Introduce SIP into the Operator Network with NO PainDavid Aviv, Vice-President, Advanced Services, Radware

3

Today’s Agenda

• The Role of SIP ADC• Scale the SIP Applications Tier• Scale the Border Tier• Scale and simplify the Core

4

The Need for SIP ADC

• The NG environment is heterogeneous & diversified – solutions do not

come “out-of-box”

• Carriers often require rapid deployment of new services to be successful

SIP ADC is required to ensure reliable, scalable, fast and secure deployment (as is needed for web applications)

SIP ADC factors out these capabilities to one SIP-enabled network component, simplifying the architecture, operations and development

5

The Role of SIP Application Delivery Controller (ADC)

PSTN

Internet

SP Cloud

SIP ADC

6

ITU-OCAF Recommendation for Load-Balancing of SIP-aware Devices

OCAF – Open Communication Architecture ForumCGOE – Carrier Grade Open Environment (Rec. Y.CGOE)

SIP ADC

7

What is a SIP ADC ?

IP level LB

Security (Hardening)

Acceleration

SIP Stateless Proxy

Rule-Based Configuration

SIP level LB

ClassicADC

8

What Does SIP ADC Factor Out?

IP level LB

Security (Hardening)

Acceleration

SIP Stateless Proxy

Rule-Based Configuration

SIP level LB

• TLS/TCP offload• TCP proxy: - Connection mgmt: aliasing, reuse - Splitting/multiplexing

• Connection Access Control• SIP attack anomalies• SIP vulnerabilities

• SIP multi-parameter persistency (conditions-based) for in/outbound calls • SIP level health monitoring

• Header modifications• Rule based routing• Transport conversion• Global service virtualization• NAT/FW traversal

•‘Out-of-the-box’ configurable capabilities for scalable, fast reliable implementation• Simplified installation and/or integration

9

Role of ADC in the Pre-IMS/IMS Architecture

SIP ADC

SIP ADCSIP ADC

SIP ADC

SIP ADC

Example 1

Example 3

Example 2

10

Ex 1: Scale the SIP Application Tier

SIP based Application 1 Farm

SIP based Application 2 Farm

Farm 1VIP

Farm 2VIPSIP Level

HMM

Invite App 1

Invite App 2

0-Minute DDoS& Anomalies

SIP LevelFloods , Anomalies & Vulnerabilities

IP level LB

Security (Hardening)

Acceleration

SIP Stateless Proxy

Rule-based Configuration

SIP level LB

Multi-Parameter Persistency(conditions-based) - For ingress/egress calls - Application specific

SIP ADC

11

Ex 2: SIP Border Bottlenecks

UDP

G.711

IP

TCP

G.723

TLS

G.729

IP IPBX - SIP Trunking

SBC Farm

New requirements at the network border lead to a new eco’-system

G.711

G.723

G.729

G.711

G.723

G.729

G.711

G.723

G.729

SIP Peering

SBC Overloaded: - SBC Cluster LB - TLS/TCP/UDP Conversion - Real-time X-Coding, call distribution changes ROI/Usage Issues - Need dynamic resource usage adaptation - Need ‘pay as you grow’ model

12

UDP

G.711

IP

TCP

G.723

TLS

G.729

IPSIP Peering IPBX - SIP

Trunking

SBC Farm

Real-Time X-coding farm

B2BUA HMM Resources Monitoring

On-demandcodecs

G.711

G.723

G.729

SBC Farm offloaded- Common codec - Transcoding

G.711 G.711 G.711

0-Minute DDoS& Anomalies

Scale the Border: On-demand Resources

Network Public Peering/Trunking Addresses

SIP ADC

FarmVIP

13

The Role of SIP ADC @ the Border – Call Flows

UDP

G.711

IP

TCP

G.723

TLS

G.729

IPSIP Peering IPBX - SIP

Trunking

SBC Farm

Real-Time X-coding farm

B2BUA

FarmVIP

G.711 G.711 G.711G.711

G.723

G.729

Invite G723

Invite G711

Invite G711,G723,G729

Invite G711/TLS

Load balance the SBC resources - TLS/UDP conversion

For outbound calls - Offer additional codecs upon DTG, SDP,…

Redirect to external codec pools

Scales as higher numbers of calls require: X-Coding, Transport conversion

SIP ADC

FarmVIP

14

Ex 3: Scale and Simplify The Core Example for Outbound Call Flows (Off-Net)

PSTNSBC IAD

302 Redirect to list:1,2,3

Re-Invite to 1

400 BusyRe-Invite to 2

Media (RTP)

B2BUA or Proxy

C5 C4 RouteEngine

TGW

Soft Switch

TDM

Invite

SIP SLB

Original flow

200 OK

SIP ADC

FarmVIP’s