Acme Packet MSLync - SIP Trunking Overview Andrey Tagay Technical Account Manager
Disclaimer Acme Packet has made no commitments or promises orally or in writing with respect to delivery of any future software features or functions. All presentations, RFP responses and/or product roadmap documents, information or discussions, either prior to or following the date herein, are for informational purposes only, and Acme Packet has no obligation to provide any future releases or upgrades or any features, enhancements or functions, unless specifically agreed to in writing by both parties. Acme Packet 2
Acme Packet Информация о компании Основана в 2000 году Штаб-квартира в Бостоне, США 720 сотрудников в 34 странах Оборудование разрабатывается и производится в США Техподдержка 24x7 на английском языке Партнёрская программа - 170+ локальных партнёров - 10+ глобальных интеграционных парнёров Инсталлированная база - 1400 Заказчиков - 14000 узлов Acme Packet Acme Packet company overview 3
APKT session delivery network solutions now encompass 8 product categories Devices phones, tablets, PCs, TVs, sensors, etc. Session delivery network (SDN) IP transport network Applications & services 1. Session border controller controls sessions at borders 2. Session-aware load balancer scales session control at borders 3. Session routing proxy routes sessions to/from access & interconnect borders 4. Multiservice security gateway secures FMC session delivery (data & voice) over untrusted networks 5. Session manager manages subscriber access & interfaces application servers (SBC + IMS CSCFs + BGCF) 6. Policy exchange controller enables LTE data & voice session roaming 7. Application session controller empowers Web 2.0 applications to control sessions 8. Session recorder provides session recording utility for SDN Acme Packet Acme Packe product overview 4
Microsoft & Acme Packet joint activities http://www.acmepacket.com http://technet.microsoft.com / Acme Packet 5
MS&Acme 2011 references Acme Packet 6
Industry leading SBC capabilities Multi-protocol SIP, H.323, MGCP/NCS, H.248, RTSP, MSRP, H.239; H.248 border gateway control Security Net-SAFE: SBC DoS/DDoS protection, access control, topology hiding, VPN separation, privacy; virus & SPIT protection; service infrastructure DoS prevention; fraud prevention; monitoring & reporting; encryption IPsec, TLS, SRTP Service reach NAT traversal; IP address translation private-public, OLIP/VPN bridging, IPv4-IPv6; number & URI manipulation; signaling message header manipulation; protocol interworking signaling, transport & encryption protocols, SIP/SIP-I/SIP-T; response code translations; transcoding & transrating; SDP & DTMF manipulation SLA assurance admission control signaling & bandwidth constraints per user, network or session agent; signaling overload control; transport control QoS marking/vlan mapping, peer-peer media release; policy control; QoS & ASR routing & reporting; network element (L3 router, registrar, session agent) failure discovery, re-routing &/or load balancing; QoE reporting Acme Packet 7
Industry leading SBC capabilities (continued) Revenue & cost optimization accounting; routing source or destination-based, LCR, ENUM, by codec; CNAM; service theft protection bandwidth policing, QoS marking; session timers; service core normalization Regulatory compliance lawful intercept & emergency services E911 & GETS; session replication for recording High availability checkpointing of media, signaling, IPsec tunnel & config state ensures no loss of active sessions, or state required for NAT traversal, session handling (transfer/hold, etc.) or accounting Management EMS, RMC, CLI, HTTPS, XML, telnet, FTP, SFTP, RADIUS, SNMP, syslog, secure management Acme Packet 8
