1
SIP Trunking
What is SIP Trunking?• Termination of SIP calls directly to Service Provider(s) via IP.
For Session Initiation Protocol (SIP) based IP-PBXs For legacy PBXs with a gateway to SIP.
• Benefits for the Enterprise No need to have local PSTN Gateways on the LAN. No need to pay expensive monthly fees for PRI/BRI lines Flexible growth in # of lines up to the capacity of the link
• No need to invest in more capacity in PSTN Gateways.• No need to add another BRI/PRI just to get one more line.
• Benefits for the Service Provider Able to deliver both data and voice services in same link. More services means lower churn. Compelling and competitive offering.
Ingate SIP Proxy firewall
SIP
Ingate Firewall®
Normal Firewalls
With SIP-Proxy and -Registrar
No Need to Replace your Firewall!
Ingate SIParator®
Ingate SIParator®
DMZ
SIP-enables any firewall
Ports that need to be open: -SIP Signaling port 5060 -Range of UDP/TCP ports
Normal Firewalls
SIP
SIP
Ingate takes care of the Interoperability issues
Service provider Enterprise
SIP Trunk
Ingate SIParator-or-
Ingate Firewall
Confirmed IP-PBX interoperability:
•3Com•Asterisk•Avaya•Broadsoft•Cisco Call Manager•Mitel•Pingtel•SER•Shoretel•Sphere•Swyx•More in pipeline....
SIP Connect compliant
Click herefor more
Technical details
Assumptions Return On Investment Calculations
• Customer have already a SIP compliant IP-PBX
• SIP Trunking + Ingate replaces existing PRI + PSTN Gateway Only additional - not existing PSTN Gateways – are regarded as a cost
• All figures are based on monthly cost Subscriptions are monthly fees. Investment in HW/SW are distributed over 36 months.
• Hardware and Software prices are list prices in Sweden
• The prices are converted from SEK to USD
• Subscription fees are taken from Tele2 (Swedish SP) Offers both TDM and SIP Trunking Same minute rates for calls in both TDM and SIP Trunking The call volume is not meeting the qualifying limit for free PRI.
• 1600 USD per month and PRI
• Prices and currency as of September 2006
Return On Investment 10,6 months
Return On Investment 10,6 months
Investment
PSTN Gwy Vega 50 – 8 lines 2 000 USD
Divided by
ROI example SMBExisting TDM
Internet 2 Mbit 253 USDBRI x 4 – 8 lines 165 USD
Total per month 418 USD
•8 lines with G.711, 80 Kbit/s per line•14 employees, average 64 Kbit/s Internet•Internet overcapacity, only 0,9 Mbit/s used
Replace with SIP Trunk
SIP/Data trunk 2 Mbit 253 USD
Total per month 253 USD
Monthly savings 165 USD
Monthly savings 165 USD
Investment
Ingate Firewall® 1180 900 USDSIP Trunking module 250 USDQoS module 300 USD5 extra traversals 300 USD
Total investment 1 750 USD
+ 250 USD saving on the initial investment
0If new installation!
Internet 2 Mbit/s
TDM 4 x BRI = 512 Kbit/sDedicated
TDM - Waste of Bandwidth
Nu
mb
er
of
calls
Min
Max
Bought capacity
Needed capacity
Da
ta M
bit
/s
Min
Max
•Realtime critical•Peak hour
•Data can often wait!•Often bursty traffic
Wasted bandwidth
Share of time
Share of time
TDM 4 x BRI = 512 Kbit/sDedicated
SIP and
Data Trunk 2 Mbit/s
Convergence – Optimal Bandwidth
Internet 2 Mbit/s
Lowest Peak
TDM - Waste of Bandwidth
Share of time
Share of time
SIP and
Data Trunk 2 Mbit/s
Bought capacity
Needed capacity
Convergence – Optimal Bandwidth
Nu
mb
er
of
calls
Mb
it/s
0
2
1
8
0
16
25
Flexibility to use extra capacity
Data uses free capacity with the help of QoS settings
Vo
IP Dat
a
Return On Investment 5,3 months
Return On Investment 5,3 months
Investment
2 x Cisco 2811 – 60 lines 21 290 USD
Investment
Ingate Firewall® 1450 3 390 USDSIP Trunking module 500 USDQoS module 810 USD25 extra traversals 1 400 USD
Total investment 6100 USD
Divided by
ROI example EnterpriseExisting TDM
Internet 100 Mbit/s1 1 600 USD4 x PRI – 30 lines2 1 147 USD
Total per month 2 747 USD
Replace with SIP Trunk
SIP/Data trunk 100 Mbit/s1 1 600 USD
Total per month 1 600 USD
Monthly savings 1 147 USD
Monthly savings 1 147 USD
+15 190 USD saving on the initial investment
All figures based on Swedish operator Tele 2 offering September 2006
0
Not good enough?
