Newport Networks Sesson Border Controller
Home Company Investors Solutions Product News Contact White Papers
Search Site Map

White Papers

IPsec and VoIP
 Security and IMS
 Emergency Calls in VoIP
 UK Interconnect
 Session Control in IMS
 NAT Traversal
 QoS, Bandwidth
 SIP Security
 Lawful Intercept
 VoIP Bandwidth

Resources

What is a Session Border Controller?
 Glossary
 Bandwidth Calculator

White Paper - SIP Security and the IMS Core (Continued)

The Survivable Core

With all of the above requirements satisfied we have helped to create a survivable core. Through a combination of firewalling, signal pacing and traffic management, the valuable assets that make up the IMS core can get on with doing their job: providing any service to any device over any network.

Is the signalling firewall a logical component or a physical device? The answer is actually both. There are several functions within the 3GPP and TISPAN IMS definitions that can be considered to be border devices. The P-CSCF is the first point of contact for registration and routing of new calls and is therefore a suitable device in which to implement the signalling firewall. The I-CSCF provides topology hiding for the interconnect point. Within TISPAN, the BCF and BGF functions define signalling and media borders. All these functions may be extended to include the requirements defined above as part of a fully integrated solution. Equally, it is possible to treat the whole IMS as a target and implement the signalling and media protection externally.

What next? SPIT - Detection and Deflection

SPAM over Internet Telephony, or SPIT as it so colourfully known, is being touted as the next e-plague to descend upon us. This is the voice equivalent of email SPAM, i.e. machine driven mass dialling to subscribers to deliver junk voice mail. So how can we deal with this? The answer may lie in a two layered defence of detection and deflection. Many of the best SPAM filters around today are in fact great learning machines, they constantly learn what is SPAM and what is not, they build black lists of known sources and can achieve high rates of successful blocking. However, SPAM is non-real-time, in order to apply this technology to SPIT the detection engine must employ pattern recognition on calls to determine a potential source, this can be carried out non-intrusively in near-real-time, the results written to a policy database which is accessed by the signalling firewall which deflects or blocks the signalling and prevents the call from being established.

Conclusion

IMS offers the potential to deliver a great range of innovative services to a range of different networks. In doing so it offers an attractive target for fraud and disruption. The IMS core must be protected through the use of an effective security architecture either intrinsically as part of the perimeter of the IMS e.g. a hardened P-CSCF acting as a signalling firewall, or extrinsically by using signalling firewalls to create a DMZ for the core elements.

Newport Networks 1460 provides the carrier class hardware platform required for these duties, either as a P-CSCF itself, or as a signalling firewall protecting a third party P-CSCF. The 1460 can also offer separated signalling and media elements capable of offering full topology hiding and media policing.

Guaranteeing continuity of service is an impetrative for service providers deploying IMS cores. The survivable core also forms the cornerstone of delivering reliable Emergency Call Handling and key worker prioritisation - this is discussed in more detail in Newport Networks Emergency Call Handling White Paper.■

Page 3 of 3


See Also

IPsec in VoIP Networks

SIP Security



SPIT - SPAM over Internet Telephony
Copyright © 2007 Newport Networks Ltd. All rights reserved. RSS | Site Map | Extranet | Blog | Terms of Use | Privacy