All-IP Session Border Controllers
SmartNode SN11000 Carrier Class High Availability SBC supporting up to 35,000 SIP Sessions



This high-capacity SBC Appliance is suitable for all SBC use-cases including Carrier Interconnect, Call Center, VoLTE/VoWiFi, UCaaS, MS-Teams Direct Routing, Service Provider WebVoice and/or STIR/SHAKEN scenarios.


Overview

Patton’s SmartNode 11000 is a carrier-grade session border controller appliance designed for Service Providers, Telecom Operators and UCaaS Providers delivering cutting edge IP services.

 

Software upgradeable from 500 to 35000 sessions, the SN11000 is the most cost-effective session border controller for service providers currently available on the market.  Software Codecs enable license-based transcoding of up to 3000 transcoded sessions without expensive DSP resources required.

 

This fully featured, all-in-one Session Border Controller appliance can be deployed across a wide variety of use-cases and networks including Access or Interconnects, deployed in NGN or IMS networks, for Enterprise, Retail or Wholesale Service Providers.  Rich features, reliable performance plus deep analytics and diagnostics tools are built into the SBC, giving you more control over your SLAs.

 

A powerful & programmable Policy Engine ensures interworking & interoperability.   A Building-Blocks based Service Management framework facilitates rapid building of new services delivering short time-to-market for rolling out new features to customers.  The platform addresses all aspects of SIP based voice requirements and offers an easy-to use web portal for managing the daily operation.   A rich set of APIs enables easy integration with OSS and BSS systems.   

 

The Patton SN11000 is the ideal choice for Enterprise SIP trunking services, Unified Communications as a Service (UCaaS), Microsoft Teams Direct Routing, Voice Wholesale, International Gateways, Domestic Interconnect Exchanges, Clearing Houses, IMS networks for VoLTE, and VoWiFi, for TDM to IP conversion, and many more.

 

These functions are built on top of a wide range of platform functions Policy Engine, Service Analytics, Diagnostic tools, and a Border Control function that secures service provider networks against security threats and attacks.

 

Security is the prime function of a Session Border Controller.  Attacks to a VoIP  network  can happen anywhere  from the underlying network, transport protocols, VoIP devices, applications, underlying operating systems,  and  more.  The security infrastructure of the SN11000 ensures that system resources are always available for traffic from legitimate sources while blocking and mitigating attacks from rogue sources. Security features are built into each layer to thwart threats and protect against attacks. A Service Aware Firewall runs on specialized & dedicated network processes that provides protection against L3/L4 attacks.   A SIP Application Gateway screens the traffic for malformed or malicious SIP messages. Features like TLS can be used for enhanced protection of SIP signaling. There are protection mechanisms in place to detect Media delays and inactivity, and the ability to encrypt Media packets with SRTP. The Session Layer provides mechanisms like topology hiding, and Call Admission Control to ensure controlled traffic flow to the SBC and has means to dynamically blacklist interconnects. 

 

Providers of wholesale voice, IPX, Interconnect carrier, and ITSP services face several challenges such as lack of visibility, adapting to changes in the network and traffic, predictability, and consistency in delivering real time voice, video, and multimedia services over IP networks.  The SN11000 offers Analytics and QoS features providing the necessary functionality and tools to address the issues prevalent in IP networks.  Service Analytics delivers rich insights into both the Operations and Business aspects of deployments including deep data analysis on signaling and media packets. It also provides comprehensive reporting to help the customers get complete visibility of their network and service.

 

The Analytics engine provides 360-degree real time insights into all aspects of the service and network, Proactive SLA monitoring and alerting, Intelligent session steering (self-healing) and SLA enforcements, Trending and service consistency measurement, QoS and QoE dashboards Carrier-grade performance and scale. 

 

Pairs of SBCs can be deployed as a single SBC with active and standby whereby synchronization links between the two units to keep the call / application state always synchronized. This allows for call continuity in the event of a single SBC failure, where the standby unit seamlessly takes over all the calls along with media.   From the management perspective, the CMS (described in the next section) looks at these two instances as a single SBC node and is often the arbitrator (when needed) to establish who would be the master (to avoid split-brain scenarios).  Link level redundancy is ensured by connecting the primary and secondary units to layer 2/3 switches that have VRRP running. A firewall is present in the topology for management and other API access to the platform, while the SBC acts as a voice-firewall by itself. Redundancy is also recommended for the routers that connect the platform to the IP Transport core. The SLAs that make up for high availability and resilience is achieved by ensuring enough redundancy is provisioned at the node and network level.