SIP trunk management requirements Management of SIP trunks is a multi-dimensional challenge Service Provider SBCs must support: Traffic management & control Multi-tenant (enterprise) Ability to support different types of deployment models HMR support (for carriers willing to adapt the enterprise-facing flow) Ability to interface with multiple management systems Enterprise SBCs must support: Traffic management & control Multi-carrier (service provider) IWF & HMR support (H.323 / SIP IWF & diverse PBX dialects) Ability to interface with multiple management systems Management tools must support: Ability to provision and monitor SBCs (full FCAPS functionality) Manage multiple SBCs (type and quantity) Offer troubleshooting tools Acme Packet Acme Packet 9
Key SIP trunk management features Key features Acme Packet provides for SIP trunk management Traffic management Session admission control SIP & H.323 interoperability Call routing & load balancing Per-trunk performance reporting Smart media management Protection from DoS attacks Encryption (TLS, SRTP, IPsec) 1. SIP trunking border 4. Hosted services border IP subscribers Service providers Data centers IP PBX PSTN Contact center, audio/video conferencing, IP Centrex, etc. UC An all Acme Packet SIP trunk solution for service provider + enterprise SBCs offers several advantages End-to-end trunk management features & tools from APKT Managed enterprise SBC solution from the industry leader Acme Packet Acme Packet 10 H.323 Regional site Private network SIP Remote site HQ/ campus 2. Private network border SIP Nomadic/ mobile user Internet Teleworker 3. Internet border Remote site
SIP trunk management session control features Session capacity & rate limiting Concurrent session inbound and outbound Sustained and burst rate inbound and outbound Per-flow signalling rate & bandwidth policing Bandwidth capacity per-trunk and per-branch Call rate and percentage gapping (e.g. 20% traffic reduction) Session load balancing Hunt, round robin, proportional, least busy Per-method controls (throttling/blocking) SIP MPLS VPN Service Provider SIP Trunking Infrastructure PSTN E / SP Demarc Acme Packet Acme Packet 11
SIP trunk management interop features PBXs are not always able to connect directly to carrier SIP trunks due to differences in SIP variants or when H.323 is the only available IP interface Acme Packet solves this problem by providing: Complete SIP header manipulation rule (HMR) capabilities to interwork different SIP dialects between PBX and carrier SIP trunking elements Full H.323 SIP interworking Media transcoding & DTMF format (INFO / 2833) interworking Signaling transport (UDP / TCP / TLS) and media encryption (RTP/SRTP) IWF Enables virtually any SIP or H.323 capable PBX or UC platform to talk to any carrier SIP trunk service Proven interop with all of the major PBX and UC vendors & SIP trunk carriers Enterprise Telephony Infrastructure Lync&OCS SIP or H.323 MPLS VPN Service Provider SIP Trunking Infrastructure PSTN Acme Packet Acme Packet 12
SIP trunk management routing features Typically, an enterprise SBC routes inbound and outbound calls between PBX and carrier SIP trunk via simple static dial plans Enterprise uses SBCs for more advanced routing Least cost routing, call quality-based routing, time-of-date routing Failover & load-balancing routing Policy-based routing ENUM Routing decisions can be based on: - Called or Called Party Number (or any field in the SIP header) - Cost metrics, Time-of-day, CAC loads - Media codec or type (voice vs. video) - PBX or carrier trunk availability - Call quality requirements (best effort or high MOS score) Enterprise Telephony Infrastructure SIP or H.323 MPLS VPN Service Provider SIP Trunking Infrastructure PSTN Acme Packet Acme Packet 13
SIP trunk management QoS reporting features Enables quality of service monitoring across the SIP trunk by providing real-time evaluation of network & route performance Segment C 1. SIP trunking border IP subscribers Service providers PSTN HDR enables monitoring QoS statistics per trunk basis Facilitates SLA verification & traffic engineering Facilitates QoS based routing Acme Packet Acme Packet 14 Segment A Segment B H.323 Regional site Private network SIP Remote site HQ/ campus 2. Private network border
