Start with the right platform. OpenScape SBC is a next generation session
border controller that enables OpenScape SIP-based communication and
applications to be securely extended beyond the boundaries of an enterprise
network.
OpenScape Session Border Controller (SBC) was developed as a component of the award-winning OpenScape solution portfolio to enable VoIP networks to extend SIP-based communication and applications beyond the enterprise network boundaries.
OpenScape SBC provides three key functions:
• Secure termination of SIP-based trunking from a service provider
• Secure voice and video communications for remote workers
• Connection to remote branch offices as part of a distributed OpenScape Voice deployment
Unlike traditional data firewall solutions, OpenScape SBC is specifically designed to provide VoIP traffic security. It terminates a SIP session on the WAN side of the OpenScape SBC outside of the enterprise voice network, ensures the traffic is originating from an authorized source, inspects the SIP and media packets for protocol violations or irregularities.
Only when the traffic is deemed valid, it is passed on to the enterprise voice LAN on the core-side of the SBC. OpenScape SBC dynamically opens and closes firewall “pin holes” for RTP and SRTP media connections.
OpenScape SBC performs the necessary interoperability, security, management, and control capabilities to support SIP trunking applications. It also supports the SIP endpoint registration services that are necessary to support remote user and remote branch office applications. It performs SIP deep-packet inspection specifically tailored for the OpenScape Voice environment that is necessary to provide proper mediation between IP networks, such as the mapping of IP addresses within SIP signaling and RTP/SRTP media packets that allows for Network Address Translation (NAT) traversal. Media anchoring can be configured to the extent required by media control policies (for example, for NAT traversal), or set to allow direct media connections between clients that are in the same subnet or media realm.
OpenScape SBC enhances customer-network security by providing SIP-aware security functionality including dynamic RTP/SRTP pin-holing through its internal firewall, stateful SIP protocol validation, DoS/DDoS mitigation, and network topology hiding. It also supports TLS encryption on core- and access-side SIP signaling interfaces as well as SRTP media encryption on a termination/mediation or passthrough basis.
OpenScape SBC facilitates SIP trunk interfaces to SIP Service Providers (SSPs) for OpenScape Voice and OpenScape 4000 systems, connection to remote user SIP phones and mobile clients for OpenScape Voice systems, for example, for home workers accessing an OpenScape Voice system over an Internet connection, and for connection of OpenScape Branch systems operating in Proxy, SBC-Proxy, and Branch-SBC mode serving remote branch locations to an OpenScape Voice system.
OpenScape SBC is fully manageable via the same Common Management Platform (CMP) that is used to manage other network elements in the OpenScape Enterprise solution. When used with OpenScape 4000, OpenScape SBC is managed via its local management interface.
Source: unify.com
