• Like
  • Save

Loading…

Flash Player 9 (or above) is needed to view presentations.
We have detected that you do not have it on your computer. To install it, go here.

Avaya Aura SBC by PacketBase

  • 7,031 views
Published

Avaya Aura Session Border Controller, powered by Acme Packet, secures the IP border for the real time interactive communications that flow outside your internal network. With Avaya Aura Session Border …

Avaya Aura Session Border Controller, powered by Acme Packet, secures the IP border for the real time interactive communications that flow outside your internal network. With Avaya Aura Session Border Controller, your Unified Communications and Contact Center Solutions can securely leverage SIP, while simultaneously extending the power of the Avaya Aura architecture throughout your enterprise to realize the true benefits of open standards.

Published in Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
7,031
On SlideShare
0
From Embeds
0
Number of Embeds
13

Actions

Shares
Downloads
0
Comments
0
Likes
16

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide
  • © 2009 Avaya Inc. All rights reserved.
  • © 2009 Avaya Inc. All rights reserved. © 2009 Avaya Inc. All rights reserved.

Transcript

  • 1. Avaya Aura ™ Session Border Controller PacketBase, Inc. www.packetbase.com
  • 2. Avaya Aura ™ Session Border Controller For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights reserved. Why do you need an SBC? 2 Avaya Aura SBC Overview 3 Positioning and Packaging 1 Avaya Aura SBC Differentiation 4
  • 3. Avaya Aura ™ SBC: Now available on Avaya Aura System Platform
    • Avaya Aura Session Border Controller (SBC)
      • A virtualized application resident on Avaya Aura System Platform
      • Just like Communication Manager, Application Enablement Services, etc.
    • Powered by Acme Packet
      • OEM from SBC market leader
    • Designed for midsized enterprises, branch offices, and small contact centers
      • Supports up to 750 SBC sessions
    • Suitable for SIP trunking and remote worker/agent applications
      • Supports voice, video, presence, and IM chat applications
    • Complements Acme Packet Net-Net SBC solutions available from Avaya
      • Acme Packet Net-Net 3800 / 4500
    For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights reserved.
  • 4. Where Avaya Aura ™ SBC fits in the high-level Avaya Aura architecture Unified Communications Contact Center Service Provider Network Video Endpoints SBC For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights reserved. Collaboration Solutions Interaction Solutions Performance Analytics System Manager Session Manager Communication Manager Application Enablement Presence Services Deskphones Clients
  • 5. Where Avaya Aura ™ SBC fits in the customer network MX 3 rd Party endpoints Avaya CM (branch or standalone) Remote workers via Internet 3 rd Party PBXs Avaya one-X ® endpoints PSTN trunking providers, hosted services, federated partners System Manager Avaya Aura SBC or Acme Packet SBC Media Servers Access Connection Application SIP Trunks SIP Internet SIP Trunks or For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights reserved. Application Platform App Application Platform App App MM VP CM Avaya Aura ™ Session Manager Avaya Aura ™ SBC
  • 6. Avaya Aura ™ SBC Role in UC & CC architectures
    • Completes Avaya’s cost-effective end-to-end SIP architecture
      • SIP trunking and border interworking
      • Remote site & worker connectivity
    • Provides best-in-class VoIP & UC security
      • Integrated with Avaya Session Manager, Communication Manager, and Voice Portal
    • Assures quality and high availability
      • Disaster recovery and survivability
    • Helps achieve regulatory compliance
      • Emergency calls, privacy, recording
    Redundant data centers Contact center, audio/video conferencing, emergency services, etc. To PSTN SIP Tele- worker Nomadic/ mobile user SIP Remote site 1. SIP trunking border 2. Hosted services border HQ/ campus Remote site CC UC H.323 Regional site Federated partners Internet Private network ASM For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights reserved. 3. Internet border