SIP Trunking to a Qualified ITSP Some enterprises may wish to directly connect their Mediation Server to the qualified IP Telephony Service Provider s (ITSP) network SBC IP Telephony Service Provider Network Enterprise Network Service Provider Private IP Network (MPLS) Existing Telephony Environment Public IP Network (Internet) FE Servers Lync Server or OCS Environment * Firewalls in the DMZ are present but not shown for the sake of diagram simplicity PSTN SIP trunk between Mediation Server & ITSP Network SBC Business Partner Federation, Public IM Connectivity, Remote Workers Mediation Server Lync/OCS Endpoints Service Provider SIP Trunk Infrastructure Lync/OCS Edge Servers Federation With Other Lync/OCS Networks & Public IM Connectivity (PIC) to MSN, Yahoo, AOL, and XMPP Networks Remote Office Communicator & Lync Endpoints This is a Microsoft & Acme Packet supported deployment model if the ITSP s SIP trunk service has been qualified via the Unified Communications Open Interoperability Program (UCOIP). UCOIP details: http://technet.microsoft.com/ucoip 15
SIP Trunking via Existing IP-PBX Some enterprises may start working with Lync/OCS SIP Trunking by connecting their Mediation Server to their existing IP-PBX Enterprise Network IP Telephony Service Provider Network Service Provider Private IP Network (MPLS) Existing Telephony Environment Public IP Network (Internet) FE Servers Lync Server or OCS Environment * Firewalls in the DMZ are present but not shown for the sake of diagram simplicity PSTN SIP trunk between Mediation Server & Existing Enterprise PBX Business Partner Federation, Public IM Connectivity, Remote Workers Mediation Server Lync/OCS Endpoints Service Provider SIP Trunk Infrastructure Lync/OCS Edge Servers Federation With Other Lync/OCS Networks & Public IM Connectivity (PIC) to MSN, Yahoo, AOL, and XMPP Networks Remote Office Communicator & Lync Endpoints This is a Microsoft & Acme Packet supported deployment model if the IP-PBX is qualified through the UCOIP for Direct SIP with Lync Server/OCS. UCOIP details: http://technet.microsoft.com/ucoip 16
SIP Trunking via Enterprise SBC Some enterprises that have already invested in SBCs may wish to utilize their enterprise SBC to support Lync Server & OCS SIP Trunking IP Telephony Service Provider Network Enterprise Network Service Provider Private IP Network (MPLS) Existing Telephony Environment * Firewalls in the DMZ are present but not shown for the sake of diagram simplicity Public IP Network (Internet) FE Servers Lync Server or OCS Environment PSTN SIP trunk between Mediation Server & Enterprise SBC Business Partner Federation, Public IM Connectivity, Remote Workers Mediation Server Lync/OCS Endpoints Service Provider SIP Trunk Infrastructure Lync/OCS Edge Servers Federation With Other Lync/OCS Networks & Public IM Connectivity (PIC) to MSN, Yahoo, AOL, and XMPP Networks Remote Office Communicator & Lync Endpoints Mediation Server connects to ITSP network via an enterprise SBC SBC in the DMZ may be owned by the enterprise or deployed and managed by the ITSP as part of a managed network service This is a Microsoft & Acme Packet supported deployment model if the ITSP s SIP Trunking service has been qualified via UCOIP UCOIP details: http://technet.microsoft.com/ucoip 17
Why use an enterprise SBC with SIP Trunking? Many Acme Packet service provider and enterprise customers wish to use enterprise SBCs with Lync Server & OCS SIP Trunking...but why? While many UCOIP-qualified SIP Trunking SPs support a direct connection between the enterprise Lync Server & OCS and the SP edge SBC, some UCOIP-qualified SPs and enterprise customers prefer to deploy an enterprise SBC Examples of the functions the enterprise SBC may perform: Signaling transport IWF and/or media encryption IWF (many SPs are not ready or willing to terminate Lync Server/OCS TLS, TCP, or SRTP on their SP edge SBC) Codec compatibility (Mediation Server = G.711 only; SP may want to run a different codec on the SIP trunk for bandwidth efficiency and use the enterprise SBC to transcode back to G.711) Off-load of customer network complexity from SP edge SBC to enterprise SBC (a two-tier, hierarchical SBC model) Session management functions (i.e. centralized call routing & dial plan management) for cases where Lync Server / OCS co-exist with legacy enterprise telephony systems 18
