Feature List
The SBC application supports the following main features:
|
■
|
NAT traversal: The device supports NAT traversal, allowing, for example, communication with ITSPs with globally unique IP addresses and with far-end users located behind NAT on the WAN. The device supports this by: |
|
●
|
Continually registering far-end users with its users registration database. |
|
●
|
Maintaining remote NAT binding state by frequent registrations and thereby, off-loading far-end registrations from the LAN IP PBX. |
|
●
|
Using Symmetric RTP (RFC 4961) to overcome bearer NAT traversal. |
|
■
|
VoIP firewall and security for signaling and media: |
|
◆
|
Deep and stateful inspection of all SIP signaling packets. |
|
◆
|
SIP dialog initiations may be rejected based on values of incoming SIP INVITE message and other Layer-3 characteristics. |
|
◆
|
Packets not belonging to an authorized SIP dialog are discarded. |
|
◆
|
Opening pinholes (ports) in the device's firewall based on SDP offer-answer negotiations.
|
|
◆
|
Deep packet inspection of all RTP packets. |
|
◆
|
Late rogue detection - if a SIP session was gracefully terminated and someone tries to "ride on it" with rogue traffic from the already terminated RTP and SIP context, the VoIP Firewall prevents this from occurring. |
|
◆
|
Disconnects call (after user-defined time) if RTP connection is broken. |
|
◆
|
Black/White lists for both Layer-3 firewall and SIP classification. |
|
■
|
Stateful Proxy Operation Mode: The device can act as a Stateful Proxy by enabling SIP messages to traverse it transparently (with minimal interference) between the inbound and outbound legs. |
|
■
|
B2BUA and Topology Hiding: The device intrinsically supports topology hiding, limiting the amount of topology information displayed to external parties. For example, IP addresses of ITSPs' equipment (e.g. proxies, gateways, and application servers) can be hidden from outside parties. The device's topology hiding is provided by implementing back-to-back user agent (B2BUA) leg routing: |
|
●
|
Strips all incoming SIP Via header fields and creates a new Via value for the outgoing message. |
|
●
|
Each leg has its own Route/Record Route set. |
|
●
|
User-defined manipulation of SIP To, From, and Request-URI host names. |
|
●
|
Generates a new SIP Call-ID header value (different between legs). |
|
●
|
Changes the SIP Contact header and sets it to the device's address. |
|
●
|
Layer-3 topology hiding by modifying source IP address in the SIP IP header. |
|
■
|
SIP normalization: The device supports SIP normalization, whereby the SBC application can overcome interoperability problems between SIP user agents. This is achieved by the following: |
|
●
|
Manipulation of SIP URI user and host parts. |
|
●
|
Connection to ITSP SIP trunks on behalf of an IP-PBX - the device can register and utilize user and password to authenticate for the IP-PBX. |
|
●
|
Routing calls to alternative routes such as the PSTN. |
|
●
|
Routing calls between user agents in the local network using a dynamic database (built according to registrations of SIP user agents). |
|
●
|
IP-to-IP routing translations of SIP, UDP, TCP, TLS (when extensive transcoding is not required). |
|
●
|
Load balancing and redundancy of SIP servers. |
|
●
|
Routing according to Request-URI\Specific IP address\Proxy\FQDN. |
|
●
|
Routing between different Layer-3 networks (e.g., LAN and WAN). |
|
■
|
Load balancing\redundancy of SIP servers. |
|
■
|
SIP URI user and host name manipulations. |