  • 7. Avaya Aura ™ Session Border Controller For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights reserved. Positioning and Packaging 1 Avaya Aura SBC Overview 3 Why do you need an SBC? 2 Avaya Aura SBC Differentiation 4
  • 8. What is a Session Border Controller?
    • Session = real-time, interactive communications
      • Voice, video & multimedia
      • SIP or H.323
    • Border = IP-IP network borders
      • SIP trunks to service providers
      • Remote worker access
      • Intra- & extra-enterprise
    • Control
      • Security & SLA assurance
      • Revenue & cost optimization
      • Regulatory compliance
    Redundant data centers Contact center, audio/video conferencing, emergency services, etc. To PSTN SIP Tele- worker Nomadic/ mobile user SIP Remote site 1. SIP trunking border 2. Hosted services border HQ/ campus Remote site CC UC H.323 Regional site Federated partners Internet Private network ASM For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights reserved. 3. Internet border
  • 9. Why use an SBC?
    • Real-time IP communications is different than TDM and other IP flows
      • Sessions initiated from inside or outside of firewall
      • Continuous stream vs. traffic bursts, 2-way flows
      • Interoperability problems between multivendor solutions will occur
    • Security is paramount
      • Multi-protocol and real-time nature of IP telephony and Unified Communications traffic demands sophisticated stateful defense strategy
      • Signaling attacks are simplest to launch
    • Today’s data-focused security solutions are not enough
      • Lack ability to dynamically correct VoIP connectivity issues
      • Unable to perform VoIP signaling/media deep packet inspection
      • Cannot solve protocol interoperability problems
    For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights reserved.
  • 10. Enterprise and contact center security threats
    • Denial of Service
      • Call/registration overload
      • Malformed messages (fuzzing)
    • Configuration errors
      • Mis-configured devices
      • Operator and application errors
    • Theft of service
      • Unauthorized users
      • Unauthorized media types
    • Viruses & SPIT
      • Viruses via SIP messages
      • Malware via IM sessions
      • SPIT – unwanted traffic
    Increased usage of collaboration tools means security threats are more of a concern For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights reserved. Source: Nemertes Research Enterprise Adoption of Collaboration Tools
  • 11. How are SBCs different from firewalls?
    • Traditional firewalls cannot:
      • Prevent SIP-specific overload conditions and malicious attacks
      • Open / close RTP media ports in sync with SIP signaling
      • Track session state and provide uninterrupted service
      • Perform interworking or security on encrypted sessions
      • Scale to handle thousands of real-time sessions
      • Provide carrier-class availability
      • Solve multi-vendor SIP interoperability problems
    • InfoSec best practice = deploy defense-in-depth model with application-level security proxies for email and web applications
      • This means firewalls alone are not sufficient
      • Same model applies for IP telephony, UC and CC applications
    For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights reserved.
  • 12. SBC vs. Firewall with ALG
    • Terminates, re-initiates and initiates signaling & SDP
    • Two sessions - one on each side of system
    • Layer 2-7 state aware
    • Inspects and modifies any application layer header info (SIP, SDP, etc.)
    • Static & dynamic ACLs
    • Unable to terminate, initiate, re-initiate signaling & SDP
    • Single session dialog across system
    • Layer 2-4 state aware
    • Inspects and modifies only application layer addresses (SIP, SDP, etc.)
    • Static ACLs only
    • SBC
    FW with ALG For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights reserved. SIP trunk IP PBX UC server Data center SIP trunk IP PBX UC server Data center
