Product specifications
Dialogic® BorderNet™ 4000 SBC Product Description Document
24
IPsec Encapsulating Security Payload (ESP). In the ESP mode, IP packets are encrypted.
The BorderNet 4000 SBC also supports manual keying as well as IKE v1 and IKE v2.
The BorderNet 4000 SBC IPsec implementation is highly scalable and leverages built-in
hardware encryption network processors included with the Network Interface Cards (NIC).
TLS Support
The BorderNet 4000 SBC supports Transport Layer Security (TLS) for securing SIP signaling
messages.
Malicious Behavior Handling
The BorderNet 4000 SBC checks all signaling messages and protects against malicious
behavior by a peer, including:
• High rate of invalid packets
• High message rate
• High call/session establishment rate
If the behavior persists, an alarm is generated and the peer is dynamically black-listed.
Call Admission Control (Session Constraints)
Call Admission Control protects the infrastructure against excessive traffic from remote
entities in real time. The BorderNet 4000 SBC implements Call Admission Control by:
• limiting call attempts per second
• limiting total media bandwidth (in kbps)
• limiting the number of concurrent sessions per customer or per supplier or vendor
These limits are set at peer level to control a single IP address or a group of IP addresses.
Note: The BorderNet 4000 SBC limits the total number of call attempts per second that are
sent to other networks. This protects the soft switch and other core components from
congestion.
Calls can also be manually disconnected through the BorderNet 4000 SBC WebUI.
HTTP Security
The BorderNet 4000 SBC supports integrated web-based management, uses TLS for secure
communication, and supports advanced user management and advanced authentication.
Only authorized client requests from pre-configured addresses in the ACL are allowed to
manage the BorderNet 4000 SBC via HTTP. Unauthorized packets are dropped.