Transcript Slide 1

TM
Mediant 1000
Multi Service Business Gateway
Product Presentation
May 2009
© 2006 AudioCodes Ltd.
All rights reserved.
AudioCodes Confidential Proprietary
Presentation Topics
MSBG Concept
Mediant 1000 MSBG
System Overview
MSBG Functionality
and Features
Presentation Topics
MSBG Concept
Mediant 1000 MSBG
System Overview
MSBG Functionality
and Features
Today’s Converged Small-Medium Enterprise
PBX
Corporate
LAN
WAN
Router
PSTN
Firewall
SBC
WAN Access
VoIP
Gateway
Multiple Vendors to deal with
Collection of
Devices
Cumbersome IT staff training
Separate Management methodologies
No distinct demarcation point
High CAPEX
High OPEX
The Solution:
Multi-Service Business Gateway
PBX
Corporate
LAN
WAN
SBC
Router
Firewall
Access
Media
Gateway
3rd Party IP-PBX
on OSN
IP PBX
Corporate
LAN
WAN
AudioCodes MSBG Offer
• Leverages AudioCodes best of bread Media Gateway technology
• Implement Session Border Controller (SBC) based on AudioCodes SBC
technology
• Add full-featured Enterprise-Class LAN Switching, Routing, Advanced QoS,
Firewall and WAN access
• Embedded integration of 3rd party IP-PBX hosted applications
• Enhanced Media Processing functionality
Presentation Topics
MSBG Concept
Mediant 1000 MSBG
System Overview
MSBG Functionality
and Features
Field Proven Design and
Functionality
• Mediant 1000 MSBG inherited the field proven design
of the Mediant 1000
• Reuse of Hardware and Media Gateway software
stack
Mediant 1000 MSBG – Front View (1)
• Scalable and cost-effective , 1U (“pizza-box”) chassis
• All voice modules are hot swappable
• Up to 6 I/O modules for analog and digital PSTN interfaces
• Supports 1, 2, or 4 E1/T1/J1 trunk spans
• Up to 24 analog ports FXS/FXO, each module with up to 4 ports and
up to 6 analog modules
• Up to 20 BRI ports, each module with 4 ports per module, and up to 5
modules per chassis
Hardware Profile – Front View (2)
• Single or Dual AC Power Supply
• CRMX Module with Dual Processors
• Media Processing Modules for IP2IP and Conferencing off loading
Mediant 1000 MSBG – Rear View (1)
• Open Solution Network (OSN) Server for 3rd Party solutions
• Hard Disk
CRMX Module
• The Mediant 1000 MSBG introduces a new RMX module
• Dual Processors
– Processor for Data Networking
– Processor for VoIP services
– Dual processors design is optimized
for best performance
• 3 port 10/100/1000Base-T LAN Switch
• Integrated Mezzanine for various WAN
access interfaces
LAN
Switch
– 10/100/1000Base-T Copper
– Roadmap: 1000BaseSX/LX, T1 and ADSL2+ and SHDSL
WAN
Access
Presentation Topics
MSBG Concept
Mediant 1000 MSBG
System Overview
MSBG Functionality
and Features
MSBG Functionality
LAN
Switching
Data
Routing
Data
Security
MSBG
Media
Gateway
VoIP
SAS
SBC
MSBG Data Functionality
LAN
Switching
Data
Routing
Data
Security
MSBG
Media
Gateway
VoIP
SAS
SBC
MSBG LAN Switching Functionality
•
CRMX supports on-board 3 10/100/1000Base-T LAN switch ports with nonblocking switching performance
•
Port-based VLANs supporting 802.1Q
access and trunk ports
•
Supports 802.1p/ToS/Diffserve QoS
•
High performance lookup engine with support for up to
1024 MAC addresses
MSBG Routing Functionality
•
– OSPFv2 – RFC 2328
Dynamic Host Configuration Protocol
– BGPv4 – RFC 1771, RFC 2858
– DHCP server, DHCP Relay and DHCP
– BGP Extended Community
Client
Attribute for BGP/MPLS VPNs
– DHCP Server supports fixed binding of
– Policy-based Routing (e.g. DSCP-
IP to MAC address
•
based, BGP Policy Routing)
Multiple IP interfaces for LAN/WAN
routing
– IP interfaces assignment to different
VLANs
•
Routing
– Static Routing
– RIPv1 – RFC 1058
– RIPv2 – RFC 2453
•
Network Address translation
•
WAN access via PPPoE, PPTP,
L2TP, DHCP
MSBG Quality of Service Architecture
The
INTERNET
The
ACCESS
The
MSBG
The
LAN
SIP
Server
PBX
Web
Server
Internet
Email
Server
Access
Network
MSBG
Other
CE
802.1p Prioritization
Diffserv – MAC, IP, DSCP/ToS, port and application-based Classification, Marking and Queuing
