The Signaling element is the primary call signaling protection subsystem. The Signaling element is typically deployed at the edge of the network, in the DMZ. Functioning as a proxy, the Signaling element accounts for less than 2 ms of the end-to-end latency budget.

The Signaling element provides the following features:

• Inline signaling decryption and secure key management through TCP and TLS support

• Enhanced SIP validation through source limiting, policy enforcement, and DDoS detection

  • NAT/FW traversal

  • SIP network protection

  • SIP trunk and encrypted voice extranet protection

  • Protocol anomaly detection and prevention

  • SIP source limiting

  • DoS and DDoS attack detection and prevention, such as teardrop attacks and IP sweep attacks

  • Message sequence anomaly detection and prevention

  • Continuous user behavior learning

  • Bypass for all non-SIP traffic including ARP, DNS, ICMP, Simple Traversal of UDP through NAT (STUN), and Traversal Using Relay NAT (TURN)

  • Domain-based policy filtering based upon user-definable call source and destination criteria

  • Behavior anomaly detection

• Spoofing and machine-generated call detection (MCD)

• Alarm generation and incident reporting to the Avaya SBC intelligence functional element

This entity also provides the configuration information to the remote endpoints. The Signaling element uses http or https to send the Personal Profile Manager (PPM) information to the phone.