February 2002

BY ERIK GIESA AND MATT LAZARO

Carriers are looking for ways to tap into the tremendous market potential for terminating PC and phone-based, SIP-based voice and data traffic to the public switched telephone network (PSTN). And one of the most compelling examples of just how large this market potential has become was released on Oct. 25, 2001, when Microsoft unveiled its Windows XP operating system and its new SIP-based Messenger client, which included PC-to-phone calling capabilities. While this PC-to-phone termination market will offer strong rewards for carriers offering wholesale termination/origination services, these carriers will need to have the flexibility to support their customers with new business models such as application hosting and new SIP-based services that go beyond simply terminating Messenger-based traffic.

As they build networks to support the revenue streams enabled by Messenger termination traffic, service providers should take this opportunity to deploy an infrastructure solution that goes beyond the immediate Messenger opportunity and sets the stage for maximum future revenues at the minimum incremental cost. Service providers can maximize revenues by offering a rich set of converged services on a retail or wholesale basis to consumer or enterprise markets, or by offering hosted or wholesale services to other service providers. At the same time, providers can minimize their costs by implementing a network infrastructure that supports best-in-class products from industry-leading third-party suppliers.

In designing and implementing SIP-capable networks, core carriers will be required to achieve superior levels of performance, five-nines reliability, and scalability in order to guarantee call quality and ensure application integrity. For example, SIP-based networks should be designed to handle large volumes of traffic where an individual SIP gateway can scale linearly to support more than three million busy calls per hour. Carriers must meet or exceed the benchmarks set by legacy equipment on the traditional telephony network.

Carriers should be ready to offer enhanced services that go beyond wholesale SIP origination and termination, with new services like calling card, conferencing, unified messaging, and presence-enabled applications. Facilities-based service providers are looking to provide whole SIP-based origination (routing PSTN calls to IP-devices such as Windows Messenger clients) and termination (routing IP-based calls to the PSTN). By outsourcing their IP-to-PSTN interconnection to wholesale carriers, Internet telephony service providers and other enhanced service providers can avoid building their own VoIP networks, and instead focus on developing applications and serving their subscribers.

In order to efficiently meet these demands, however, a strong foundation is first required. Which products are needed, and what are the steps that service providers need to take to ensure their success in this enormous market opportunity? And what�s the big deal about SIP, especially now?

The Dawn of A New Era
The market anticipates heavy volumes of SIP voice traffic generated by the Windows Messenger features incorporated in the Microsoft Windows XP operating system. In recent reviews, Windows Messenger has been seen as a �killer app� because of its comprehensive unified and real-time messaging functions in an easy to use interface. As a result, adoption is expected to be rapid: We estimate that monthly SIP minutes terminated to the PSTN by Messenger users will rise from less than 500 million in 2001 to nearly 3 billion by 2005, a 70 percent combined annual growth rate. SIP also provides a framework for developing an enriched mobile communications experience in the all-IP third generation (3G) mobile networks, for which SIP has been designated as the signaling and call control standard.

The key considerations in designing and deploying a SIP-based communications network should be scalability, extensibility, reliability, and performance. Or, put another way, a converged communications network must be able to evolve in three key areas: Application growth, capacity growth, and changes in the overall business model.

Application growth: Messenger termination is only one of many SIP-based services that wholesale carriers can offer. The network must enable the rapid deployment of feature-rich applications that can be quickly developed with today�s application server development environments. Applications can include enhanced applications such as presence-enabled conference calling as well as revenue-generating traditional voice applications such as one-number or prepaid calling services.

Capacity growth: Networks designed to support converged services such as voice, presence, instant messaging (IM), and unified messaging must be able to scale in a near-linear manner to handle expected growth. This scalability must apply to the three main functional planes (or requirements) of a SIP network: Security, accounting, and routing. An increase in overall network traffic will drive capacity needs at the routing core. An increase in the number of applications supported will require an application platform that can support multiple applications, while providing incremental capacity for those applications as usage grows. An important consideration here is that each of these functional areas -- security, accounting, and routing -- must be able to scale independently.

Business model growth: Since a service provider�s business goals will change over time, its SIP infrastructure must be flexible enough to support these evolving goals. Specifically, the SIP network must be able to support four critical changes: Separation of applications from the network facilities, ownership of applications (which must be dictated by business considerations, not network considerations), separation of subscribers from network facilities, and flexibility in subscriber ownership.

Building The Foundation: A Windows Messenger Example
With these architectural considerations in mind, let�s take a look at some of the key network elements that a wholesale carrier might deploy to build a converged network infrastructure. Such a �future proof� network could be used to deliver Microsoft Messenger termination services as well as many other enhanced applications.

Routing Engine
A routing engine offers programmable routing intelligence, a small footprint and centralized, aggregate administration, resulting in a powerful and economical carrier-class solution. To allow for the manageability and scalability demanded in today�s voice networks, the engine is typically deployed as part of a fault-tolerant node consisting of two or more engines and SIP-aware load balancers. When deployed in a redundant network, the engines can discover network outages and be configured to automatically route around them and rediscover routes without human intervention. The key idea here is that as many routing engines as necessary, in conjunction with SIP-aware load balancers, can be deployed to deliver carrier-grade performance. The aggregate manager allows the entire cluster of routing engines and load balancers to be monitored and managed as a single node, greatly simplifying network management.