Please WAIT!
•550 employees, average 40 Kbit/s data•That is 22 Mbit/s for data 1) More economical with one 100 Mbit/s than 2x20
•110 lines with G.711, 80 Kbit/s per line 2) More economical with 4xPRI than 3xPRI + 10xBRI
If new installation!
0
500
1 000
1 500
2 000
2 500
3 000
3 500
4 000
4 500
5 000
110 120 130 140 150 160 170 180 190 200 210 220 230 240
Growth in number of lines
Mo
nth
ly c
ost
US
D
What about growth in lines?
SIP Trunk
TDM
All figures based on Swedish operator Tele 2 offering September 2006
WAIT!
All investments distributedover 36 month.
More Invest. ac #
Cisco 2811
2811 +30 lines
Upgrade to 45+
10 Traversals
Subscr. ac #
PRI
Internet 100 M
SIP/Data 100 M
1
4
1
1
1
1
2
5
4
6
2
6 8
7
1
9
8
2
1113
Growth this much over 3 years costs 65.845 USDmore with TDM
14
Use the SIP Trunk flexibility and QoS to handle peaks
What about line utilization?
0
5
10
15
20
25
30
35
08.0
009
.00
10.0
011
.00
12.0
013
.00
14.0
015
.00
16.0
017
.00
18.0
0
Time of day
Co
ncu
rren
t ca
lls
Needed
TDM Dim
SIP Dim
WAIT!
Allows the useof cheaper SIParator
What about branch offices?The TDM way
Centralized PRI Trunks
HQ
Service Provider
PSTN
WAIT!
The SIP Trunking way
VPN to HQ PSTN Gateways
HQ
SIP & Data trunk from each office
Exactely the capacity you need when you need it!
Single pointof failure
Heavy Load
PBX
PBX
PBX PBX PBXPBX
PBX
PBX
PBXPBX
What if.............
• You could use codecs with compression ?• You could get cheaper minutes from SIP SP ?• You could support remote users ?
Transfering x% of your mobile calls to VoIP calls• For remote users with PCs and softphone SIP clients.• For remote users with dual handsets WiFI/SIP and mobile.
• Terminating calls at the most cost effective operator Terminate calls directly in the destination country
• Global calls to local fees.
• Improve communication and collaboration with Video, IM, Precense, File sharing, Filetransfer etc
WAIT!
We have been very conservative in the ROI calculations!
What would the ROI then be ?
+81+1+33DMZ
SIP-unaware Firewall
IP-PBX
Connect to multiple Service Providers
Swedish office
Service ProviderJapan
Service ProviderFrance
Service Provider BUSA
PSTN
PSTNPSTNPSTN
IngateSIParator®
SIP TrunkingModule
Swedish Office
Service Provider AUSA
•Authentication•Least cost routing•Fail over to secondary
Authentication with Service Providers
• TLS Authentication with SP Prevent unauthorized use of your SIP Trunk
• Register the Ingate box at single user accounts Let all users use the single user account service
for outgoing calls. Useful for example as a low cost back-up “SIP Trunk”.
