Newport Networks Session Border Controller
Home Company Investors Solutions Product News Contact White Papers
Search Site Map

Products

Architecture
 1460 Platform
 310 Platform
 Session Border Controller
 Border Controller
 Border Gateway

Future Proof Functionality

Security
 QoS
 Regulatory
 Standards
 Carrier Grade

NAT Traversal
 Standards Compliance
 White Papers
 Document Centre
 Customer Services
Login
 Updates

Border Controller - Application Specification

See Also

Border Controller Data Sheet PDF

The Newport Networks Border Controller Application is deployed as part of a distributed Session Border Controller solution. The Border Controller (BC) applications can control one or more Border Gateways using a standard H.248 interface. The BC can be hosted on any of Newport Networks’ range of platforms (See separate data sheets for platform details). Physical separation of signalling and media allows centralised signalling control and distributed media control. The Border Controller enables peering and interconnect of VoIP signalling between operators. In addition it allows managed IP-based voice and multimedia signalling to be securely delivered to consumers and businesses. Key capabilities provided by the Border Controller application are:

  • The ability to traverse corporate, consumer and core network NAPT and Firewall devices for SIP signalling.
  • Quality of Service enforcement via session admission control.
  • Security protection for the core network, for customers, and for service revenue.
  • Regulatory compliance providing Lawful Intercept and Emergency Call Handling.

The BC can support from under 1,000 to over 190,000 signalling sessions depending on the hosting platform; call processing performance can be scaled independently to achieve up to 1,000 calls per second.

See Release 5.x specifications.

Network Interoperability

SIP is at the heart of every evolving multimedia IP network and provides both the common protocol for these networks to communicate and a powerful framework through which they can differentiate themselves. Being an open and extensible protocol SIP offers a range of ways to enhance and extend the information that it carries. This has led to many networks using different sub-sets of SIP’s features and in some cases using unique extensions to SIP in order to implement useful new features. This has resulted in many networks being unable to exchange traffic because the methods and features offered are not common between them.

To solve this problem Newport Networks has introduced network profiling to ensure that messages crossing the borders of a network are made compatible with the destination network. This greatly increases the chances of the call completing successfully and therefore maximises revenues.

Message manipulation can be defined per peering network. In addition to user defined custom network profiles, Newport supplies standard profiles for common types of switches. Message manipulation features include the ability to strip headers; add headers, substitute headers, modify URIs, reject methods and strip MIME bodies. Message manipulation can also be applied to 3GPP headers, which include PATH, Service Route, Route, Privacy, P-asserted Identity, can be manipulated appropriately according to the location of the controller within the IMS architecture.

Peering Architecture with Dial Plan feature

The Border Controller supports dial plans which can be created to route calls between networks based on E.164 dialled digits or on FQDN. This feature allows the BC to be used in simple exchange applications without the external Call Routing Engine (described in a separate application note).

Security

Proxy pinhole firewall capabilities protect network resources and subscribers from malicious attacks; Network Address and Port Translation (NAPT) provides topology hiding and ensures connectivity to networks that use private or un-routable addressing schemes. Malicious attack prevention provided at layer 3/4 and layer 5 (SIP attacks) automatically protects the core network and thus service revenues.

Quality of Service

Session Admission Control manages traffic volumes to avoid network congestion, enabling the provision of a deterministic service level to subscribers. Configurable congestion control provides protection from network overload. Multiple CPU levels can be configured to provide traffic levelling and traffic back-off thresholds. This enables progressive levels of traffic throttling thus smoothing traffic and preventing “flash floods”.

The Newport BC can increase the efficiency of registration servers by performing authenticated de-registration on behalf of the user when it detects the user has left without de-registering. This avoids orphaned entries in the server database and prevents incoming calls being sent to an absent user.

DiffServ Code Point (DSCP) re-marking enables media flow differentiation based on a quality policy to be enforced on a per-user and per-session basis

Carrier Grade

The BC application can be deployed within a chassis either in redundant or non-redundant modes. In redundant mode the BC functions are deployed in active/stand-by pairs, if there is a failure of either the application or CPU the hot stand-by takes over with no loss of data.

Resilience connection to the BC is supported via physical link aggregation (802.3-2002) providing link resilience and load balancing. In addition LAG Resilience provides additional protection against network outages by routing traffic via alternative LAGs if the primary LAG or hosting network equipment fails. This provides optimal network resilience with the flexibility to adapt to individual network supported scenarios.

The BC application supports the secure traversal of corporate and network based firewalls and NAT devices, without deploying additional customer premise equipment or replacing existing firewalls and NAT devices. NAT bindings with User Agents are maintained by forcing the UAs to increase the frequency of their re-registrations; excess re-registration messages are filtered by the BC to reduce network traffic and Call Agent loading.

Intelligent load balancing across multiple Call Agents provides the ability to create load balanced groups of Call Agents or Proxy Servers. In the event of a failure of a Call Agent or Proxy Server, new calls will automatically be distributed to the active devices.

Call Agent Status monitoring allows monitoring of the status of all call agents, whether they have been configured in the system or dynamically discovered.

Regulatory

The Border Controller used in conjunction with Newport Networks’ Border Gateways, provides service providers with a turn-key lawful interception system designed into the signalling and media paths and delivering fully compliant Handover Interfaces.

Support for Emergency Call Handling (ECH) enables the identification of up to 20 pre-defined global and local emergency identifiers, bypassing any policing profiles.

Standards

The Border Controller application complies with the architectural requirements of the ETSI TISPAN standards. The BC acts as a TISPAN Interconnect Border Control Function (IBCF) device.

Key Features

Security

  • Access Control including signalling control of media pinhole firewall (on Border Gateway)
  • Core network topology hiding using NAPT at layer 3 and 5
  • Customer address hiding - Route stripping
  • DoS protection
  • SIP transaction rate limiting per registered customer
  • SIP registration rate limiting
  • Detect and reject malformed packets

Quality of Service

  • Session Admission Control (SAC) per-customer, per-VLAN and per-physical interface:
  • Number of sessions/bandwidth allowed
  • Number of registered users (applied to customer limit only)
  • Policing per-session via H.248 link to Border Gateway
  • Re-mapping of ToS bits and DiffServ codepoints based on:
  • SIP quality parameter
  • Media type and codec in signalling
  • Static mapping table
  • Authenticated de-registration

Regulatory

  • Lawful Interception (CALEA and ETSI). National variants supported.

Carrier Grade Resilience

  • Configurable congestion control
  • Link aggregation (802.3-2002) for resilience and load balancing
  • LAG Resilience
  • Alternate Call Agent routing

Connectivity

  • Layer 2 VLAN tagging (802.1q and 802.1p)
  • Intelligent filtering of SIP re-registration messages

Management

  • Operational configuration and monitoring via Web GUI
  • Full configuration and monitoring using an advanced CLI
  • Alarm and Trap element management using SNMPv3

IETF MIDCOM Compliance

  • Fully compatible with the MIDCOM architecture

ETSI TISPAN Compliance

  • Provides IBCF (Interconnect Border Control Function) capabilities

Signalling Compliance

  • SIP compliant with RFC 2543 and RFC 3261
  • SIP-T compliant with RFC 3372
  • SDP compliant with RFC 2327
  • H.248/Megaco compliant with RFC 3015


Border Controller Data Sheet PDF

Release 5.x software data sheet


See also:

Session Border Controller White Papers

Architecture

What is a Session Border Controller?

For more information on the 1460 please contact sales@newport-networks.com
Copyright © 2008 Newport Networks Ltd. All rights reserved. RSS | Site Map | Extranet | Blog | Terms of Use | Privacy