Mais conteúdo relacionado Avaya Aura SBC by PacketBase2. 2
Why do you need an SBC?2
Avaya Aura SBC Overview3
Avaya Aura™
Session Border Controller
Positioning and Packaging1
Avaya Aura SBC Differentiation4
For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights re
3. 3For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights re
Avaya Aura™
SBC: Now available
on Avaya Aura System Platform
Avaya Aura Session Border Controller (SBC)
– A virtualized application resident on Avaya Aura System Platform
– Just like Communication Manager, Application Enablement Services,
etc.
Powered by Acme Packet
– OEM from SBC market leader
Designed for midsized enterprises, branch offices, and small contact centers
– Supports up to 750 SBC sessions
Suitable for SIP trunking and remote worker/agent applications
– Supports voice, video, presence, and IM chat applications
Complements Acme Packet Net-Net SBC solutions available from Avaya
– Acme Packet Net-Net 3800 / 4500
4. Where Avaya Aura™
SBC fits in the
high-level Avaya Aura architecture
Unified Communications Contact Center
Collaboration
Solutions
Interaction
Solutions
Performance
Analytics
System
Manager
Session Manager
Communication
Manager
Application
Enablement
Presence
Services
Service
Provider
Network
Deskphones Clients Video
Endpoints
SBC
For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights re
5. 5
MX
Application Platform
Where Avaya Aura™
SBC
fits in the customer network
App
3rd
Party
endpoints
Avaya CM
(branch or
standalone)
Remote workers via
Internet
Application Platform
3rd
Party PBXs
App
Avaya one-X®
endpoints
PSTN trunking
providers, hosted
services, federated
partners
System
Manager
App MM
VP
CM
Avaya Aura SBC or
Acme Packet SBC
Media
Servers
Access
Connection
Application
Avaya Aura™
Session
Manager Avaya Aura™
SBC
SIP Trunks
SIP
Internet
SIP Trunks
or
For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights re
6. 6
Avaya Aura™
SBC Role in
UC & CC architectures
Completes Avaya’s cost-effective
end-to-end SIP architecture
– SIP trunking and border interworking
– Remote site & worker connectivity
Provides best-in-class VoIP &
UC security
– Integrated with Avaya Session Manager,
Communication Manager, and Voice
Portal
Assures quality and high availability
– Disaster recovery and survivability
Helps achieve regulatory compliance
– Emergency calls, privacy, recording
Redundant data centers
Contact center,
audio/video conferencing,
emergency services, etc.
To PSTN
SIP
Tele-
worker
Nomadic/
mobile user
SIP
Remote
site
1. SIP trunking border 2. Hosted services border
3. Internet border
HQ/
campus
Remote
site
CCUC
H.323
Regional
site
Federated
partners
InternetPrivate network
ASM
For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights re
7. 7
Positioning and Packaging1
Avaya Aura SBC Overview3
Avaya Aura™
Session Border Controller
Why do you need an SBC?2
Avaya Aura SBC Differentiation4
For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights re
8. 8
What is a Session Border Controller?
Session = real-time, interactive
communications
– Voice, video & multimedia
– SIP or H.323
Border = IP-IP network borders
– SIP trunks to service providers
– Remote worker access
– Intra- & extra-enterprise
Control
– Security & SLA assurance
– Revenue & cost optimization
– Regulatory compliance
Redundant data centers
Contact center,
audio/video conferencing,
emergency services, etc.
To PSTN
SIP
Tele-
worker
Nomadic/
mobile user
SIP
Remote
site
1. SIP trunking border 2. Hosted services border
3. Internet border
HQ/
campus
Remote
site
CCUC
H.323
Regional
site
Federated
partners
InternetPrivate network
ASM
For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights re
9. 9
Why use an SBC?
Real-time IP communications is different than TDM and other IP flows
– Sessions initiated from inside or outside of firewall
– Continuous stream vs. traffic bursts, 2-way flows
– Interoperability problems between multivendor solutions will occur
Security is paramount
– Multi-protocol and real-time nature of IP telephony and Unified
Communications traffic demands sophisticated stateful defense strategy
– Signaling attacks are simplest to launch
Today’s data-focused security solutions are not enough
– Lack ability to dynamically correct VoIP connectivity issues
– Unable to perform VoIP signaling/media deep packet inspection
– Cannot solve protocol interoperability problems
For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights re
10. 10
Enterprise and contact center
security threats
Denial of Service
– Call/registration overload
– Malformed messages (fuzzing)
Configuration errors
– Mis-configured devices
– Operator and application errors
Theft of service
– Unauthorized users
– Unauthorized media types
Viruses & SPIT
– Viruses via SIP messages
– Malware via IM sessions
– SPIT – unwanted traffic
Source: Nemertes Research
Enterprise Adoption of
Collaboration Tools
Increased usage of collaboration tools
means security threats are more of a concern
For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights re
11. 11
How are SBCs different from firewalls?