  • 13. SBC vs. other approaches For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights reserved. Function & feature examples Avaya Aura TM SBC Acme Packet Net-Net SBC Firewall with SIP ALG IP PBX + Session Manager Router Other UC security element DoS/DDoS protection √ √ - - - limited Access control - dynamic & static √ √ static only - static only - Topology hiding √ √ - - - - Encryption – signaling & media √ √ IPSec only TLS only IPsec only limited Malware & SPIT mitigation √ √ - - - √ Remote NAT traversal √ √ - - - - VPN bridging √ √ - - L3 only - Header manipulation rules for interop √ √ - - - - SIP / H.323 interworking √ √ - - - - Overlapping dial plan translations √ √ - √ - - Advanced session admission controls √ √ - √ - - Load balancing & advanced routing √ √ - √ - - Signaling overload control √ √ - √ - - QoS marking and reporting √ √ - - minimal - Embedded in Avaya Aura System Platform √ - - √ - -
  • 14. Avaya Aura ™ Session Border Controller For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights reserved. Why do you need an SBC? 2 Positioning & Packaging 1 Avaya Aura SBC Overview 3 Avaya Aura SBC Differentiation 4
  • 15. Avaya Aura ™ SBC Key Features For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights reserved.
    • Reliability and Scale
    • Active/standby redundancy
    • Scales to 750 sessions
    • Redundant SIP connectivity to service providers and Session Manager / Communication Manager possible
    • Applications
    • SIP trunking to PSTN providers
    • SIP trunking to hosted service providers (i.e. conferencing, contact center, etc.)
    • SIP trunking to federated businesses
    • Remote worker connectivity via Internet
    • Voice, video, presence & IM chat ready
    • Security
    • Acme Packet’s proven SBC security framework for DoS/DDOS protection
    • TLS & SRTP encryption
    • Service Provider Interoperability
    • Same SBC technology used by majority of Service Providers
    • Flexible controls to solve interop problems
    • SIP/H.323 IWF for legacy network apps
    • Proven configuration templates
    • Tested with SPs through DevConnect
    • Evolution
    • Deployable on Avaya Aura System Platform
    • Easily add SBC to existing installations
    • Flexible feature set for new applications
    SM SP CM SBC
  • 16. Avaya Aura ™ Session Border Controller + Avaya Aura System Platform
    • Avaya Aura SBC runs as an embedded virtualized application on System Platform
    • Same approach used for other Avaya virtualized applications
    Avaya Aura System Platform HDD S8800 Linux Console Domain XEN Hypervisor DOM-0 SBC Linux RAM NIC CPU For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights reserved.
  • 17. Avaya Aura ™ SBC & Acme Packet Net-Net SBCs Avaya Aura SBC Notes: 1. SBC session capacity is controlled through licensing; capacity can vary by signaling protocol, call flow, codec, configuration, feature usage and SPU and NPU options 2. Some features are included in the base license and others are available as options (consult price book for details) For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights reserved. Small to Medium Enterprise & CC Large Enterprise & CC
      • Location =
    Data Center / Branch Office Data Center Data Center (requiring transcoding) # of lines (UC) = 25 – 2400 750 – 10,000 5,000 – 80,000 20,000 – 360,000 # of agents (CC) = 25 – 100 75 – 2,000 500 – 8,000 2,000 – 36,000 # of SBC sessions 1 = 1 – 750 150 – 8,000 1,000 – 16,000 4,000 – 72,000 Available Features 2 SIP / H.323 / IWF √ √ √ √ Full SBC Feature Set √ √ √ √ Call Recorder Interface √ √ √ √ Transcoding √ √ Embedded GUI/EMS Embedded GUI EMS EMS EMS Acme Packet Net-Net 9200 Acme Packet Net-Net 3800 Acme Packet Net-Net 4500
  • 18. SBC Comparison Table – At a Glance For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights reserved. Function & features Avaya Aura TM SBC Acme Packet Net-Net SBC 3800 / 4500 Security Features - - DoS/DDoS Protection, Access Control, Topology Hiding √ √ Encryption – Signaling & Media (TLS & SRTP) √ √ Malware & SPIT mitigation √ √ Additional US Government DoD Features & Certifications √ Interop Features - - SIP / H.323 Interworking √ √ Header Manipulation Rules (HMR) for Interop Mediation √ √ Media Transcoding √ Session Control Features - - Advanced Session Admission Controls √ √ Load Balancing & Advanced Routing √ √ QoS Marking and Reporting √ √ Management Features - - Element Management Embedded GUI + SIP trunking wizard CLI or Acme Packet EMS Accounting with QoS Reporting & CDRs √ √ Session Replication for Recording √ √ Embedded Call Troubleshooting Tool √ Host Platform Details Avaya Aura System Platform & S8800 Acme Packet Hardware