Applications

The SN11K Series is a triple threat offering Carrier Interconnect, Access, and Enterprise SBC Services in a single appliance.

Comprehensive features enable the SN11K SBC to deliver services across a wide range of use-cases and domains, such as Enterprise SIP Trunking, Unified Communications as a Service (UCaaS), Service Provider and Enterprise based Microsoft Teams Direct Routing, Voice Wholesale, International Gateways, Domestic Interconnect Exchanges, Clearing Houses, IMS networks for VoLTE (and VoWiFi), NGN networks for TDM to IP conversion, and many more.







In this Teams Use-Case, the SN11K SBC is in the Service Provider Network delivering SIP based PSTN connectivity to Team and Cloud PBX Users. The SBC provides Direct Routing to the PSTN and Call Routing between Team and the Cloud PBX.

This solution offers and seamless experience between Teams and PBX users, by registering to the PBX on behalf of the Teams client. The enables extension dialing, feature codes, multiple device ringing and call transfers between the different systems. Teams is no longer a single point of failure.

Multi-tenancy is support so the Service Provider can deliver each subscriber SIP trunking using partition feature sets.



Features
  • A Carrier-Class Inter-Connect SBC - Can be deployed for Voice Wholesale, International Gateways, Domestic Interconnect Exchanges, Clearing Houses, IMS networks for RCS/VoLTE, VoWiFi and/or NGN networks for TDM to IP conversion for SIP-based Class 4 voice requirements.
  • A Powerful Access SBC - Delivers Enterprise SIP trunking services and Unified Communications as a Service (UCaaS) for Providers and Enterprises using Microsoft Teams Direct Routing. Built on a powerful platform delivering a Policy Engine, rich Service Analytics, robust and intuitive Diagnostic tools.
  • Superior Security and Privacy Protection - Protects against attack to network, transport protocols, VoIP devices, applications, underlying operating systems. Security features are operational at every layer to remove threats and prevent attacks. Protection regimes ensure that system resources are always available for traffic from legitimate sources while blocking or mitigating attacks from any rogue sources.
  • Integrated Fraud Management - Combats Caller ID Spoofing and prevents Robocalls and call SPAM using STIR/SHAKEN. Not just header support, but a full suite of protocols and procedures applied at interconnect points with Verification steps and Service Management framework.
  • Network Layer Security - A converged voice and data service-aware firewall with ACLs and L3, L4 protection, packet rate policing mitigating DoS attacks and dynamic pinholes for RTP flows.
  • Signaling Layer Application Gateway Security - Screens the traffic for malformed or malicious SIP messages. Enhanced TLS for protection of SIP signaling.
  • Media Layer Security - Protection mechanisms detect Media delays and inactivity and encrypt Media packets with SRTP.
  • Session Layer Security - B2BUA provides topology hiding. Call Admission Control ensures controlled traffic flow. Allows sessions only from configured IP address and subnets. Machine Learning fraud detection dynamically blacklists specious interconnects.
  • Management Layer Security - Management access is secured using TLS (HTTPS) with self-signed certificates. Advanced role-based user authentication and management includes user action audit capabilities.
  • All Use-Case Support - All Carrier and Enterprise large scale SBC use cases are supported including Call Center, Interconnect, VoLTE/VoWiFi, UCaaS, MS-Teams Direct Routing, Service Provider WebVoice and/or STIR/SHAKEN.
  • Making Network Operation Easy - By using exhaustive diagnostic tools, analytics, Signaling Adaptation Framework (for SIP header/message & call flow repair), optimized packet processing using DPDK and a distributed control and media plane architecture.
  • Management & Orchestration - A centralized manager and a multi-tenant feature set delivers configuration, provisioning, element management service management and analytics delivering unprecedented visibility into operations and services. Fully HTTP / REST API enabled. A CMS performs Element Management, Analytics server, and stores Billing Data.
  • Integrated Analytics - Analytics and QoS features provide tools for network and service management offering rich granular insights. Deep data analysis on signaling and media packets plus comprehensive reporting delivers complete visibility of the network and services.