Traditional firewalls cannot:
– Prevent SIP-specific overload conditions and malicious attacks
– Open / close RTP media ports in sync with SIP signaling
– Track session state and provide uninterrupted service
– Perform interworking or security on encrypted sessions
– Scale to handle thousands of real-time sessions
– Provide carrier-class availability
– Solve multi-vendor SIP interoperability problems
InfoSec best practice = deploy defense-in-depth model with application-level
security proxies for email and web applications
– This means firewalls alone are not sufficient
– Same model applies for IP telephony, UC and CC applications
For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights re
12. 12
SBC vs. Firewall with ALG
Terminates, re-initiates and initiates
signaling & SDP
Two sessions - one on each side of
system
Layer 2-7 state aware
Inspects and modifies any
application layer header info (SIP,
SDP, etc.)
Static & dynamic ACLs
Unable to terminate, initiate, re-
initiate signaling & SDP
Single session dialog across
system
Layer 2-4 state aware
Inspects and modifies only
application layer addresses (SIP,
SDP, etc.)
Static ACLs only
SBC
SIP trunk
IP PBX
UC server
Data center
SIP trunk
IP PBX
UC server
Data center
FW with ALG
For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights re
13. 13
SBC vs. other approaches
Function & feature examples
Avaya
AuraTM
SBC
Acme
Packet
Net-Net
SBC
Firewall
with SIP
ALG
IP PBX +
Session
Manager Router
Other
UC
security
element
DoS/DDoS protection √ √ - - - limited
Access control - dynamic & static √ √ static only - static only -
Topology hiding √ √ - - - -
Encryption – signaling & media √ √ IPSec only TLS only IPsec only limited
Malware & SPIT mitigation √ √ - - - √
Remote NAT traversal √ √ - - - -
VPN bridging √ √ - - L3 only -
Header manipulation rules for interop √ √ - - - -
SIP / H.323 interworking √ √ - - - -
Overlapping dial plan translations √ √ - √ - -
Advanced session admission controls √ √ - √ - -
Load balancing & advanced routing √ √ - √ - -
Signaling overload control √ √ - √ - -
QoS marking and reporting √ √ - - minimal -
Embedded in Avaya Aura System Platform √ - - √ - -
For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights re
14. 14
Why do you need an SBC?2
Positioning & Packaging1
Avaya Aura™
Session Border Controller
Avaya Aura SBC Overview3
Avaya Aura SBC Differentiation4
For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights re
15. 15
Reliability and Scale
Active/standby redundancy
Scales to 750 sessions
Redundant SIP connectivity to service
providers and Session Manager /
Communication Manager possible
Avaya Aura™
SBC Key Features
Applications
SIP trunking to PSTN providers
SIP trunking to hosted service providers
(i.e. conferencing, contact center, etc.)
SIP trunking to federated businesses
Remote worker connectivity via Internet
Voice, video, presence & IM chat ready
Security
Acme Packet’s proven SBC security
framework for DoS/DDOS protection
TLS & SRTP encryption
Service Provider Interoperability
Same SBC technology used by majority
of Service Providers
Flexible controls to solve interop
problems
SIP/H.323 IWF for legacy network apps
Proven configuration templates
Tested with SPs through DevConnect
Evolution
Deployable on Avaya Aura System
Platform
Easily add SBC to existing installations
Flexible feature set for new applications
SM
SP
CM
SBC
For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights re
16. 16
Avaya Aura™
Session Border Controller
+ Avaya Aura System Platform
Avaya Aura SBC runs as an embedded virtualized application on System
Platform
Same approach used for other Avaya virtualized applications
Avaya Aura System Platform
HDDS8800
Linux
Console
Domain
XEN Hypervisor
DOM-0
SBC
Linux
RAM NIC CPU
For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights re
17. 17
Avaya Aura™
SBC &
Acme Packet Net-Net SBCs
Small to Medium Enterprise & CC Large Enterprise & CC
Location = Data Center / Branch Office Data Center
Data Center
(requiring transcoding)
# of lines (UC) = 25 – 2400 750 – 10,000 5,000 – 80,000 20,000 – 360,000
# of agents (CC) = 25 – 100 75 – 2,000 500 – 8,000 2,000 – 36,000
# of SBC sessions1
= 1 – 750 150 – 8,000 1,000 – 16,000 4,000 – 72,000
Available Features2
SIP / H.323 / IWF √ √ √ √
Full SBC Feature Set √ √ √ √
Call Recorder Interface √ √ √ √
Transcoding √ √
Embedded GUI/EMS Embedded GUI EMS EMS EMS
Acme Packet
Net-Net 9200
Acme Packet
Net-Net 3800
Acme Packet
Net-Net 4500
Avaya Aura
SBC
Notes:
1. SBC session capacity is controlled through licensing; capacity can vary by signaling protocol, call flow, codec, configuration, feature usage and SPU and NPU options
