Results matching “sip”

What you need to know about Mitel's acquisition of Polycom

What's NewMitel plans to acquire Polycom in a deal valued at $1.96 billion; the acquisition is expected to close in the Q3 2016. In the world of unified communications, this is a very big deal because it gives the combined companies a stronger product portfolio, globally diversified sales channels, and a solid balance sheet at the new Mitel continues to battle Cisco and Microsoft for market share and mindshare.  The ProsFrom a sales perspective, the two companies have complementary strengths both in terms of installed base and sales channels:  Mitel has a strong sales presence in Europe, while Polycom has strong sales channels in the Asia Pacific region.  Mitel's customer research suggests strong opportunities for cross-selling of the two companies' portfolios.   The Mitel product portfolio holds a strong IP-telephony platform, mobile software and services and cloud services, adding to Polycom's strength in voice, video and content collaboration systems. Both companies have worked hard to integrate their platforms and systems with Microsoft's Lync and Skype for Business portfolios - an essential requirement for most enterprise collaboration-centric architectures.   The ConsOne of the potential downsides to the acquisition is how Polycom's retail customers and OEM partners would perceive the deal.  To counter this concern, Mitel will keep the brand and will operate Polycom as a division within Mitel since Polycom is a well-recognized brand. Mitel will also continue to fully support and evolve Polycom products - even if they are solution components provided by Mitel's competitors, according to Mitel CEO Rich McBee.  To assure Polycom's OEM partners, McBee said that Mitel fully understands that "to change everything, change terms, change look and feel . . .  is a recipe for disaster." Rather, he suggests that the Mitel will continue to "partner with the solutions that Polycom is providing to these OEMs. . . [and] enhance the capability with the broader technology portfolio."  Why this is importantFrom a competitive perspective, Mitel will continue to face Cisco and Microsoft as its two largest competitors.  Both of these giants outweigh Mitel by an order of magnitude when it comes to overall sales, and both competitors have a much larger networking / cloud / software product portfolio that Mitel doesn't.  But Mitel has something that Microsoft and Cisco don't have - a singular focus on providing real-time communications solutions that leverage premise, cloud, and mobile solutions.  This acquisition turns Mitel into a market-share leader with video systems and IP phones.  Mitel contends that the combined companies will hold leading global market positions including "number one in business cloud communication, number one in PBX extensions in Europe, number three in the Americas and number four globally," according to the company's statement.  It also touts that it will hold top share in conference phones and open SIP sets, taking the number two spot for video conferencing systems. The increased sales revenue allows Mitel and Polycom a larger pool of resources for R&D that will further enhance their product portfolios.  More importantly, the transaction allows Mitel to cut its net debt ratio by almost half, strengthening its balance sheet and opening the door to even more possible acquisitions.  Mitel has been bold in recent years with it Astra merger in 2014 and its Mavenir acquisition in 2015.  The combined Mitel portfolio of IP telephone platforms, phones, video systems, and cloud improve its position against all of its top competitors-  including Microsoft, Cisco, Avaya, and ShoreTel.  Mitel is clearly girded for a long term battle with each of these companies.  The next question:  What will Avaya and ShoreTel do to counter Mitel?  These competitors also depend almost exclusively on providing competitive real time communications solutions, and neither can afford to sit idly by as Mitel becomes an increasing threat.  Return to the original entry to comment....


What's New

Mitel plans to acquire Polycom in a deal valued at $1.96 billion; the acquisition is expected to close in the Q3 2016. In the world of unified communications, this is a very big deal because it gives the combined companies a stronger product portfolio, globally diversified sales channels, and a solid balance sheet at the new Mitel continues to battle Cisco and Microsoft for market share and mindshare. 
 
The Pros

  • From a sales perspective, the two companies have complementary strengths both in terms of installed base and sales channels:  Mitel has a strong sales presence in Europe, while Polycom has strong sales channels in the Asia Pacific region.  Mitel's customer research suggests strong opportunities for cross-selling of the two companies' portfolios.   

