Session Border Controller

Encyclopedia : S : SE : SES : Session Border Controller

A Session Border Controller is a device used in some VoIP networks to exert control over the signaling and media streams involved in setting up, conducting, and tearing down calls. SBCs are put into the signaling and/or media path between calling and called party. In some cases, the SBC acts as if it was the called VoIP phone and places a second call to the called party. The effect of this behaviour is that not only the signaling traffic, but also the media traffic (voice, video etc) crosses the SBC. Without an SBC, the media traffic travels directly between the VoIP phones. However, in other cases, the SBC simply modifies the stream of data involved in each call, perhaps limiting the kinds of call that can be conducted, changing the CODEC choices, and so on. Ultimately, SBCs allow their owners to control the kinds of call that can be placed through the networks on which they reside, and also overcome some of the problems that firewalls and NAT cause for VoIP calls. Private SBCs are often used along with firewalls to enable VoIP calls to and from a protected enterprise network. Public VoIP service providers use SBCs to allow the use of VoIP protocols from private networks with internet connections using NAT, and also to implement strong security measures that are necessary to maintain a high quality of service.

Additionally, some SBCs can also allow VoIP calls to be set up between two phones using different VoIP signaling protocols (SIP, H.323, Megaco/MGCP, etc...) as well as performing transcoding of the media stream when different codecs are in use. Many SBCs also provide firewall features for VoIP traffic (denial of service protection, call filtering, bandwidth management, etc...).

In contrast to conventional phone systems, the OSI layers of a VoIP-based network need not to be operated by a single company. A VoIP user may purchase her internet access from one internet service provider and her VoIP service from a second company. Some telecom companies use SBCs to revert this characteristic in order to retain their current business model when offering public VoIP services.

The concept of the SBC is controversial to proponents of end-to-end systems and peer-to-peer networking.

SBCs can extend the length of the media path (the way of media packets through the network) significantly. A long media path is undesirable, as it increases the delay of voice packets (especially if the SBC implements transcoding) and the probability of packet loss. Both effects deteriorate the voice/video quality. Some SBCs can detect if the ends of the call are in the same subnetwork and release control of the media enabling it to flow directly between the clients, this is anti-tromboning. Also, some SBCs can create a media path where none would otherwise be allowed to exist (by virtue of the various firewalls and other security aparatus between the two endpoints).
SBCs may break the end-to-end transparency. VoIP phones may not be able to use new protocol features unless they are understood by the SBC. However, some SBCs are more able than others to cope with previously unseen and unanticipated protocol features. End-to-End encryption can't be used if the SBC does not have the key, although some portions of the information stream in an encrypted call are not encrypted, and those portions can be used and influenced by the SBC.
Far-end or hosted NAT traversal can in some cases be done without SBCs if the VoIP phones support protocols like STUN, TURN, ICE, or Universal Plug and Play (UPnP).

Most of the controversy surrounding SBCs pertains to whether call control should remain solely with the two endpoints in a call (in service to their owners), or should rather be shared with other network elements owned by the organizations managing the various networks involved in connecting the two call endpoints. For example, should call control remain with Alice and Bob (two callers), or should call control be shared with the operators of all the IP networks involved in connecting Alice and Bob's VoIP phones together. The debate of this point is vigorous, almost religious, in nature. Those who want control in the endpoints only, are greatly frustrated by the various realities of today's networks, such as firewalls, filtering/throttling, and the lack of adoption of a universal VoIP equivalent to the phone number. Those who want control in the middle of the call, are typically trying to replicate the old-style phone system, where virtually all control rested with the service provider. So far, these views have not proven to be reconcilable.

An SBC may provide session media (normally Real-time Transport Protocol) and signalling (normally SIP) wiretap services, which can be used by providers to enforce requests for the lawful interception of network sessions. Standards for the interception of such services are provided by CALEA and ETSI, among others.

External links

[Acme Packet White Paper defines the need for session border controllers for interactive IP services] – White Paper

[Newport Networks White Paper examining the pros and cons of different NAT traversal techniques] – White Paper

[What is a Session Border Controller?] – Short description of the main functions of a Session Border Controller

[IP Networks and the Session Border Controller] – Details on Far-end NAT Traversal, Inter-Carrier Peering, and Security

From Wikipedia, the Free Encyclopedia. Original article here. Support Wikipedia by contributing or donating.
All text is available under the terms of the GNU Free Documentation License See Wikipedia Copyrights for details.