No Jitter is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

The Fine Art of Choosing the Right SBC

"One's philosophy is not best expressed in words; it is expressed in the choices one makes... and the choices we make are ultimately our responsibility."

-Eleanor Roosevelt

-Eleanor Roosevelt

I wear many different hats during the day, but the one that pays most of the bills is that of "The SIP Guy." While I can't take credit for coming up with SIP (that honor goes to Henning Schulzrinne and Mark Handley), I did start working with it early on and co-developed a SIP stack in the very late 1990s. Between then and now, I've written thousands of lines of Java code for a carrier-grade SIP soft switch and authored four patents on SIP-related ideas. Despite the fact that these days I talk about SIP far more than I code it, I make every attempt to stay current and in the thick of things.

As part of my SIP discussions with enterprises large and small, there is one question that nearly always comes up: "Which SBC should I buy?"

I love this question for a number of different reasons. First, it's wonderful when people are aware of the importance of an SBC. Sadly, that's not always the case.

Second, it opens the door for me to talk about all sorts of SIP-related topics. I can start with security, move to reporting, switch gears and talk about disaster recovery, ask about trunks, discuss mobility, get down in the weeds about routing, pontificate on codecs, explain the concept of network address translation (NAT), and conclude with a discussion about quality of service (QoS). Not bad for one piece in the much larger SIP puzzle.

Getting back to the original question, which SBC should you buy?

That's like asking me to pick your next vacation spot. My answer would depend on what kind of person you are and what kind of experiences make you happy. Are you the adventurous sky diving type or would you rather lie in the sun? Do you want to hike mountains or go shopping? Are you looking to pack a parka or a bikini?

Buying an SBC is exactly the same. While every SBC supports the same core set of features, the differences between models can be as great as vacationing in Las Vegas or Cancun.

To help you understand what goes through my head when I work with an enterprise shopping for "the right SBC," here is my list of attributes, concerns, must-have features, and wouldn't it be nice options.

Size Matters
It doesn't make sense to look at an SBC unless it meets your capacity requirements. Every SBC has a maximum number of simultaneous sessions it can support, and once that limit is reached, new connections will be rejected.

Ask yourself what your enterprise's requirements are today and what you expect them to be a year or two into the future. It doesn't make financial sense to buy a 96 session SBC, such as the Sonus SBC 1000, if you know you need 50 sessions today and 97 sessions next year. In fact, it may not even make sense to buy that box if you plan on only running 96 sessions. Personally, I never take anything to its stated maximum. To guarantee performance, it's always a good idea to leave a little head room at the top.

Thankfully, since SBCs start off in the tens of sessions and top off well over 100,000, there is a solution out there that will meet your size needs.

When it comes to mission critical communications, I avoid a single point of failure. Fortunately, many SBCs can be installed in high-availability configurations. This allows two SBCs to logically act as a single entity. One SBC actively processes SIP sessions while the other waits in standby mode. If the active SBC fails, the standby SBC immediately takes over. Active calls are preserved during failover and callers are completely unaware of what happened.

In addition to high availability, I look for platform resilience. By this I mean dual power supplies and multiple fans. Even better, I want them to be hot swappable.

There are cases where high availability and resiliency are not required, but I always ask the questions and make sure that my customers understand the risks of that dreaded single point of failure.

Transcoding converts one codec into another. For example, G.729 may be fine for your contact center agents, but your voice mail system might require G.711. In that case, an SBC can be deployed to manage that conversion.

Some manufacturers implement transcoding in software while others require specialized hardware. Some don't do it at all. In some SBCs, transcoding can reduce the number of active SIP sessions. It's important to factor all this into your decision process.

Real-time communications was slow to go virtual, but these days nearly every SBC manufacturer offers a virtual version of its product. It's important to know that you may not get every feature (such as transcoding) in the virtual version, and the capacity may be significantly less than its appliance-based sister or brother. However, there are many situations where those differences aren't important and a virtual SBC is the right choice.

