Session border controller

from Wikipedia, the free encyclopedia
General SBC block diagram

A session border controller ( SBC ) is a network component for the secure coupling of different computer networks or computer networks with different security requirements. SBC are mainly used in IP telephony networks (VoIP) to couple external (insecure) data networks with internal (secure) IT structures or to implement so-called sessions.

An SBC enables control and monitoring of signaling and, as a rule, media streaming as well as setting up, making and breaking down telephone calls or other interactive media that are involved in a communication.

Areas of application

An SBC is used at network boundaries and links internal and external networks. The SBC analyzes the various data streams ( sessions ) and, depending on the configuration, intervenes in the various data streams (here: voice or signaling data). In the field of IP-based telecommunications (VoIP), signaling data and voice / image data are transmitted separately.

A SIP-based telephone usually sends the signaling data to the telephone system, while the voice data is usually transmitted directly from telephone to telephone via the shortest route. By decoupling signaling data and voice data, on the one hand the advantages of IP-based data networks can be exploited, on the other hand the transmission of voice data (better media data) cannot be influenced by the telephone system.

An SBC combines the following functions:

Security offloading
Support of encryption techniques ( TLS , SRTP )
Media pinholing
Targeted activation of UDP / TCP ports for the transmission of media data
Transcoding
Transcoding between different voice / video codecs such as G.711 to G.729
Protocol Translation
Conversion and adaptations of various signaling protocols such as SIP to SIP-Q ( QSIG over SIP)
Header manipulation
Adaptation of the SIP and SDP headers, for example to adapt phone number formats ( E.164 ) or IP addresses
Media anchoring
Coupling of voice data from SIP devices, the only network address translation can be reached
Secure coupling of voice / video data

Definitions

The term meeting refers to communication between two parties in the context of telephony. Each call consists of one or more signaled messages (call signals) as well as media streaming components, the quality of which must be checked. Together these currents form a session. It is the task of a session border controller to influence the data flows of the sessions.

The term network boundary refers to a point of separation between part of a network and another network. A simple example of this is a local corporate network that is separated from the rest of the Internet by a so-called firewall . A more complex example is a local corporate network that includes various departments with different security needs for their locations and data. In this case, different filters, routers or other network elements are used to control the flow of data streams. It is the task of a session border controller to support this session data across borders.

The term control refers to the influence that the session border controller exerts on data streams that comprise sessions to cross borders between one part of a network and another. In addition, session border controllers often provide access controls and data conversions for the calls they control or control.

literature

  • Jörg Fischer: VoIP Practical Guide . Planning, implementing and operating IP communication for voice, data and video, Hanser Verlag, Munich / Vienna 2008, ISBN 978-3-446-41188-3 .
  • Thierry Van de Velde: Value-Added Services for Next Generation Networks. Auerbach Publications, London 2008, ISBN 978-0-8493-7318-3 .
  • Adeel Ahmed, Habib Madani, Talal Siddiqui: VoIP Performance Management and Optimization. Cisco Systems Inc, Indianapolis 2010, ISBN 978-1-58705-528-7 .
  • Martin Kappes: Network and data security. A practical introduction, 2nd edition, Springer Fachmedien, Wiesbaden 2013, ISBN 978-3-8348-0636-9 .

See also

Web links