Sbc Overview - AudioCodes Mediant 800B User Manual
Enterprise session border controller analog & digital voip media gateway
Hide thumbs
Also See for Mediant 800B:
- User manual (1338 pages) ,
- Installation and maintenance manual (104 pages) ,
- Hardware installation manual (56 pages)
Table of Contents
Advertisement
User's Manual
27
SBC Overview
This section provides a detailed description of the device's SBC application.
Notes:
The SBC application supports the following main features:
NAT traversal: The device supports NAT traversal, allowing, for example,
communication with ITSPs with globally unique IP addresses, for LAN-to-WAN VoIP
signaling (and bearer), using two independent legs. This also enables communication
for "far-end" users located behind a NAT on the WAN. The device supports this by:
Continually registering far-end users in its dynamic database.
Maintaining remote NAT binding state by frequent registrations, thereby, off-
loading far-end registrations from the LAN IP PBX.
Using Symmetric RTP (RFC 4961) to overcome bearer NAT traversal.
VoIP firewall and security for signaling and media:
SIP signaling:
RTP:
Topology hiding: The device intrinsically supports topology hiding, limiting the amount
of topology information displayed to external parties. For example, IP addresses of
ITSPs' equipment (e.g. proxies, gateways, and application servers) can be hidden
from outside parties. The device's topology hiding is provided by implementing back-
to-back user agent (B2BUA) leg routing:
Strips all incoming SIP Via header fields and creates a new Via value for the
outgoing message.
Each leg has its own Route/Record Route set.
Modifies SIP To, From, and Request-URI host names (must be configured using
the Message Manipulations table).
Generates a new SIP Call-ID header value (different between legs).
Changes the SIP Contact header to the device's own address.
Layer-3 topology hiding by modifying source IP address in the SIP IP header.
SIP normalization: The device supports SIP normalization, whereby the SBC
Version 6.6
For guidelines on how to deploy your E-SBC device based on network
topology, refer to the SBC Design Guide document.
For SBC functionality, the Software License Key installed on the device
must include the SBC feature.
Deep and stateful inspection of all SIP signaling packets.
SIP dialog initiations may be rejected based on values of incoming SIP
INVITE message and other Layer-3 characteristics.
Packets not belonging to an authorized SIP dialog are discarded.
Opening pinholes (ports) in the device's firewall based on Offer-Answer SDP
negotiations.
Deep packet inspection of all RTP packets.
Late rouge detection - if a SIP session was gracefully terminated and
someone tries to "ride on it" with rouge traffic from the already terminated
RTP and SIP context, the VoIP Firewall prevents this from occurring.
Disconnects call (after user-defined time) if RTP connection is broken.
Black/White lists for both Layer-3 firewall and SIP classification.
419
2 7. SBC Overview
Mediant 800B GW & E-SBC
- Quick Links:
- Establishing a Cli Session
- Ping Command
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