Call From: 603 883 6045Call From: 603 883 5003
Different Service levels for different users
DMZ
SIP-unaware FirewallIP-PBX
PSTNPSTN
IngateSIParator®
SIP TrunkingModule
Service Provider BService
Provider A
Call Center
Back Office
603 883 6000 to 603 883 6900Numbers: 603 883 5000 to 603 883 5040
Call to: +1-972-678-0464
ENUM
Call to: +1-603 883 6569DMZSIP-unaware
FirewallIP-PBX
PSTN
IngateSIParator®
SIP TrunkingModule
IP-clients and IP-PBXs +1-972-678-0464
+1-603 883 6569SIP: [email protected]
ENUM
Any entry for:4.6.4.0.8.7.6.2.7.9.1.e164.arpa ?
Yes:[email protected] No !
Service Provider
Any entry for:9.6.5.6.3.8.8.3.0.6.1.e164.arpa ?
ENUM emulates the DNS hierarchy by reversing the phone number including the country code with a dot between each digit and adding “e164.arpa” as the top domain. x.x.x.x.x.x.x.x.e164.arpa
Top domain for US is 1.e164.arpa
Now you dare to connect over Internet
• The basic architecture of all Ingate products is an enterprise firewall.
• SIP specific Security features includes Topology hiding of private IP addresses information Validation of the SIP signalling with strict SIP parser
• Prevents admission of malformed and possibly malicious packets Dynamically open media ports
• Only for the duration of the session• Only between the parties of the call
Termination, transcoding and pass-through of TLS (signaling) and SRTP (media)
• To encrypt some or all sessions to insure privacy. Extensive SIP filtering Extensive SIP logging
The Ingate family
Firewall® 1180&
SIParator® 18
Firewall® 1900&
SIParator® 90
30 Calls*30 Mbit/s
Firewall® 1450&
SIParator®45
Firewall® 1450+&
SIParator®45+
150 Calls*120 Mbit/s
240 Calls*310 Mbit/s
1 500 Calls*2 600 Mbit/s
Possible to
SW upgrade500 Calls*385 Mbit/s
Firewall® 1600&
SIParator® 60
*) Calls = Concurrent RTP Sessions
The function of Ingate SIP ProxyIngate SIP Proxy
SIP Proxy/Registrar
SIP Signaling 10.x.xx168.x.xx
1.Check the SIP signaling, packet inspection-Full flexibility to handle future threats
2.Rewrite for the different address spaces
3.Forward the signaling to the correct SIP proxy or client
4.Open ports (UDP/TCP) in the firewall for the media-Only for the duration of the call
-Only between the exact endpoints 5.Media flows through the ports
Media
6.Close ports after the call
Ingate SIP Trunking module solves this problem !What if the Service Provider can’t handle domains ?
Most Service Providers can’t handle domain names
IP-PBX
Ingate SIParator®
PSTN Gwy
Service Provider
PSTN
IP 10.500.10.13 IP 168.105.45.19
IP 168.203.30.11DMZ
603-883-6569
IP 10.200.10.16
withSIP Trunking Module [email protected] 10.200.10.16
972-678-0464 SIP-unaware Firewall
With domain name, no problem !Can only address the known public IP-address of the SIParator.
Rewrites the domain part
DNS record pbx.ingate.com resolves to IP 168.105.45.19
DNS overridepbx.ingate.com 10.200.10.16
WithoutSupport for OPWithSupport for OP
[email protected] Default Gwy: 10.500.10.11 Outb. Proxy: -
[email protected] Default Gwy: 10.500.10.11 Outb. Proxy: -
[email protected] Default Gwy: 10.500.10.11 Outb. Proxy: 10.500.10.13
603-883-6569
Many IP-PBXs can’t handle outbound Proxy
SIP-unaware Firewall
IP-PBX
Ingate SIParator®
PSTN Gwy
Service Provider
PSTN
IP 10.200.10.16
Outbound ProxyIP 10.500.10.13 IP 168.105.45.19
IP 168.203.30.11DMZ
Default GatewayIP 10.200.10.11
with
IP-packets to destinations outside the logical network is sent to the Default Gateway for routing.
Outbound Proxy is the equivalence to Default Gateway, but for SIP.
972-678-0464
SIP Trunking Module
Configure IP-PBX to ”pretend” that Ingate is the Service Provider
Rewrites the domain part
Click hereto go back
Top Related