  • The Mitel product portfolio holds a strong IP-telephony platform, mobile software and services and cloud services, adding to Polycom's strength in voice, video and content collaboration systems. Both companies have worked hard to integrate their platforms and systems with Microsoft's Lync and Skype for Business portfolios - an essential requirement for most enterprise collaboration-centric architectures.   

The Cons

  • One of the potential downsides to the acquisition is how Polycom's retail customers and OEM partners would perceive the deal.  To counter this concern, Mitel will keep the brand and will operate Polycom as a division within Mitel since Polycom is a well-recognized brand. Mitel will also continue to fully support and evolve Polycom products - even if they are solution components provided by Mitel's competitors, according to Mitel CEO Rich McBee.  

  • To assure Polycom's OEM partners, McBee said that Mitel fully understands that "to change everything, change terms, change look and feel . . .  is a recipe for disaster." Rather, he suggests that the Mitel will continue to "partner with the solutions that Polycom is providing to these OEMs. . . [and] enhance the capability with the broader technology portfolio."  

Why this is important

From a competitive perspective, Mitel will continue to face Cisco and Microsoft as its two largest competitors.  Both of these giants outweigh Mitel by an order of magnitude when it comes to overall sales, and both competitors have a much larger networking / cloud / software product portfolio that Mitel doesn't.  But Mitel has something that Microsoft and Cisco don't have - a singular focus on providing real-time communications solutions that leverage premise, cloud, and mobile solutions.  

This acquisition turns Mitel into a market-share leader with video systems and IP phones.  Mitel contends that the combined companies will hold leading global market positions including "number one in business cloud communication, number one in PBX extensions in Europe, number three in the Americas and number four globally," according to the company's statement.  It also touts that it will hold top share in conference phones and open SIP sets, taking the number two spot for video conferencing systems. 

The increased sales revenue allows Mitel and Polycom a larger pool of resources for R&D that will further enhance their product portfolios.  More importantly, the transaction allows Mitel to cut its net debt ratio by almost half, strengthening its balance sheet and opening the door to even more possible acquisitions.  Mitel has been bold in recent years with it Astra merger in 2014 and its Mavenir acquisition in 2015.  

The combined Mitel portfolio of IP telephone platforms, phones, video systems, and cloud improve its position against all of its top competitors-  including Microsoft, Cisco, Avaya, and ShoreTel.  Mitel is clearly girded for a long term battle with each of these companies.  The next question:  What will Avaya and ShoreTel do to counter Mitel?  These competitors also depend almost exclusively on providing competitive real time communications solutions, and neither can afford to sit idly by as Mitel becomes an increasing threat.  

A little bit about The SIP School™

The SIP School™ is the web's leading SIP training service and its SSCA® certification is the only 'globally recognized' certification in industry today.  As well as SIP, students can also learn about VoIP and Video over IP and WebRTC.  There is even a program for Sales personnel. Many organizations endorse The SIP School including the TIA."The Telecommunications Industry Association (TIA), the leader in advocacy, standards development, business development and intelligence for the information and communications technology industry, has officially endorsed the The SIP School™ as the provider of choice for training and certification for Session Initiation Protocol (SIP)."Resources from The SIP School™...


The SIP School™ is the web's leading SIP training service and its SSCA® certification is the only 'globally recognized' certification in industry today.  As well as SIP, students can also learn about VoIP and Video over IP and WebRTC.  There is even a program for Sales personnel. Many organizations endorse The SIP School including the TIA.

"The Telecommunications Industry Association (TIA), the leader in advocacy, standards development, business development and intelligence for the information and communications technology industry, has officially endorsed the The SIP School™ as the provider of choice for training and certification for Session Initiation Protocol (SIP)."


