Success Stories & Articles

 
 
eSBCs: Required for Secure, Interoperable Real Time Unified Communications

By Biju (Brad) Oommen

Originally published in
Communications Applications News
Biju Oommen
Biju Oommen
Network Architect

In the Digital Age, as a part of the digital transformation for unified communications (UC), organizations worldwide are retiring legacy ISDN/TDM primary rate interface (PRI) voice systems. They are replacing it with Session Initiation Protocol (SIP) based voice and real-time-communications (RTC) services.

Whether you are an Over the Top (OTT) provider of SIP trunking or an Internet Telephony Service Provider (ITSP)—or even a subscriber— the enterprise session border controller (eSBC) is a multi-function platform that can provide valuable services for SIP interconnections (real-time communications). The acronym SBC breaks down as follows:

  • Session refers to the RTC session between two endpoints.
  • Border refers to the crossing point between two networks with disparate trust levels: e.g. your enterprise network and the service-provider network.
  • Controller refers to the ability of the platform to control the signaling and media sessions flowing through it.

So, at a minimum, the eSBC should provide session control and interoperability in a secure manner for the SIP interconnections between the various entities. Additionally, as a multifunction platform, an eSBC can provide such valuable services as transcoding, call admission control (CAC), encryption and authentication for secure connections to the SIP trunks, as well as network topology hiding.

While controlling the signaling and media streams, an eSBC can provide SIP mediation services, i.e. protocol normalization between the various SIP variants while normalizing and translating among the different media types. The eSBC also serve as a demarcation point between the carrier network and the subscriber network.

We summarily reviewed the features of the eSBCs from the Patton SmartNode VoIP family of appliances. We wanted to prove they deliver network security, assured voice quality and integration with legacy voice systems for SIP trunk deployments, while also keeping an eye on the total cost of ownership (TCO).

Given the continued dominant role of SIP in real-time communications, Patton’s eSBCs are well placed to serve it.

For our discussion and functional testing we will consider the Patton SmartNode 5570 VoIP eSBC Enterprise Session Border Controller + Router platform. It broadly offers features such as: 30 simultaneous calls [G.722, T.38 or G.711 ISDN to VoIP calls…includes support for SIP TLS and SRTP support], 16 SIP-to-SIP transcoded calls (e.g. G711 to G722 or RTP to SRTP), SIP Registrar function, access link ,access redundancy [using the USB port and 3G/4G modems for cellular connectivity], Ethernet Layer 2 switching and bridging, access router with NAT, Policy Based Routing, Stateful Firewall, PPPoE, DHCP, DynDNS etc.

For VoIP it supports: SIPv2, SIPv2 over TLS, ISDN, DSS1, NI-2, QSIG, T.38, G.722 HD voice, RTP Security with SRTP, fax and modem bypass, DTMF relay. SIP to SIP transcoding for up to 15 calls and with non-transcoding sessions up to 512 calls [Transcoding, debugging, and/or IP routing reduce processing capacity]. The Session Router allows flexible call routing and numbering plan adaptations, CLIP/CLIR, hold, transfer, etc. The chassis is equipped with 2 auto MDI-X 10/100/1000 Ethernet ports, 1 or 2 ISDN E1/T1 PRI ports and a USB port.

Significantly, the T1/E1 interfaces on the SN5570 unit could lend a helping hand if you want to deploy SIP trunking while there is still a major requirement for retaining legacy TDM PBX systems or let us say hybrid deployments. Many enterprises need or want a mixture of SIP trunks integrated with connectivity to the PSTN via TDM trunks. Patton’s SN5570 supports the old PRIs and the new SIP trunks on the same platform. As such, the SN5570 could also aid you in your business continuity posture for PSTN fallback. Or it could provide connection to your ISDN PRI PBX interface. The ports can be configured as TE or NT.

To aid in the provisioning and management of the unit, the device offers such features as Web-based management, Patton’s Web Wizard configuration tool, SNMPv3, CLI interface, and secure provisioning for configuration and software upgrades.

Having summarily reviewed the features of the Patton SmartNode 5570 VoIP eSBC, we will continue with our functional and operational testing...

application drawing of test setup
Figure 1: Operational Test Setup for the
SN5570 VoIP eSBC Enterprise Session Border Controller + Router


Operational Testing

For our testing we used the Patton SmartNode 5570 VoIP eSBC along with the following SIP endpoints (multivendor SIP entities):

  • 3CX softphone running on MS Windows 10
  • Smartphones equipped with 3CX VoIP client for Apple iOS and Zoiper for Apple iOS for VoIP over Wi-F
  • The Patton SIP-based M-ATA equipped with a FXS interface to test analog phone connectivity and a SIP trunk.
Our first task was to identify the network topology (see Figure 1). Then we set about creating the configuration files for the SN5570 and the SIP endpoints. Before testing, we registered the SIP end points directly with the SIP trunk provider (without the SN 5570) to validate that the SIP trunk was working satisfactorily for both inbound/outbound calls. We updated the SN5570 to Patton’s latest software release: Trinity 3.11.1-17042. Then we configured the SN5570 with the appropriate codecs (g729, g711ulaw, g711alaw), outbound registration SIP server, SIP VoIP Connection with protocols UDP and TCP (ports 5060 and 5062), and location service.

We ensured that the telnet server, SSH-server, Web server, DNS server and relay DNS Client services, NTP (with the correct clock offset) were running. The SIP clients and the M-ATA were configured with: SIP credentials, codecs, and SIP port, and then we pointed them to the SN5570. The SIP clients running in MS Windows 10 and the smartphones as well as the M-ATA registered successfully with the SN5570. Debug on the SIP phone showed that the phone connected to the SN5570 using SIP port 5060.

We were able to successfully place inbound/outbound calls from the various above mentioned SIP end points through the SN5570.


Conclusion


Moving to SIP-based voice RTC services can lead to reduced costs, reliability, scalability, etc., and that is where the eSBC can ensure interoperability, and provide session control/session management and security between the carrier SIP trunks and your enterprise communication platforms. It is important to carry out a pilot deployment for certification and interoperability before an actual roll out. 


Author

Brad (Biju) Oommen is a network architect and principal consultant. His work revolves around multi-vendor product and technology integration. It spans the domains of IP Telephony, Multi-media Contact Center, VoIP-H.323/SIP, SDH, EoS, WiFi/VoWiFi, SSL VPN, application acceleration, email and network security, SEM, SAN, IP networks, Fiber, and Microwave communications. He can be contacted at bijuoommenzurich@yahoo.com or bijuoommentoronto@yahoo.ca


Editor

W. Glendon Flowers is Product Marketing Manager at Patton Electronics Co. Patton (www.patton.com) is a US manufacturer of eSBCs for the SMB market as well as Ethernet Extenders, VoIP Gateways, VoIP IADs, VoIP Appliances and other networking equipment.

 
 
Sales: sales@patton.com / +1 301 975 1000
Support: support@patton.com / +1 301 975 1007
Join Our Email List
Have Us Contact You
or
Login Connect With Us
Twitter Linkedin Facebook Youtube
 
     Patton LLC Copyright © 2022 All Rights Reserved.

|  Sitemap  |   Legal  |   Privacy Policy  |   Disclaimer  |    Twitter  Facebook  YouTube  LinkedIn  RSS