Traffic Shaping
WAN Rate Limiting
TCP Serialization Reduction
BW Reservation
Class-Based Queuing (CBQ) for VoIP
Prioritization over Data
LAN
WAN
MSBG allows dynamic BW allocation with
automatic ALG SIP VoIP classification and Priority
while keeping WAN fully utilized
WAN Link Throughput
1
Data traffic
consumes
WAN
fractionally
4
2
Data
traffic may
consume
more BW,
while
being
shaped by
MSBG at
MAX WAN
Link
throughput
3
MSBG
polices
Data
traffic due
to higher
priority
VoIP
VoIP
sessions
terminates
freeing
the WAN
for Data
traffic
VoIP
BW is
guaranteed
MSBG Data Security Architecture
The
INTERNET
The
ACCESS
The
MSBG
The
LAN
VPN
Teleworker
Web
Server
Internet
MSBG
Email
Server
SME/SMB
VPN
Router
Other
CE
SPI F.W with ALG
Port Forwarding and DMZ support
for Intranet Servers/Hosts
Web Site Restriction
NAPT/NAT Services
VPN – Site-to-Site(IPSec), Teleworker VPN(PPTP, L2TP, IPSec)
Application Level Gateway (ALG)
•
ALG allows Application Recognition intelligence to feed F.W and QoS functions
for optimized, configuration-free performance:
•
FTP
•
MIRC
•
ICMP
•
AOL IM
•
SQLNet
•
ICQ
•
NETBios
•
Net2Phone
•
TFTP
•
MSFT IM
•
DNS
•
Windows messenger
•
Video
•
Yahoo IM
•
IPSec ESP (IPsec client )
•
IKE
•
Skype
•
–
Quick Time, Real Player
–
H.323
–
Net Meeting
SIP
MSBG Functionality
LAN
Switching
Data
Routing
Data
Security
MSBG
Media
Gateway
VoIP
SAS
SBC
MSBG SIP Media Gateway (1)
•
Uses Mediant 1000 most advanced and mature SIP implementation
•
Latest SIP version, RFC 3261 and IETF drafts
•
RTP and SRTP (with SDP Security – RFC 4568)
•
Lifeline switching in case of power failure and optional PSTN fallback or
alternative routing in case of network failure
– On Analog and Digital interfaces
•
Supports optional Media Processing Module
– Up to 20 conference legs
– Recording, playing and tone detection
AudioCodes SAS
• Continuous VoIP service for IP phones, IP-Centrex and
distributed IP-PBX networks
PSTN
1
4
Enterprise
LAN
2
WAN IP
Network
3
SIP Signaling
Soft Switch Health SIP Check
IP2IP Calls in Emergency Mode
IP to PSTN Calls in Emergency Mode
Soft Switch/
IP-PBX
AudioCodes MSBG SBC (1)
• The MSBG SBC is an intermediate SIP session
controlling entity focused on SME/SMB requirements
• MSBG SBC works in a B2BUA mode
• Controlling SIP Services between Enterprise LAN and
SP WAN networks
• Used for connecting different SIP applications\IP-PBXs
SBC
AudioCodes MSBG SBC (2)
• MSBG SBC Features:
Transcoding and
Mediation
Admission Control
SIP Normalization
NAT Traversal
Survivability
Topology Hiding
DoS Protection
VoIP SPI Firewall
SIP Routing
NAT Traversal (1)
• Basic NAT Traversal (e.g. ITSPs with Globally Unique IP)
– Allowing LAN to WAN VoIP Signaling and Bearer by using two independent
legs
VoIP
VPN
Enterprise
LAN
TDM Transport
MPLS VPN
Backbone
ITSP
Soft Switch
IP PBX
SIP Trunk
NAT Traversal (2)
• Far End Users (FEU) and UA behind a NAT in the WAN
– Managing dynamic DB according to FEU Registrations
– Maintaining remote NAT binding state, by setting frequent
Registration refreshments
• Offloading FEU refresh Registrations from the LAN IP PBX
– First Incoming RTP Packet is used to
overcome bearer NAT Traversal
Enterprise
NAT
1
3
Enterprise
LAN
2
Enterprise
VPN
MPLS VPN
Backbone
FEU registers in MSBG DB
Offloading FAU Registrations from IP PBX
IP PBX
NAT Binding Refresh
FEU
VOIP Firewall and security
• Layer 3 firewall – out of the Data/Routing functionality of the MSBG
• SIP Signaling
– Deep and stateful packet inspection of all SIP Signaling packets
– Each SIP dialog initiation may be accepted\ rejected according to the
values of the incoming SIP message and other layer 3 characteristics
• SIP TLS provides for Authentication as well
– Packets not belonging to a valid SIP dialog are discarded
• RTP
–
–
–
–
Opening pin holes according to offer answer negotiation
Deep packet inspection of all RTP packets
Late rouge detection
Broken connection
• Black / White lists – for both Layer 3 FW and SIP Classification