Introduction
Mobile Network Operators (MNOs), carriers and enterprises must virtualize Session Border Controllers (SBCs) and deploy them in the cloud to support a new generation of advanced IP communications services. By deploying cloud-based SBCs, these entities can reduce capital and operating expenses, accelerate time to market for new services and gain a new ability to scale services. Deployed at the network border, SBCs cover capabilities such as signaling and media security, service-level agreement (SLA) assurance and regulatory compliance. These capabilities ensure that voice, video and data communications sessions are controlled, managed and
protected at a carrier-grade level. This white paper will explore the benefits, challenges and core functions of cloud-based Session Border Controllers.
Session Border Controller, Defined
A session border controller is a dedicated hardware device or software application that governs the manner in which phone calls are initiated, conducted and terminated on a Voice over Internet Protocol (VoIP) network. Phone calls are referred to as sessions.
An SBC acts a router between the enterprise and carrier service, allowing only authorized sessions to pass through the connection point, or border. The SBC defines and monitors the Quality of Service (QoS) status for all sessions, ensuring that callers can communicate with each other and that emergency calls are delivered correctly and prioritized above all other calls. An SBC can also serve as a firewall for session traffic, applying its own QoS rules and identifying specific incoming threats to the communications environment. For security reasons, session border controllers are likely to be deployed on both the carrier and enterprise sides of the connection.
Session Border Controllers: Traditional Limitations
Traditional session border controllers are implemented on custom platforms or proprietary hardware. Most of these native SBCs use network processors and Digital Signal Processors (DSPs) to support firewall, media processing and transcoding functionality. Scaling is difficult and
expensive with native SBCs. Service providers configure them statically to support a prospective maximum subscriber base size, even though there is no guarantee that the network will grow to this degree. In the Session Border Controller space, standards have been in place for several years that support the separation of the signaling plane from the media plane using H.248 as the control protocol between the signaling border element and the media border element. H.248, also known as Media Gateway Control Protocol (MGCP), or Megaco, is a standard protocol for handling the signaling and session management needed during a multimedia conference. The protocol defines a means of communication between a media gateway, which converts data from the format required for a circuit-switched network to that required for a packet-switched
Cloud-Based Session Border Controllers
Cloud-based or virtualized SBCs support the same capabilities as native SBCs, but can be
deployed on standard high-volume Commercial Off-The-Shelf (COTS) servers. Cloud management platforms enable prepaid wholesale voice terminators, voice carriers / International Long
Distance (ILD), enterprise service providers and mobile / wireless operators to deploy COTS servers from different vendors and orchestrate resources to address the requirements of different applications. This flexibility allows service providers to scale and evolve their SBCs in accordance with subscriber growth, increased usage or fluctuating requirements.
The signaling function in SBCs is highly compute-intensive and is well-suited for implementation on commercial server hardware or in the cloud. Session Border Control in the cloud clearly lies at the intersection of these two important and transformative trends — cloud computing and software-defined networking — and delivers a number of compelling advantages over traditional approaches to Session Border Control.
Challenges with SBC in the Cloud
Historically, network infrastructure elements such as IP routers and Session Border Controllers have been implemented on proprietary hardware platforms. While proprietary hardware may still be the most cost-effective technology for specific types of communications functions, such as the data plane in routers or the secure media encryption / decryption function in SBCs, there is a growing realization that the software-intensive aspects of these network elements, especially the control plane functions, can be handled far more economically by commercial off-the-shelf computing power. Which is not to say that cloud-based Session Border Control is not without its complexities and challenges. Below are common areas of concern that we will examine each in their turn.
Session Border Control belongs at the edge, but the cloud is in the core of the
network.
Current SBCs leverage proprietary hardware to provide the performance and
capacity needed for compute-intensive tasks like encryption and transcoding.
How is that compatible with the commodity servers that make up the cloud?
Most current SBCs do indeed leverage proprietary hardware to accelerate tasks like encryption and transcoding. However, the general purpose processors in commodity servers are constantly improving, and the cost-efficiency advantages of specialized hardware are much smaller today than they were five years ago. Today, commodity servers are expected to support functions like large-scale secure Web access, so their Computer Processing Units (CPUs) implement specialized instructions that speed up encryption. This hardware can be leveraged very successfully to support the security functions of SBCs. Transcoding is one area where specialized hardware may still maintain a cost advantage, so this function might need to be deployed outside the cloud. Having said this, the cost gap between general purpose CPUs and specialized DSPs for
transcoding is getting smaller all the time.
Furthermore, most network operators will want to maximize the percentage of calls that can be completed without transcoding – for obvious cost reasons – so in practice, the need for any supplementary function outside the cloud to perform transcoding may be limited or even non-existent. Decoupled or distributed SBC architectures allow for the separation of transcoding from the rest of SBC function. Hence, there is no difficulty in implementing a hybrid approach whereby all SBC functionality, apart from transcoding, lives in the cloud.
SBCs typically relay media streams, but is that a function that really belongs in
the cloud?
Benefits of Implementing Cloud-Based SBCs
Below is an overview of the many benefits of implementing cloud-based Session Border Control.
Provides Security
Cloud-based SBCs ensure that only those users or devices that are permitted to use the protected core devices are able to do so.
Provides Users with Toll-Quality Quality of Experience
Cloud-based SBCs ensure that external factors, ranging from Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks, to failures of both software and hardware, do not have a significant impact on the users of the service being provided.
Enhanced Interoperability
Cloud-based SBCs increase the likelihood that any given subset of connected devices actively engaged in the same session will successfully communicate with each other using whatever signaling and media protocols they natively support.
Normalization
Cloud-based SBCs provide a fixed translation point in the network such that signaling and media traffic on the core side of the SBC conforms to a standard profile that other devices in the core can rely on.
Supports New Services
New potential revenue streams, including instant messaging, presence, Rich Communication Suite (RCS) / Rich Communication Suite-enhanced (RCS-e), and application session control all require support from the SBC.
Conclusion
Panamax Infotech Ltd.
Panamax House, Plot No. 8, Khushman Housing Society,