As a geeky guy who lives for nuts-and-bolts technology, I find licensing to be quite boring. However, this is where most of the cost of an SBC lies. Different vendors license different aspects of their products, but it is safe to say that you will pay for every SIP session and most likely, all the bells and whistles that live outside rudimentary SBC functionality. For example, support for DTMF and RFC 2833/4733 come for free, but SIPREC will cost you.

Thankfully, some vendors are doing very clever things with licensing to help excite nerds like me. For instance, more and more are adopting the concept of a network pool of licenses that can move from SBC to SBC as the need arises. Some vendors also support the concept of disaster recovery licenses that only come into play during an emergency. These DR licenses are typically cheaper than day-to-day session licenses.

You cannot determine the worth of something unless you can measure it. For some enterprises, the level of reporting that an SBC provides can be the make/break decision factor.

SBC reports come in all shapes, sizes, and colors (metaphorically). Starting with call detail recording and taking it all the way to QoS measurements and attempted security breaches, SBCs can deliver enough data to make even the most spreadsheet-happy manager happy. Of course, the differences between vendors and a vendor's particular products can be significant. Determine what you need and make sure that your needs are met before falling in love with an SBC.

SIP Trunks vs. SIP Users
In addition to supporting carrier SIP trunks, an SBC can also be used to extend the reach of your network with remote SIP endpoints. Personally, I use my company's SBC for Windows PC, iPhone, and iPad soft clients. My coworkers do the same with hard phones back at their home offices.

Unlike a VPN that opens up a tunnel into an enterprise's LAN for everything on the remote device, an SBC works at an application level. This means that only SIP clients come into the corporate LAN and everything else (including viruses) stay out.

The biggest concern here is that not all SIP clients are created equal. Some vendors, like Avaya, use Web services and https along with SIP to provide a richer feature set than you can get with vanilla SIP. In this case, it is important that your SBC is able to handle these non-SIP protocols and call flows. The Avaya SBC does and is the recommended product for Avaya endpoints.

When I want to simplify an SBC for a SIP newcomer, I tell them it's essentially a firewall for SIP traffic. While that's clearly a limiting label, SBCs play a very important role in keeping the bad guys out while allowing the good guys to do their jobs.

Through deep packet inspection, anomaly detection, topology hiding, white lists, and black lists, SBCs protect an enterprise from denial of service (DoS) attacks, distributed denial of service (DDos) attacks, registration floods, spoofing, fuzzing, and a number of other malicious assaults.

You would never expose your network to the Internet without a data firewall. The same holds true when it comes to SIP. An SBC allows you to be proactive when it comes to security and communications privacy.

Miscellaneous Bells and Whistles
Last are the odds and ends concerns: Some of these, like JITC certification or SIPREC, may be the driving factors behind a purchase, while several fall into the nice-to-have category.

  • Lync survivability
  • JITC certification
  • IPV4 to IPV6 interworking
  • SIPREC and call forking
  • Network Time Protocol (NTP)
  • NAT and Firewall traversal
  • SIP adaptation
  • WebRTC gateway
  • TLS and SRTP encryption/decryption
  • SIP to H.323 interworking
  • TDM gateway
  • Debugging tools
  • Enterprise Management System (EMS)
  • Policy routing

That's all Folks
Choosing an SBC isn't as complicated as this article may lead you to believe, but neither is it a no-brainer. The important take-away is that you need to lead the discussion with your requirements and your environment. There are a lot of great SBCs out there to choose from, but like vacations, they are not all created equal. What works for me may not work for you and vice versa.

Educate yourself. Prioritize your needs. Ask questions. Only then can you choose wisely.

Andrew Prokop writes about all things unified communications on his popular blog, SIP Adventures.

Follow Andrew Prokop on Twitter and LinkedIn!


Andrew Prokop on LinkedIn