  • SLA Monitoring, Alerting and Alarming - Unmatched and proactive SLA monitoring, alerting, intelligent session steering (self-healing) and SLA enforcement. QoS and QoE dashboards provide real-time and trending visibility into Media QoE, R-factor, and MOS scores.
  • Standard and Customizable Reports - Security threats and mitigation reports – near real-time and trending. System and application performance reports, Network traffic in and out – packet types, rates, counts, Session KPIs (ITU and I3), SLA monitoring & reporting, Business intelligence tools built-in for custom reporting / business/ operational insights.
  • Media Latching, Far-end NAT Handling - Supports handling of far-end NAT and allows different methods of keeping NAT pinholes open. Supports both Media Anchoring & Media Bypass. Media traversal through NAT is done through media latching settings individually configurable for interconnects on each media profile – where the SBC latches on to the media IP on the first media packet.
  • Transcoding & Interworking - Supports transcoding between various narrow band and wide band audio codecs. Different DTMF modes are supported and the interworking between them (In-band, RFC 2833, SIP INFO). T.38 standard Fax, Interworking between different transports (TCP/UDP/TLS), SRTP - RTP interworking are all supported. Different trigger points can be used to control when and how transcoding should be applied.
  • SIP Header Normalization - A flexible and efficient Signaling Adaptation framework enables SIP message (Header manipulation) and call flow repair when working with different SIP dialects. Supports powerful Regular Expression matches and an intuitive rule-based framework for efficient SIP Header Manipulation
  • Call Admission Control, Normalization & Routing - Correlated and analyzed QOS data is incorporated into policy-based routing decisions. For each session setup, the system queries the policy engine for the associated QoS policy. The SLA parameters are evaluated, and the QoS policy filters, prunes, re-orders and distributes the sessions to meet the SLAs.
  • Diameter Signaling - Provides authentication, authorization, and accounting (AAA) messaging services for network access and data mobility applications in 3G, IP Multimedia Systems (IMS), and LTE/4G networks. Attribute-Value-Pair (AVP) is used to encapsulate protocol-specific data, such as routing information, as well as AAA information. Diameter RO and Diameter RX service licenses are purchased separately.
  • Transparency Profiles - Flexible on-the fly definition of transparency profiles can be applied on a per-interconnect basis and global level. There is an option to define standard and custom headers to transparently pass through the boundaries of the network. Content Transparency is achieved using message body customization and transparency profiles. You have flexibility to define the pass through of different content type according to interconnect agreements. Content Transparency is achieved using message body customization and transparency profiles. This allows you to define the pass through of different content types as per interconnect agreements.
  • Dynamic Blacklisting & ACLs - Application aware Access Control mechanisms of the SBC blocks unauthorized sources from accessing the system services. The traffic is inspected at network, transport and application layers using a set of rules to detect any malicious or malformed packets. This along with fine grained traffic control helps prevent denial of service attacks. TLS and IPsec features provide confidentiality and integrity for the SIP sessions. Secure real-time protocol (SRTP) encrypts the voice payload within the RTP. These services may be enabled on a per customer basis. Setting of thresholds for certain parameters can be used to dynamically blacklist rogue trunks.
  • High Availability - Multiple units can be installed as Active and Standby. Synchronization links between the two units keep the call / application state always synchronized. This enables call continuity in the event of a single SBC failure, where the standby unit seamlessly takes over all the calls along with media.
  • Easy OSS/BSS AND UCaaS Integration - Simple and fast integration with customers’ existing routing and billing platforms as well as UCaaS Apps and software. Can be provided with several already integrated routing and billing platforms. API & Northbound Interfaces.
 
