The Enterprise Session Border Controller - More Than Just a SIP Trunk Solution


The Enterprise Session Border Controller - More Than Just a SIP Trunk Solution

By Paula Bernier, Executive Editor, IP Communications Magazines  |  January 01, 2011

This article originally appeared in the January 2011 issue of INTERNET TELEPHONY Magazine.

Session border controllers made their name by acting as gatekeepers at connection points between different service providers’ networks. They’re still commonly used for this application, but SBCs also increasingly are making an appearance at business customer sites to enable service providers to control SIP traffic. And E-SBCs, as this second group of solutions is known, could be used by service providers to support other business applications – namely, videoconferencing – as well, says Steven Johnson, president of Ingate Systems.

Ingate is sponsoring an ITEXPO (News - Alert) pre-conference event on Feb. 1 in Miami to educate service providers about how they can leverage E-SBC solutions to support SIP trunking as well as expand their market penetration and revenue opportunities by offering services tied to other applications such as videoconferencing.

Of course, the current reason service providers are investing in and deploying E-SBCs from such companies as Acme Packet, AudioCodes, Cisco Systems, Edgewater Networks (News - Alert) Inc., Ingate, Juniper Networks and Sipera is to support interoperability between various vendors’ PBX solutions and SIP trunks. Indeed, Ingate has several service providers using its SIParator E-SBCs to do just that. In fact, Johnson says that Ingate recently won E-SBC business from a major cable TV company, which plans to use the devices at the edge of its business customers’ networks to normalize signals between user PBXs and the network operators’ SIP trunks. The Ingate E-SBC has been certified to work with about 30 PBXs, or about 90 percent, of the private branch exchanges on the market.

As Johnson previously wrote in his Ask the SIP Expert column in INTERNET TELEPHONY an  E-SBC will normalize the SIP signaling so that the IP PBX at the customer site and the service provider’s network are fully compatible. Normalization of the SIP signaling allows service providers to support more IP PBXs, or those IP PBXs that are not yet certified by the ITSP to expand its business without the need for extensive interoperability certification with each IP PBX. An E-SBC also can be used to resolve NAT traversal issues to enable the adoption of SIP, SIP trunking and full unified communications by securely permitting SIP signaling and related media to traverse the firewall. Without this function, most companies will have one-way audio only. E-SBC solutions also provide security through deep packet inspection, which can be effective against buffer overflow attacks, denial of service attacks, sophisticated intrusions, and a small percentage of worms that fit within a single packet.

E-SBCs also offer control through authentication. Many service providers require authentication of the user with their network, explains Johnson, but some IP PBXs do not support this function. This technology also enables disaster recovery in the event a customer’s main office goes down. In such a scenario, the E-SBC can reroute SIP traffic to a secondary office to keep business up and running.

Enterprise session border controllers also deliver quality of service by ensuring that mission-critical voice calls have priority over other Internet traffic, and that call quality remains high; provide encryption for maximum privacy even over the public Internet; and offer intrusion detection/prevention, which enables the E-SBC to detect DoS attacks based on SIP, and to block malicious SIP signaling packets designed to attack certain SIP phones, servers or other devices on the enterprise LAN. This secures the enterprise network as the E-SBC handles the attacks while the servers and other SIP devices in the network can still be used.

That’s a lot of functionality, but there’s even more that E-SBCs can do. As noted above, they also have great potential to enable service providers to deliver new services to support videoconferencing, says Johnson, noting that there’s a great deal of excitement about video to the desktop and that many people see video to the desktop as the next step on the path to unified communications.

The service providers that Ingate is talking to are thinking about video, he adds, but it’s a completely different solution than what they delivering relative to SIP trunking. That said, the question is how these service providers can participate in delivering video services to customers and, in the process, avoid becoming commodity pipe providers in this environment. The answer, according to Johnson, is by leveraging E-SBC technology, which can differentiate between SIP trunking traffic and video traffic. He says the Ingate E-SBC can identify and deliver SIP trunking traffic where it needs to go, and can handle video as if it were a data stream going through the service provider’s cloud to another video endpoint. Not only that, but it would be able to create call detail records that would allow the service provider to treat and bill for video as an enhanced service.

While Ingate was unable to name any service provider customers that are using its E-SBC for this videoconferencing application during INTERNET TELEPHONY’s interview with Johnson in late November, he said that the company has been shopping this idea to its service provider contacts and has received some positive feedback.

To hear more about the video application for E-SBCs, as well as how Telia of Sweden and various other service providers are using enterprise session border controller technology today, join Ingate and TMC (News - Alert) next month for the Feb. 1 pre-show event noted above; for ITEXPO Feb. 2 through 4; and for the SIP Trunk-UC Summit collocated with ITEXPO Feb. 2 through 4 in Miami.

Ingate E-SBC Solutions Address Various Needs

Ingate Systems (News - Alert) Inc. in the fall took the wraps off three new mid-range SIParator enterprise session border controllers and introduced a new top-end E-SBC SIParator solution.

The mid-range models address applications that require support for 50 to 800 simultaneous calls.

The top-end SIParator solution, meanwhile, can handle up to 3,000 simultaneous calls. Johnson explains that its precursor topped out at 1,800.

Ingate got its start in 2001 with the introduction of a SIP-aware firewall. It came out with the SIParator a year later. Although the product wasn’t initially referred to as a session border controller, as that term emerged later on, Johnson says Ingate knew that if unified communications was ever going to be available to enterprise, there would be a need for such a function, because most firewalls don’t support SIP, at least not in a robust way.

Today, he says, Ingate is leading the E-SBC market player in terms of price and performance.

The company is also involved in work related to interoperability in SIP trunking. Specifically, it was key player in the SIP Forum’s (News - Alert) work around SIPconnect, which specifies a reference architecture for SIP trunking, narrowing implementation rules and guidelines around such implementations. That enables SIP trunking solutions to more easily be put in place to eliminate gateways and extend VoIP benefits, offer optimized quality of service, and provide security for applications.

SIPconnect 1.1, which was expected to be finalized by the end of 2010, aims to strengthen must vs. should implementations, offer call transfer expansion, address implicit vs. explicit register issues, and UM issues for 2.0.

Edited by Stefania Viscusi


Sign up for our free weekly Internet Telephony Newsletter!

Get the latest expert news, reviews & resources. Tailored specifically for VoIP and IP Communications.