  • 19. Avaya Aura ™ SBC Security Framework
    • SBC DoS/DDoS protection
      • Protect against DoS/DDoS attacks
      • Access control & VPN separation
      • Dynamic, session-aware access control for signaling & media
    • Topology hiding & privacy
    • Viruses, malware & SPIT mitigation
      • Deep packet inspection
    • Encryption and Authentication
      • TLS, SRTP, IPSec
    • Monitoring and reporting
      • Record attacks & attackers
      • Provide audit trails
    For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights reserved. SBC DoS protection Fraud prevention Access control Topology hiding & privacy Service infrastructure DoS prevention Viruses malware & SPIT mitigation
  • 20. Avaya Aura ™ Session Border Controller For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights reserved. Why do you need an SBC? 2 Positioning & Packaging 1 Avaya Aura SBC Differentiation 4 Avaya Aura SBC Overview 3
  • 21. Avaya Aura ™ SBC = Security and more...
    • Legacy data security infrastructure is not enough
      • SBCs provide all necessary defense-in-depth security capabilities for UC and CC applications
      • Alternative solutions (including UC-centric solutions) are not sufficient
    • SBCs can help in the area of
      • Signalling protocol interworking
      • QoS / Accounting
      • Session replication for recording
      • High availability
    For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights reserved.
  • 22. Avaya Aura ™ SBC value propositions & benefits
    • Avaya Aura SBCs augment Avaya solutions for UC and CC
      • Defend SIP signaling elements against security threats, overloads
      • Eliminate signaling and many other interoperability issues
      • Preserve session quality under load and adverse conditions
      • Extend Avaya application reach across IP network borders
      • Support regulatory compliance
    • Key Benefits
      • Faster Avaya solutions deployment at lower risk and cost
        • Easier integration of Avaya with third-party applications and services
      • Safe use of cost-effective SIP trunks
      • High-quality session delivery to workers across the enterprise
      • Improves customer’s options for customizing their networks
    For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights reserved.
  • 23. Avaya and Acme Packet Relationship
    • Strategic alliance contract completed
    • Reference architectures agreed and tested
      • Avaya only connects to SIP Trunks through the SBC
      • The preferred SBC vendor recommended for Avaya Aura TM
      • Three-way certification program with SIP Trunk providers
    • Extensive integration testing completed
      • Communication Manager, Session Manager, ICR, Voice Portal
      • Nortel CS1000, CS2100, BCM
    • Joint go-to-market for product delivery and support
      • Two-tier sales via Distribution for Avaya Aura SBC
      • Direct channel for Acme Packet Net-Net 3800 / 4500
    • Education, marketing, consulting programs
    • Better solutions than anything Cisco can provide
    For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights reserved.
  • 24. Summary
    • Avaya Aura TM SBCs = optimal security solution for UC and CC applications
    • Provides features required SIP trunking & remote worker applications
      • Interworking, call recording, QoS measurement, NAT traversal
      • Designed for voice, video, presence and IM chat applications
    • Based on market-leading and widely-deployed technology from Acme Packet
      • 1,000+ customers in over 100 countries
      • 48 of top 50, 90 of the top 100 service providers
      • 11 of top Fortune 25 enterprise, 200+ total enterprise customers
    For more information contact us at www.packetbase.com or 866.405.3992 - © 2010 Avaya Inc. All rights reserved.
  • 25. Avaya Aura ™ Session Border Controller PacketBase, Inc. www.packetbase.com