Session border controller: Difference between revisions
imported>Howard C. Berkowitz No edit summary |
John Leach (talk | contribs) m (Text replacement - "{{subpages}}" to "{{PropDel}}<br><br>{{subpages}}") |
||
Line 1: | Line 1: | ||
{{subpages}} | {{PropDel}}<br><br>{{subpages}} | ||
A '''session border controller (SBC)''' is a [[computer network]]ing device that provide [[firewall]] and [[proxy services]] principally for [[Voice over Internet Protocol]] and other applications that make use of [[Internet Protocol Suite]] protocols with characteristics of the OSI Session Layer. This had not been a requirement, because IP-oriented session protocols, such as [[Remote Procedure Call]] (RPC), for example, tended to be client-server on a LAN but did not go outside the local, trusted network. That RPC used a variable range of UDP port numbers was not an issue for firewalls, because the traffic did not go through a firewall. | A '''session border controller (SBC)''' is a [[computer network]]ing device that provide [[firewall]] and [[proxy services]] principally for [[Voice over Internet Protocol]] and other applications that make use of [[Internet Protocol Suite]] protocols with characteristics of the OSI Session Layer. This had not been a requirement, because IP-oriented session protocols, such as [[Remote Procedure Call]] (RPC), for example, tended to be client-server on a LAN but did not go outside the local, trusted network. That RPC used a variable range of UDP port numbers was not an issue for firewalls, because the traffic did not go through a firewall. | ||
Latest revision as of 04:48, 8 April 2024
This article may be deleted soon. | ||
---|---|---|
A session border controller (SBC) is a computer networking device that provide firewall and proxy services principally for Voice over Internet Protocol and other applications that make use of Internet Protocol Suite protocols with characteristics of the OSI Session Layer. This had not been a requirement, because IP-oriented session protocols, such as Remote Procedure Call (RPC), for example, tended to be client-server on a LAN but did not go outside the local, trusted network. That RPC used a variable range of UDP port numbers was not an issue for firewalls, because the traffic did not go through a firewall. This is changing with the widespread use of Session Initiation Protocol (SIP) for VoIP, where SIP may need to traverse a firewall-like function. Conventional firewalls make assumptions about port numbers, but SIP uses a dynamic range. SIP is the dominant protocol found inside the local multimedia border, although it rapidly is becoming the outside standard. In older VoIP installations, one might find H.323 or MEGACO/MGCP. The IETF has defined the Session Peering for Multimedia Interconnect (SPEERMINT) architecture in which they can operate.[1] Between those two session termination points, depending on the particular SBC, quite a number of things can happen. There can be deep packet inspection for security or accounting. If the particular codec being used to packetize information on the inside is different than the one expected from the outside (e.g., high-bandwidth G.711 versus low-bandwidth G.729A), the SBC can convert — "transcode" -- although it is always advisable to avoid transcoding. Transcoding adds delay and may decrease quality. Encrypted voice is a problem unless the SBC is trusted to encrypt, examine plaintext, and encrypt in a new cryptosystem. An intelligent SBC, in the right topology, can considerably speed the processing of calls in the same part of the IP network, using a technique called hairpinning.[2] References
|