2. Some features are included in the base license and others are available as options (consult price book for details)
For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights re
18. SBC Comparison Table – At a Glance
Function & features
Avaya AuraTM
SBC
Acme Packet
Net-Net SBC 3800 / 4500
Security Features - -
DoS/DDoS Protection, Access Control, Topology Hiding √ √
Encryption – Signaling & Media (TLS & SRTP) √ √
Malware & SPIT mitigation √ √
Additional US Government DoD Features & Certifications √
Interop Features - -
SIP / H.323 Interworking √ √
Header Manipulation Rules (HMR) for Interop Mediation √ √
Media Transcoding √
Session Control Features - -
Advanced Session Admission Controls √ √
Load Balancing & Advanced Routing √ √
QoS Marking and Reporting √ √
Management Features - -
Element Management Embedded GUI + SIP trunking wizard CLI or Acme Packet EMS
Accounting with QoS Reporting & CDRs √ √
Session Replication for Recording √ √
Embedded Call Troubleshooting Tool √
Host Platform Details Avaya Aura System Platform & S8800 Acme Packet Hardware
For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights re
19. 19
Avaya Aura™
SBC Security Framework
SBC DoS/DDoS protection
– Protect against DoS/DDoS attacks
– Access control & VPN separation
– Dynamic, session-aware access
control for signaling & media
Topology hiding & privacy
Viruses, malware & SPIT mitigation
– Deep packet inspection
Encryption and Authentication
– TLS, SRTP, IPSec
Monitoring and reporting
– Record attacks & attackers
– Provide audit trails
SBC DoS
protection
Fraud
prevention
Access
control
Topology hiding
& privacy
Service
infrastructure
DoS
prevention
Viruses
malware
& SPIT
mitigation
For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights re
20. 20
Why do you need an SBC?2
Positioning & Packaging1
Avaya Aura™
Session Border Controller
Avaya Aura SBC Differentiation4
Avaya Aura SBC Overview3
For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights re
21. 21
Avaya Aura™
SBC = Security and more...
Legacy data security infrastructure is not enough
– SBCs provide all necessary defense-in-depth security capabilities for UC
and CC applications
– Alternative solutions (including UC-centric solutions) are not sufficient
SBCs can help in the area of
– Signalling protocol interworking
– QoS / Accounting
– Session replication for recording
– High availability
For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights re
22. 22
Avaya Aura™
SBC
value propositions & benefits
Avaya Aura SBCs augment Avaya solutions for UC and CC
– Defend SIP signaling elements against security threats, overloads
– Eliminate signaling and many other interoperability issues
– Preserve session quality under load and adverse conditions
– Extend Avaya application reach across IP network borders
– Support regulatory compliance
Key Benefits
– Faster Avaya solutions deployment at lower risk and cost
• Easier integration of Avaya with third-party applications and services
– Safe use of cost-effective SIP trunks
– High-quality session delivery to workers across the enterprise
– Improves customer’s options for customizing their networks
For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights re
23. 23
Avaya and Acme Packet Relationship
Strategic alliance contract completed
Reference architectures agreed and tested
– Avaya only connects to SIP Trunks through the SBC
– The preferred SBC vendor recommended for Avaya AuraTM
– Three-way certification program with SIP Trunk providers
Extensive integration testing completed
– Communication Manager, Session Manager, ICR, Voice Portal
– Nortel CS1000, CS2100, BCM
Joint go-to-market for product delivery and support
– Two-tier sales via Distribution for Avaya Aura SBC
– Direct channel for Acme Packet Net-Net 3800 / 4500
Education, marketing, consulting programs
Better solutions than anything Cisco can provide
For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights re
24. 24
Summary
Avaya AuraTM
SBCs = optimal security solution for UC and CC applications
Provides features required SIP trunking & remote worker applications
– Interworking, call recording, QoS measurement, NAT traversal
– Designed for voice, video, presence and IM chat applications
Based on market-leading and widely-deployed technology from Acme Packet
– 1,000+ customers in over 100 countries
– 48 of top 50, 90 of the top 100 service providers
– 11 of top Fortune 25 enterprise, 200+ total enterprise customers
For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights re