What Is An SBC?
What Is A Session Border Controller?
A Session Border Controller (SBC) is a VoIP session-aware device that controls call admission to a network at the border of that
network, and optionally (depending on the device) performs a host of call-control functions to ease the load on the call agents within
A Session Border Controller breaks down into two logically distinct pieces.
- The Signaling SBC function (SBC-SIG) controls access of VoIP signaling messages to the core of the network, and manipulates
the contents of these messages.
- The Media SBC function (SBC-MEDIA) controls access of media packets to the network, provides differentiated services and QoS
for different media streams, and prevents service theft.
Session Border Controllers are offered in centralized and distributed solutions. Metaswitch's DC-SBC components are modular,
allowing them to support either scenario. See DC-SBC Architecture for more information.
What Are Session Border Controllers Used For?
The following basic functions are offered by all Session Border Controllers.
- Securing the Service Provider's network boundary, as follows.
- They act as a Network Address Translator (NAT) for the SP.
- They may either act as a firewall, or cooperate with existing firewall devices in the DMZ. They may open pinholes in the firewall to allow VoIP signaling and media to pass through (or alternatively, the firewall may be statically configured to allow this).
- They perform a topology-hiding function to prevent customers or other service providers from learning details about how the SP’s network is configured, or how calls being placed through the SP are routed. They do this by rewriting VoIP signaling messages that traverse the SBC.
- They eliminate bad VoIP signaling and media protocol at the network boundary.
- Enabling VoIP signaling and media to be received from and directed to a device behind a firewall and NAT at the border of an adjacent network, without requiring the device or firewall to be upgraded.
- Providing call admission control. SBCs control which calls may be signaled through the network, and gracefully reject calls when necessary, protecting the network from Denial of Service attacks and sudden spikes in congestion. Call admission control can be used to guarantee and police Service Level Agreements, and to ensure that subscribers keep their call setup rates within limits that the backbone can handle.
SBCs may also perform the following additional functions.
- Quality of Service: reserving service provider network resources to handle calls being set up, and ensuring there is always enough bandwidth to handle emergency services calls.
- Media bridging, which may include Voice over IP, Fax over IP, and Modem over IP bridging.
- Fault tolerance, which may include 1:1 or 1:N backup. Carrier-class Session Border Controllers must ensure 99.999% (five nines) availability.
- Policy-based call routing, including crankback of call setup.
- Signaling protocol interworking (such as between H.323 and SIP, or between variants of H.323).
- Tracking the progress of each call for the purposes of billing, and producing Call Detail Reports.
Where Are Session Border Controllers Deployed?
Session Border Controllers are usually deployed in the Demilitarized Zone (DMZ) of a network. The DMZ is the conceptual term for
a small subnetwork (or individual device) that sits between a trusted private network, such as a corporate private LAN, and an
untrusted public network, such as the public Internet. The purpose of the DMZ is to prevent hostile or unwanted traffic from entering
(or, in some cases, leaving) the private network.
Session Border Controllers can be deployed in any of the following network scenarios.
- On the border between a provider and their customer (this can be thought of as providing a User Network Interface or UNI).
- On the border between two providers with a reciprocal agreement with respect to VoIP traffic (a Network-to-Network Interface or NNI).
- In IMS networks to provide Call Session Control and Border Gateway functions at the UNI and NNI points. For more information on
SBC in IMS networks, see our whitepaper Session Border Control in IMS.
- Within a provider offering VPN services to its customers, to bridge calls across the customers' VPN sites. The SBC in the provider
network is configured to be a member of all VPNs (and hence is routable to in each VPN).
- In the core of a network, as a means to overcome internal topology issues. For example, if two high-bandwidth sites are connected
by a low-bandwidth backbone link, SBCs can prevent the low-bandwidth link from becoming oversubscribed with voice traffic.
- In the core of a network, as a centralized codec transcoder. Since many SBCs perform codec transcoding at the media bridge,
they can be used to overcome any issues of interoperability between equipment with different capabilities.
For more information about Metaswitch's
Session Border Controller product and expertise contact