SIP School Certified Associate (SSCA®) SIP Training

Becoming a 'SIP School Certified Associate' or SSCA® proves to the world that you both understand the protocol called SIP and can work in the ever evolving world of Voice over IP. The SSCA® is the single most important certification on SIP in the world today and we'd like to help you get certified.


Fighting IP Telephony Fraud with Oracle Enterprise Session Border Controllers

Oracle recently introduced a number of new Enterprise Session Border Controller (E-SBC) features to help businesses fight VoIP fraud. This case study reviews common IP telephony scams and explains how the new Oracle E-SBC capabilities, along with other security measures, can help network administrators combat service theft and mitigate risks.Telephony fraud poses a significant threat to both businesses and communications services providers. A 2015 Communications Fraud Control Association (CFCA) survey estimates global telecommunications fraud loss at $38.1 billion (USD) annually. A good chunk of that--about $3.5 billion--is attributed to corporate IP-PBX and unified communications system service theft.IP-PBXs and UC systems are vulnerable to a wide range of increasingly sophisticated attacks. Cybercriminals can leverage open source scanning tools to identify VoIP endpoints and systems with weak passwords, apply common Internet hacking techniques to gain access to IP communications systems, or exploit known vulnerabilities in specific vendor platforms or other voice network components to commit fraud.IP telephony scams can come in many forms, can originate from inside or outside the company, and can impact any business regardless of size or industry. In simple cases, hackers gain access to corporate voice networks to make free international calls. In more sophisticated attacks, cybercriminals concoct complicated schemes to reap real financial rewards. For example, scammers engage in hijacking schemes to generate illicit revenue as rogue service providers. They break into a corporate voice network and "resell" international minutes to other service providers or unsuspecting consumers. In a widely published Massachusetts case, cybercriminals hacked into a small-business phone system and made $900,000 in calls to Somalia. (The story made headlines when the service provider sued the business owner, who had refused payment.)Still other cyberthieves engage in traffic pumping schemes. They lease a premium telephone number in a foreign country (similar to a 900 number in the United States), hack into a corporate voice network and generate calls to that number. In many cases the criminals receive remuneration from the intermediate service provider before the victim even realizes its phone system has been compromised. In other versions of the scam, criminals collude with legitimate premium number owners, steering calls to them for a kickback.Combat Voice Over IP Fraud with New Oracle E-SBC CapabilitiesWebtorials readers are very familiar with the unique security challenges inherent in IP communications networks and the role enterprise session border controllers play in protecting premise-based systems from denial of service, address scanning, man-in-the-middle, and other attacks. Deployed at the edge of the enterprise network, Oracle Enterprise Session Border Controllers (E-SBCs) are ideally positioned to protect against IP telephony fraud as well. To that end, Oracle recently introduced a number of new features to help businesses proactively combat VoIP fraud and mitigate financial risks.Blacklisting and WhitelistingThe new Oracle E-SBC blacklist/whitelist capability lets you explicitly block outbound calls to specific phone numbers (or SIP URIs) or ranges of phone numbers. The combination of blacklisting and whitelisting enables a flexible strategy for thwarting both hijacking and traffic pumping schemes. Forbidden destinations are blacklisted. Exceptions are whitelisted. For example, the CFCA study lists Cuba, Somalia, Bosnia and Herzegovina, and Estonia and Latvia as the top destinations for fraudulent calls. You can blacklist all calls to those countries and whitelist exceptions, such as valid calls to a trusted software contractor based in Latvia. Blacklists/whitelists are easily configured via a graphical user interface or an XML file upload. Wildcards are supported to effortlessly block all calls to a specific country or SIP URI domain name. You can use the XML capability to easily import fraudulent number lists from a telephone fraud watchdog service.Call Rate LimitingThe new call rate limiting feature lets you restrict outbound call volumes to specific phone numbers (or SIP URIs) or ranges of phone numbers. It is useful for mitigating the effects of traffic pumping scams. Similar to blacklists/whitelists, call rate limits are defined via a GUI or XML file, with wildcard support for easy configuration. Call rate limiting enables a proactive fraud mitigation strategy. For example, you can allow unlimited calls/day to the United Kingdom but only one call/day to Estonia. The feature can also be used reactively. For example, you can throttle calls from certain sources or to certain destinations while analyzing and isolating a threat.Call RedirectionThe new call redirection feature lets you automatically transfer blocked calls to another destination, such as a media server, monitoring system, or recording system. For example in hijacking schemes, you can redirect the calling party to a media server that plays an announcement indicating the call cannot be completed as dialed. Alternatively, you may route the call through monitoring and/or recording systems to enable further analysis.Additional Tips for Protecting Your IP Communications InfrastructureThe latest Oracle E-SBC fraud protection capabilities help you proactively mitigate risks in the event a hacker gains access to your corporate voice network. These should be used in conjunction with other security measures to build a multi-layered approach to security. (Prevent hackers from gaining access to the network as a first line of defense. Contain hackers from doing harm as a second line of defense.)For ultimate protection:Deploy Oracle E-SBCs at Internet and SIP trunking service borders to protect premise-based IP networks against the widest range of external threats.Use strong passwords in SIP endpoints and UC clients to safeguard against unauthorized access from inside or outside the company.Place IP-PBX traffic on a distinct VLAN to protect against eavesdropping and internal perpetrators.Keep abreast of the latest security warnings and software patches for all your IP communications systems--PBXs, UC platforms, voicemail systems, etc.Regularly review call detail records for patterns of service theft.By deploying Oracle E-SBCs with telephony fraud protection capabilities in conjunction with other security systems and practices you can take full advantage of today's IP-based communications platforms while minimizing the risk of fraud, eavesdropping, denial of service, and other threats.Next StepsVisit the Oracle Enterprise Session Border Controller web page to learn how Oracle E-SBCs can help you combat IP telephony fraud and other security threats. Already an Oracle E-SBC customer? Update your E-SBC software today to enhance...