Load Balancer/Traffic Manager
Considered the �glue� of a SIP-enabled network, the load balancer should front-end all redundant mission-critical elements of a SIP origination and termination solution -- beginning at the firewall, and flowing through the proxies and route engines, all the way back to the application servers. An intelligent traffic management and load balancing solution ensures high availability and reliability of SIP-based services.

By intelligently distributing SIP traffic among multiple SIP proxy servers, an intelligent load balancer can enhance the performance and availability of the solution, providing carrier-class uptime (five-nines) and reliability. Look for a solution that provides carrier-grade performance and effectively scales SIP traffic by intercepting, inspecting, transforming, and directing traffic flowing through SIP proxy servers. It should load-balance SIP traffic and provide application persistence based on the unique SIP caller ID to ensure application and transaction integrity. An intelligent load balancer/traffic manager ensures application and call integrity by making sure that traffic persists to the correct destination and by providing session state fail-over in the event of failure on back-end proxies or route engines. Additionally, to ensure reliability and availability of SIP services, the product should be able to check their health and availability of these proxies or route engines before routing traffic.

We should note that the combination of a core routing engine and a SIP-aware load balancer is an ideal example of what we mean by linear scalability at each functional plane -- in this case, the routing plane. For example, proxy servers have built-in load-balancing capabilities that are used mainly for lower-density situations. Proxy vendors work with leading vendors who provide hardware-based SIP load balancers for high-density applications. The result of SIP load balancing is that networks can grow linearly to keep pace with additional utilization. This �pay as you grow� strategy is possible at multiple layers of the network. For example, the access network can be grown linearly to support new sources of network traffic. As the traffic from individual access networks grows, a wholesale service provider could also sign up additional access network providers.

Security Solution
As SIP-based network deployment grows, the need for a robust security solution will become a paramount issue for the service provider. SIP network security is based upon several leading technologies collaboratively working to keep potential attackers from harming the network: An edge proxy, a firewall control proxy, and a media-enabled firewall. Components of a comprehensive SIP security solution include:

Edge Proxy: An edge proxy serves as a network sentry, acting as the single point of contact for outside SIP signaling traffic and as the final egress point for exiting traffic. It provides authentication and authorization services through a TLS connection to ensure that only authorized SIP traffic enters and leaves the network. The edge proxy performs the important function of �hiding� the downstream proxies from the outside and is configured to forward all calls from trusted peers to the next internal hop.

Firewall Control Proxy: A firewall-control proxy works closely with the edge proxy and firewall to maintain network security and remain hidden from outside the network. The main function of the firewall control proxy is to dynamically open and close pinhole pairs in the firewall for each authorized media stream. The firewall control proxies also work closely with the firewall to perform Network Address Translation (NAT). The proxy remotely manages firewall policy and message routing. The failover and dynamic control capabilities of the firewall control proxies introduce resilience and reliability into a service provider network.

Media-Enabled Firewall: This component fronts the SIP network. It is a transparent, non-addressable VoIP firewall that prohibits access to all internal network elements except for the edge proxy. High-performance, carrier-class firewalls are capable of limiting incoming traffic to the edge proxy, ensuring outside traffic arrives via a persistent, secure TLS connection and ensuring only media traffic for authorized calls is permitted to enter the network.

Providing A Foundation For Growth
As we have seen, Microsoft�s recent rollout of a widely available, easy to use, and robust SIP client for Internet telephony presents immediate revenue opportunities to ITSPs whose networks meet the demands of this large-scale PC-to-phone service deployment. In building a SIP-based network to seize this opportunity, an ITSP must ensure that the network solution deployed will enable ongoing revenue opportunities beyond Messenger-to-phone service, by cost-effectively supporting capacity, application, and business model growth.

Deploying a SIP-based infrastructure as described in this article will help ensure a truly extensible network -- one that can be easily extended to support new revenue-ready solutions such as conferencing, unified messaging and calling card services. This enables a rapid return on investment for new services, as costs are shared across many applications and services. Just as IP networks provide application convergence at the transport layer, SIP networks enable service providers to deploy many SIP-based services over a common infrastructure.

Creating a deployment-ready solution -- a scaleable and reliable SIP foundation -- enables quick time-to-market for Messenger Termination service, while enabling a network infrastructure designed to deliver unlimited potential for profitability.

Erik Giesa is director of Product Management for F5 Networks, of Seattle, WA. F5 is a leading provider of integrated products and services that manage, control and optimize Internet traffic and content. For more information, visit www.f5.com.

Matt Lazaro is solutions manager for dynamicsoft Inc., of East Hanover, NJ. dynamicsoft is a leading provider of SIP solutions for communications networks. For more information, visit www.dynamicsoft.com.

[ Return To The February 2002 Table Of Contents ]