Can you use SBCs with Lync/OCS signaling / media flows besides SIP Trunking? This is not a Microsoft & Acme Packet supported deployment model Enterprise Network IP Telephony Service Provider Network Service Provider Private IP Network (MPLS) Service Provider SIP Trunk Infrastructure PSTN Existing Telephony Environment Business Partner Federation, Public IM Connectivity, Remote Workers Mediation Server Lync/OCS Endpoints FE Servers Lync Server or OCS Environment * Firewalls in the DMZ are present but not shown for the sake of diagram simplicity Public IP Network (Internet) Lync/OCS Edge Servers? Federation With Other Lync/OCS Networks & Public IM Connectivity (PIC) to MSN, Yahoo, AOL, and XMPP Networks Remote Office Communicator & Lync Endpoints Lync & OCS security is built on an end-to-end message integrity model, which means any type of B2BUA handling or modification would compromise the end-to-end integrity and could result in a termination of the Lync & OCS signaling / media flow This means it is not possible to deploy B2BUA elements like SBCs or SIP Application Layer Gateways (ALGs) in these types of non-sip Trunking Lync Server & OCS signaling / media flows Lync & OCS Edge Servers are purpose-built for this type of DMZ security application and are fully integrated into the Lync Server & OCS management model 19
Net-Net hardware platforms unparalleled scale and flexibility Net-Net 14000 1 Net-Net ESD SW on 3rd party server HW Net-Net 3820 1 Net-Net 4500 1 Licensed session capacity range 25-150 150 8K 500 32K 500 210K System throughput N/A 5Gbps 5Gbps 35Gbps Network interfaces (# active) 2(1) Gbps (4) 1Gbps (4) 1Gbps (28) 1Gbps IPsec tunnel capacity Planned 120K 200K 2800K Transcoding session capacity Planned 500-6000 500-6000 Planned Local route table capacity (# of routes) N/A 1M 2M 28M Note 1: Capacity can vary by signaling protocol, call flow, codec, configuration, feature usage and SPU and NPU options Acme Packet Acme Packe product overview 20 20
Mid-range transcoding NIU [Net-Net 4500 & Net-Net 3820 Platforms] Transcoding module Mid-range NIU 4 port 1GigE SFP-based NIU supports transcoding & QOS Minimum configuration is 1 transcoding module supporting up to 600 transcoded sessions* NIU may be populated with up to 12 transcoding modules supporting up to 7200 transcoded sessions* QOS reporting support is provided - by DSPs for transcoded sessions - by FPGA on-board the NIU for non-transcoded sessions No support for encryption * Capacity is dependent on specific codec combinations Acme Packet 21
Supported Bit rates and ptimes for codecs Standard G.711 (PCMU/A) Bit Rate(s) in Kbps Packetization Interval(s) in ms 64 kbps 10, 20, 30, 40, 50, 60 ms G.722 48, 56, 64 kbps 10, 20, 30, 40 ms G.723.1 5.3, 6.3 kbps 30, 60, 90 ms G.726 16, 24, 32, 40 kbps 10, 20, 30, 40, 50 ms ilbc 13.3, 15 kbps 20, 30, 40, 60 ms G.729/A/B 8 kbps 10, 20, 30, 40, 50, 60, 70, 80, 90 ms AMR 4.75, 5.15, 5.90, 6.70, 7.40, 7.95, 10.2, 12.2 20, 40 ms AMR-WB 6.6, 8.85, 12.65, 14.25, 15.85, 18.25, 19.85, 23.05, 20 ms (G.722.2) 23.85 GSM FR 13 kbps 20 ms Acme Packet Acme Packet proprietary and confidential 22 22
Extensive transcoding feature support Fax interworking T.30 (G.711 in-band tones) -to- T.38 DTMF interworking bi-directional RFC4733/DTMF tone detection/generation In-band DTMF SIP INFO Bandwidth efficiency and optimization QoS reporting IPv6 support VAD Comfort noise generation Silence suppression PLC QoS for non-transcoded calls QoS for transcoded calls (future) IPv4 <-> IPv6 iwf support for transcoded sessions Acme Packet Acme Packet proprietary and confidential 23