Oracle recently introduced a number of new Enterprise Session Border Controller (E-SBC) features to help businesses fight VoIP fraud. This case study reviews common IP telephony scams and explains how the new Oracle E-SBC capabilities, along with other security measures, can help network administrators combat service theft and mitigate risks.

Telephony fraud poses a significant threat to both businesses and communications services providers. A 2015 Communications Fraud Control Association (CFCA) survey estimates global telecommunications fraud loss at $38.1 billion (USD) annually. A good chunk of that--about $3.5 billion--is attributed to corporate IP-PBX and unified communications system service theft.

IP-PBXs and UC systems are vulnerable to a wide range of increasingly sophisticated attacks. Cybercriminals can leverage open source scanning tools to identify VoIP endpoints and systems with weak passwords, apply common Internet hacking techniques to gain access to IP communications systems, or exploit known vulnerabilities in specific vendor platforms or other voice network components to commit fraud.

IP telephony scams can come in many forms, can originate from inside or outside the company, and can impact any business regardless of size or industry. In simple cases, hackers gain access to corporate voice networks to make free international calls. In more sophisticated attacks, cybercriminals concoct complicated schemes to reap real financial rewards. For example, scammers engage in hijacking schemes to generate illicit revenue as rogue service providers. They break into a corporate voice network and "resell" international minutes to other service providers or unsuspecting consumers. In a widely published Massachusetts case, cybercriminals hacked into a small-business phone system and made $900,000 in calls to Somalia. (The story made headlines when the service provider sued the business owner, who had refused payment.)

Still other cyberthieves engage in traffic pumping schemes. They lease a premium telephone number in a foreign country (similar to a 900 number in the United States), hack into a corporate voice network and generate calls to that number. In many cases the criminals receive remuneration from the intermediate service provider before the victim even realizes its phone system has been compromised. In other versions of the scam, criminals collude with legitimate premium number owners, steering calls to them for a kickback.

