Multiple Rtp Media Streams Per Call Session; Limiting Sbc Call Duration; Sbc Authentication; Sip Authentication Server Functionality - AudioCodes Mediant 500 E-SBC User Manual

User's Manual

27.4.6 Multiple RTP Media Streams per Call Session

The device's SBC application supports multiple RTP media streams per SBC call session.
Up to five different media types can be included in a session:

Audio (m=audio)

Video (m=video)

Text (m=text)

Fax (m=image)
Therefore, the device can provide transcoding of various attributes in the SDP offer/answer
(e.g., codec, port, and packetization time) per media type. If the device is unable to perform
transcoding (for example, does not support the codec), it relays the SBC dialog
transparently.
27.5

Limiting SBC Call Duration

You can define a maximum allowed duration (in minutes) for SBC calls. If an established
call reaches this user-defined limit, the device terminates the call. This feature ensures
calls are properly terminated, allowing available resources for new calls. This feature is
configured using the MaxCallDuration parameter.
27.6

SBC Authentication

The device can authenticate SIP servers and SBC users (clients). The different methods of
support for this functionality is described in the following subsections.

27.6.1 SIP Authentication Server Functionality

The device can function as an Authentication server for authenticating received SIP
message requests, based on HTTP authentication Digest with MD5. Alternatively, such
requests can be authenticated by an external, third-party server.
When functioning as an Authentication server, the device can authenticate the following
SIP entities:

SIP servers: This is applicable to Server-type IP Groups. This provides protection
from rogue SIP servers, preventing unauthorized usage of device resources and
functionality. To authenticate remote servers, the device challenges the server with a
user-defined username and password that is shared with the remote server. When the
device receives an INVITE request from the remote server, it challenges the server by
replying with a SIP 401 Unauthorized response containing the WWW-Authenticate
header. The remote server then re-sends the INVITE containing an Authorization
header with authentication information based on this username-password combination
to confirm its identity. The device uses the username and password to authenticate
the message prior to processing it.

SIP clients: These are clients belonging to a User-type IP Group. This support
prevents unauthorized usage of the device's resources by rogue SIP clients. When the
device receives an INVITE or REGISTER request from a client (e.g., SIP phone) for
SIP message authorization, the device processes the authorization as follows:
1. The device challenges the received SIP message only if it is configured as a SIP
method (e.g., INVITE) for authorization. This is configured in the IP Group table,
using the 'Authentication Method List' parameter.
Version 6.8 447
27. SBC Overview
Mediant 500 E-SBC