DC-SBC Architecture

Home » Products » Networking Protocols » Products » VoIP/IMS Solutions » DC-SBC » Product Architecture
NETWORKING PROTOCOLS
Products
Solutions
Resources
Data Connection Difference

The simplified block diagram below shows the basic software architecture of DC-SBC, Data Connection's Session Border Controller.

DC-SBC - architecture and interfaces

For an overview of Data Connection's Session Border Controller software and its features, see DC-SBC Product Overview.


Components

As described in Introduction to Session Border Controllers, a Session Border Controller is divided into two logically distinct components. In the above architecture diagram, the components shown within the shaded boxes form the core portable Session Border Controller components.

DC-SIG

DC-SIG is a VoIP signaling-aware entity that performs Call Admission Control (CAC) and Denial of Service (DoS) detection and prevention on all calls being signaled into the network. It uses an extensible policy engine to decide whether particular calls should be admitted, and communicates with DC-MEDIA to reserve network resources for admitted calls, and to open pinholes for the call media in the firewall.

DC-MEDIA

DC-MEDIA is a firewall, NAT and media proxy. Its function is to take untrusted media flows from an external network, condition and police them, and forward them into an internal network. It is controlled by DC-SIG. It guarantees network resources for the media of authorized calls, prevents unauthorized media from gaining access to the network, and performs per-call traffic conditioning and policing to ensure that the resources consumed by any particular call do not exceed the limits imposed by DC-SIG.


Distribution

Data Connection's Session Border Controller architecture is highly flexible. The DC-SIG and DC-MEDIA components may be deployed on the same machine (which is referred to as a single-box SBC) or distributed across separate machines (a dual-box SBC). In addition each component may be deployed across multiple line cards or processors in a single system.

Single-box Session Border Controllers are less complex, easier to make, and easier to configure and deploy, but less scalable than dual-box Session Border Controllers. Dual-box Session Border Controllers have the advantage that a single SBC-SIG box can manage multiple SBC-MEDIA boxes, but this diminishes the effectiveness with which the SBC-SIG can defend against DoS attacks and other spikes in network activity.

For more details of single- and dual-box Session Border Controller deployments, refer to Data Connection's Session Border Controller White Paper.


Related links:

   

For more information about Data Connection's Session Border Controller product and expertise contact dcsbc@dataconnection.com.