Combat Voice Over IP Fraud with New Oracle E-SBC Capabilities

Webtorials readers are very familiar with the unique security challenges inherent in IP communications networks and the role enterprise session border controllers play in protecting premise-based systems from denial of service, address scanning, man-in-the-middle, and other attacks. Deployed at the edge of the enterprise network, Oracle Enterprise Session Border Controllers (E-SBCs) are ideally positioned to protect against IP telephony fraud as well. To that end, Oracle recently introduced a number of new features to help businesses proactively combat VoIP fraud and mitigate financial risks.

Blacklisting and Whitelisting

The new Oracle E-SBC blacklist/whitelist capability lets you explicitly block outbound calls to specific phone numbers (or SIP URIs) or ranges of phone numbers. The combination of blacklisting and whitelisting enables a flexible strategy for thwarting both hijacking and traffic pumping schemes. Forbidden destinations are blacklisted. Exceptions are whitelisted. For example, the CFCA study lists Cuba, Somalia, Bosnia and Herzegovina, and Estonia and Latvia as the top destinations for fraudulent calls. You can blacklist all calls to those countries and whitelist exceptions, such as valid calls to a trusted software contractor based in Latvia. Blacklists/whitelists are easily configured via a graphical user interface or an XML file upload. Wildcards are supported to effortlessly block all calls to a specific country or SIP URI domain name. You can use the XML capability to easily import fraudulent number lists from a telephone fraud watchdog service.

Call Rate Limiting

The new call rate limiting feature lets you restrict outbound call volumes to specific phone numbers (or SIP URIs) or ranges of phone numbers. It is useful for mitigating the effects of traffic pumping scams. Similar to blacklists/whitelists, call rate limits are defined via a GUI or XML file, with wildcard support for easy configuration. Call rate limiting enables a proactive fraud mitigation strategy. For example, you can allow unlimited calls/day to the United Kingdom but only one call/day to Estonia. The feature can also be used reactively. For example, you can throttle calls from certain sources or to certain destinations while analyzing and isolating a threat.

Call Redirection

The new call redirection feature lets you automatically transfer blocked calls to another destination, such as a media server, monitoring system, or recording system. For example in hijacking schemes, you can redirect the calling party to a media server that plays an announcement indicating the call cannot be completed as dialed. Alternatively, you may route the call through monitoring and/or recording systems to enable further analysis.

Additional Tips for Protecting Your IP Communications Infrastructure

The latest Oracle E-SBC fraud protection capabilities help you proactively mitigate risks in the event a hacker gains access to your corporate voice network. These should be used in conjunction with other security measures to build a multi-layered approach to security. (Prevent hackers from gaining access to the network as a first line of defense. Contain hackers from doing harm as a second line of defense.)

For ultimate protection:

  • Deploy Oracle E-SBCs at Internet and SIP trunking service borders to protect premise-based IP networks against the widest range of external threats.
  • Use strong passwords in SIP endpoints and UC clients to safeguard against unauthorized access from inside or outside the company.
  • Place IP-PBX traffic on a distinct VLAN to protect against eavesdropping and internal perpetrators.
  • Keep abreast of the latest security warnings and software patches for all your IP communications systems--PBXs, UC platforms, voicemail systems, etc.
  • Regularly review call detail records for patterns of service theft.

By deploying Oracle E-SBCs with telephony fraud protection capabilities in conjunction with other security systems and practices you can take full advantage of today's IP-based communications platforms while minimizing the risk of fraud, eavesdropping, denial of service, and other threats.

Next Steps

Visit the Oracle Enterprise Session Border Controller web page to learn how Oracle E-SBCs can help you combat IP telephony fraud and other security threats. Already an Oracle E-SBC customer? Update your E-SBC software today to enhance the security of your IP network.



Considering a Virtual SBC? Consider This.