Ordering
# Model # Description Availability
1 SVC-WTE-11000/2500B SN11000/2500B 1-Year Maintenance, Support and Enhanced Warranty (Mandatory) Pre-Order Available
2 SVC-WTE-11000/500B SN11000/500B 1-Year Maintenance, Support and Enhanced Warranty (Mandatory) Pre-Order Available
HARDWARE
3 SN11000/2500B/BU/RUI SmartNode Carrier Class High Availability SBC, 2500 SIP Session, Upgradable to 35,000 Sessions with up to 3000 transcoded sessions.  Backup Unit. Onboard CMS. Pre-Order Available
4 SN11000/2500B/RUI SmartNode Carrier Class High Availability SBC, 2500 SIP Session, Upgradable to 35,000 Sessions with up to 3000 transcoded sessions.  Primary Unit. Onboard CMS. Pre-Order Available
5 SN11000/500B/BU/RUI SmartNode Carrier Class High Availability SBC, 500 SIP Session, Upgradable to 10,000 Sessions with up to 1500 transcoded sessions.  Backup Unit. Onboard CMS. Pre-Order Available
6 SN11000/500B/RUI SmartNode Carrier Class High Availability SBC, 500 SIP Session, Upgradable to 10,000 Sessions with up to 1500 transcoded sessions.  Primary Unit. Onboard CMS. Pre-Order Available
7 SN11000/CMS SmartNode Carrier Class Dedicated Management Server (CMS Hardware) Pre-Order Available
LICENSES AND SERVICES
8 SNSW-1B-SN11K 1 Additional SIP Concurrent Session (SIP+RTP) for the SN11K Series Pre-Order Available
9 SNSW-CMS-BAM-SN11K BA/CMS - for separate Billing & Analytics Module per BAM for the SN11K. Pre-Order Available
10 SNSW-CMS-QOS-SN11K CMS feature: QoS per node for the SN11000/500B Pre-Order Available
11 SNSW-COL-B2B-SN11K Orchid Collab B2BUA per user/subscriber for the SN11K Series Pre-Order Available
12 SNSW-DTM-SN11K 1 DTMF interworking session for the SN11K Series Pre-Order Available
13 SNSW-LNK-DNS-SN11K Service Management: ENUM / DNS lookup Service per session for the SN11K Series Pre-Order Available
14 SNSW-LNK-DRO-SN11K Service Management: Diameter Ro Service per session for the SN11K Series Pre-Order Available
15 SNSW-LNK-DRS-SN11K Service Management: Diameter Rx Service per session for the SN11K Series Pre-Order Available
16 SNSW-LNK-LII-SN11K LI interfaces (X1,X2.X3) Intercept Session for the SN11K Series Pre-Order Available
17 SNSW-LNK-MNP-SN11K MNP lookup per session for the SN11K Series Pre-Order Available
18 SNSW-LNK-MRS-SN11K Service Management: Media Server sessions for the SN11K Series Pre-Order Available
19 SNSW-LNK-REP-SN11K 1 User/Registered Endpoint for the SN11K Series Pre-Order Available
20 SNSW-LNK-RLK-SN11K Service Management: Routing Server Lookup per session for the SN11K Series Pre-Order Available
21 SNSW-LNK-RTC-SN11K 1 Client WebRTC Session for the SN11K Series Pre-Order Available
22 SNSW-LNK-SRT-SN11K 1 SRTP Session for the SN11K Series Pre-Order Available
23 SNSW-LNK-TLS-SN11K 1 TLS session for the SN11K Series Pre-Order Available
24 SNSW-SIPREC-SN11K 1 SIPREC recording session for the SN11K Series Pre-Order Available
25 SNSW-TEAMSDR-SN11K 1 Teams Direct Routing Trunk for the SN11K Series Pre-Order Available
26 SNSW-TRN-SN11K 1 Transcoding Session for Narrowband Codecs for the SN11K Series Pre-Order Available
27 SNSW-TRW-SN11K 1 Transcoding Session for Wideband Codecs for the SN11K Series Pre-Order Available

 
SmartNode™ Awards


 
 
Sales: sales@patton.com / +1 301 975 1000
Support: support@patton.com / +1 301 975 1007
Join Our Email List
Have Us Contact You
or
Login Connect With Us
X Linkedin Facebook Youtube
 
     Patton LLC Copyright © 2022 All Rights Reserved.

|  Sitemap  |   Legal  |   Privacy Policy  |   Disclaimer  |    X  Facebook  YouTube  LinkedIn  RSS