalyst 4500 Installation
kwark
No ratings yet
Network Lab by Armstrong
Document52 pages
Network Lab by Armstrong
armstrongjoseph1908
No ratings yet
Question 1
Document3 pages
Question 1
Rahul Lakhmara
No ratings yet
Cis82 ACL Lab
Document14 pages
Cis82 ACL Lab
Usama Weince Jutt
No ratings yet
Hillstone E-1000 Series Next-Generation Firewall: E1100W / E1100WG3w / E1600 / E1606 / E1700
Document4 pages
Hillstone E-1000 Series Next-Generation Firewall: E1100W / E1100WG3w / E1600 / E1606 / E1700
Isabél Campoverde
No ratings yet
First
Document1 page
First
bharathimanian
No ratings yet
Sensebot Log
Document9 pages
Sensebot Log
Baba Bibi
No ratings yet
Computer Network Lesson Plan - Updated
Document2 pages
Computer Network Lesson Plan - Updated
Amit Prakash Sen
No ratings yet
Fx505dy SCH
Document62 pages
Fx505dy SCH
Julio Alberto Espinoza
No ratings yet
Naufal
Document9 pages
Naufal
Naufal Hanif Al-Bughury
No ratings yet