Session Border Controllers (SBCs) are vital to the security and performance of any IP-based real time communications application - whether provided by a dedicated SBC appliance or in a virtual configuration.  As enterprise networks and communications service providers move to a virtualized SBC architectural model, they must assure that all the features supported in an appliance-based SBC work as well or better in a virtual model.   Network planners and architects must also factor in how SBC virtualization can affect security, performance, and scalability.  Why a virtual SBC? Businesses and network operators are moving to a virtual environment because it has the potential to reduce operational expenses by providing one common computing platform for many network and operational support applications and services.  By standardizing on fewer appliances in favor of a more versatile, server-based architecture, the IT staff has fewer kinds of devices to maintain and (hopefully) a common interface to manage multiple applications.  Virtual architectures also offer more elasticity to meet dynamic demand for the supported services because computing resources can be repurposed according to need.  Deploying a virtual SBC offers the same business benefits found with other virtualized network operations.  Moving SBC functionality to a virtual environment can also offer the same features as an appliance-based architecture, provided planners understand and execute on what is alike and what is different in the two approaches.   Don't compromise on SBC Basics Virtual SBCs need to incorporate all the standard features found in an appliance-based SBC, and network engineers need to select a virtual SBC that does not compromise critical functionality.  Whether appliance based or virtual, SBC features must include:  Security: Real time communications (RTC) apps, e.g. VoIP, require ongoing sessions with users outside the firewall, so the SBC provides a secure barrier to assure that outsiders can't see inside the internal network.  SBCs monitor and can help prevent denial of service attacks, and they can offer media and signaling encryption. Call routing: Because it participates in the control of the session-initiation-protocol (SIP) session, the SBC has a vital role in routing calls from external sources to internal users.  Policy management: Network load balancing, security, and subscriber preferences can be enforced based on organization policies and / or individual user profiles.SIP interoperability: Although SIP is a standard, interoperability is not assured because of variations in SIP deployments; the SBC acts as a gateway to assure smooth session control between SIP-controlled elements.   Transcoding: Voice and video encoding is supported by over a dozen different standards, and the SBC provides a gateway for RTC media that would otherwise be incompatible.  Acceptable session performance metrics:  SBC capacity is typically measured by the number of concurrent IP sessions if can support. Rigorous capacity planning is paramount in both the virtual network and appliance-based deployment. Scalability: Regardless of virtual or appliance-based deployments, SBCs need the ability to scale up (and down) to support a range of concurrent IP sessions, media transcoding, encryption, and performance management demands.  What's different about a virtual SBC?Theoretically, a virtual server and a purpose-built appliance should offer the same performance when delivering SBC features.  However, theory is not always reality and planners need to consider special factors in a virtual environment.  First, the software architecture in the virtual model is important to assuring equivalent performance.  For example, even though the appliance and the virtual server are both computing platforms, when converting to a virtual server, the SBC software may perform better when segmented.  When signaling, media, and transcoding functions operate separately; the architecture enables dedicated processing to each function, thereby facilitating the performance of each unique operation.  Second, the hardware platform selected can affect SBC performance.  The nature of RTC prescribes frequent interruptions, so a hardware platform should accommodate these interruptions in a way that does not compromise communications quality of service.  Some server platforms use hardware that may improve performance with some software packages; however, some software solutions can offer the same performance metrics regardless of the server platform. For example, depending on the platform, security performance might be improved when using a virtual server that incorporates hardware-based encryption / decryption chipsets rather than relying on the software for encryption.  IT planners should work with their suppliers to architect optimal software and hardware options.    Next, end-to-end management, also a requirement for appliance-based models, needs to offer horizontal scale and elasticity that could have greater demands in a virtual environment depending on the scale of devices and services within the incorporated virtual borders because each component needs to work well together.  Defining end-to-end service management responsibilities is very important when working together with a cloud service provider that has adopted an NFV infrastructure. For example, a service provider offering a cloud-based UC service that incorporates a virtual SBC could manage all the security and performance service elements, leaving the enterprise IT staff to manage its own user profiles. Fourth, a virtual environment requires "orchestration" to operate at peak efficiency. Orchestration enables automated service fulfillment throughout the network across multiple computing devices and domains.   As enterprises and operators move toward a cloud environment, orchestration can accommodate parameters such as load balancing and service provisioning, turning up network services as needs change. Orchestration tools are typically incorporated as a third-party tool as part of a full-scale cloud infrastructure architecture so interoperability testing with virtual SBC vendors is paramount to successful deployment.  Inherent in a fully orchestrated environment, IT planners also need to pre-provision hardware capacity so that any software features can be added with a single mouse-click.  ConclusionsThe decision to virtualize SBC features and services is likely to be part of a strategic decision to enable a broader virtual-service architecture in the enterprise or carrier's network infrastructure.  Fortunately, network managers don't need to compromise on any features inherent in appliance-based SBC solutions.  However, network planners do need to allow for special considerations when moving to a virtual SBC so that performance is on par with purpose-built SBC devices.  IT managers should work closely with both hardware and software providers when building a virtual solution to assure peak...


