AVAYA DOCUMENTATION CENTER
Find answers to your technical questions and learn how to use our products
Avaya Session Border Controller Overview and Specification
Deployment modes
Avaya SBC devices can be deployed with or without Transport Layer Security (TLS) or Secure Real-Time Transport Protocol (SRTP) encryption.
Regardless of the deployment scenario, Avaya SBC offers complete flexibility and intuitive configuration. These products do not require any management on the endpoints in addition to what is necessary to enable TLS, SRTP, and digest authentication.
Two-wire deployment
The two-wire topology, also referred to as inline, is the simplest and most basic deployment. Avaya SBC is positioned at the edge of the network in the DMZ. Avaya SBC is directly inline with the call servers, and protects the enterprise network against all inadvertent and malicious intrusions and attacks.
In this configuration, the Avaya SBC performs border access control functionality such as internal and external Firewall or Network Address Translation (FW/NAT) traversal, access management and control. These functions are based on domain policies that the user can configure, and intrusion functionality to protect against DoS, spoofing, stealth attacks, and voice SPAM.
The two-wire Avaya SBC deployment enables TLS encryption of the signaling traffic and SRTP encryption of the media traffic.
One-wire deployment
With the one-wire deployment, also referred to as the screened subnet, the Avaya SBC is deployed in the enterprise DMZ, but not directly inline with the enterprise call servers. The Avaya SBC is in the direct signaling path, uses a single Ethernet interface, and is the next hop for SIP traffic.