Session Border Controllers (SBCs) are vital to the security and performance of any IP-based real time communications application - whether provided by a dedicated SBC appliance or in a virtual configuration.  As enterprise networks and communications service providers move to a virtualized SBC architectural model, they must assure that all the features supported in an appliance-based SBC work as well or better in a virtual model.   Network planners and architects must also factor in how SBC virtualization can affect security, performance, and scalability.  

Why a virtual SBC? 

Businesses and network operators are moving to a virtual environment because it has the potential to reduce operational expenses by providing one common computing platform for many network and operational support applications and services.  By standardizing on fewer appliances in favor of a more versatile, server-based architecture, the IT staff has fewer kinds of devices to maintain and (hopefully) a common interface to manage multiple applications.  Virtual architectures also offer more elasticity to meet dynamic demand for the supported services because computing resources can be repurposed according to need.  

Deploying a virtual SBC offers the same business benefits found with other virtualized network operations.  Moving SBC functionality to a virtual environment can also offer the same features as an appliance-based architecture, provided planners understand and execute on what is alike and what is different in the two approaches.   

Don't compromise on SBC Basics 

Virtual SBCs need to incorporate all the standard features found in an appliance-based SBC, and network engineers need to select a virtual SBC that does not compromise critical functionality.  Whether appliance based or virtual, SBC features must include:  

  • Security: Real time communications (RTC) apps, e.g. VoIP, require ongoing sessions with users outside the firewall, so the SBC provides a secure barrier to assure that outsiders can't see inside the internal network.  SBCs monitor and can help prevent denial of service attacks, and they can offer media and signaling encryption. 
  • Call routing: Because it participates in the control of the session-initiation-protocol (SIP) session, the SBC has a vital role in routing calls from external sources to internal users.  
  • Policy management: Network load balancing, security, and subscriber preferences can be enforced based on organization policies and / or individual user profiles.
  • SIP interoperability: Although SIP is a standard, interoperability is not assured because of variations in SIP deployments; the SBC acts as a gateway to assure smooth session control between SIP-controlled elements.   
  • Transcoding: Voice and video encoding is supported by over a dozen different standards, and the SBC provides a gateway for RTC media that would otherwise be incompatible.  
  • Acceptable session performance metrics:  SBC capacity is typically measured by the number of concurrent IP sessions if can support. Rigorous capacity planning is paramount in both the virtual network and appliance-based deployment. 
  • Scalability: Regardless of virtual or appliance-based deployments, SBCs need the ability to scale up (and down) to support a range of concurrent IP sessions, media transcoding, encryption, and performance management demands.  

What's different about a virtual SBC?

Theoretically, a virtual server and a purpose-built appliance should offer the same performance when delivering SBC features.  However, theory is not always reality and planners need to consider special factors in a virtual environment.  

First, the software architecture in the virtual model is important to assuring equivalent performance.  For example, even though the appliance and the virtual server are both computing platforms, when converting to a virtual server, the SBC software may perform better when segmented.  When signaling, media, and transcoding functions operate separately; the architecture enables dedicated processing to each function, thereby facilitating the performance of each unique operation.  

Second, the hardware platform selected can affect SBC performance.  The nature of RTC prescribes frequent interruptions, so a hardware platform should accommodate these interruptions in a way that does not compromise communications quality of service.  Some server platforms use hardware that may improve performance with some software packages; however, some software solutions can offer the same performance metrics regardless of the server platform. For example, depending on the platform, security performance might be improved when using a virtual server that incorporates hardware-based encryption / decryption chipsets rather than relying on the software for encryption.  IT planners should work with their suppliers to architect optimal software and hardware options.    

Next, end-to-end management, also a requirement for appliance-based models, needs to offer horizontal scale and elasticity that could have greater demands in a virtual environment depending on the scale of devices and services within the incorporated virtual borders because each component needs to work well together.  Defining end-to-end service management responsibilities is very important when working together with a cloud service provider that has adopted an NFV infrastructure. For example, a service provider offering a cloud-based UC service that incorporates a virtual SBC could manage all the security and performance service elements, leaving the enterprise IT staff to manage its own user profiles. 

Fourth, a virtual environment requires "orchestration" to operate at peak efficiency. Orchestration enables automated service fulfillment throughout the network across multiple computing devices and domains.   As enterprises and operators move toward a cloud environment, orchestration can accommodate parameters such as load balancing and service provisioning, turning up network services as needs change. Orchestration tools are typically incorporated as a third-party tool as part of a full-scale cloud infrastructure architecture so interoperability testing with virtual SBC vendors is paramount to successful deployment.  Inherent in a fully orchestrated environment, IT planners also need to pre-provision hardware capacity so that any software features can be added with a single mouse-click.  

Conclusions

The decision to virtualize SBC features and services is likely to be part of a strategic decision to enable a broader virtual-service architecture in the enterprise or carrier's network infrastructure.  Fortunately, network managers don't need to compromise on any features inherent in appliance-based SBC solutions.  However, network planners do need to allow for special considerations when moving to a virtual SBC so that performance is on par with purpose-built SBC devices.  IT managers should work closely with both hardware and software providers when building a virtual solution to assure peak network performance balanced with easy-to-use network management and operational tools.  


SIP Survey 2015 Finds the Good and the Bad with SIP Trunking

The SIP Survey 2015, sponsored by The SIP School™, found that businesses around the world are migrating to SIP trunking and while most experiences are good, some are not.


News and Analysis: BroadSoft launches new UC-One cloud offer and service enhancements


Why SBCs are Essential with Skype for Business

This note discusses why a session border controller (SBC) is essential to evolving UC deployments, with a focus on why an SBC is especially important when deploying Skype for Business.


WebRTC: Off and Running

Webtorials has just completed the data collection phase for the 2015 WebRTC State-of-the-Market report, and we have found that IT managers are notably more familiar with WebRTC this year than last.


Diameter: Solving LTE Session Control

LTE's faster mobile broadband speeds, the explosion of smart phones and the number of concurrent data sessions running across LTE presents a significant network management challenge: fortunately, tools such as diameter are available to address it.


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
Please note: By downloading this information, you acknowledge that the sponsor(s) of this information may contact you, providing that they give you the option of opting out of further communications from them concerning this information.  Also, by your downloading this information, you agree that the information is for your personal use only and that this information may not be retransmitted to others or reposted on another web site.  Continuing past this point indicates your acceptance of our terms of use as specified at Terms of Use.

Webtorial® is a registered servicemark of Distributed Networking Associates. The Webtorial logo is a servicemark of Distributed Networking Associates. Copyright 1999-2018, Distributed Networking Associates, Inc.