Access (UNI) Scenarios

The Access, or User Network Interface (UNI), refers to the service control interface between the user devices and the transport network (core network), and connects subscribers to their immediate service provider. SBC acts as an Access SBC to protect a core/server from a range of individual devices which must communicate through the SBC to achieve connectivity and service to the core network.

As a guardian of the UNI interface, the SBC:

• Protects the internal resources of the core network (example Application Server) from malicious attacks and genuine but high traffic levels.
• Acts as B2B UA to bridge/bond the ingress/egress SIP sessions while maintaining distinct networks at the lower layers.
• Participates in authentication to ensure only approved and well behaved subscribers/UEs achieve service.
• Provides facilities for protocol repair and adaptation.
• Protects against DoS (Denial of Service attacks).
• Polices/enforces bandwidth and resource utilization.
• Facilitates NAT traversal.
• Routes UE registration request to an appropriate AS.
• Provides encryption services.

A Service Provider can use multiple SBC platforms to guard its borders against User Equipment (UE) that commonly resides in untrusted public and private networks. For a UE to access a service provider’s network, it must first meet SBC security criteria before being allowed to pass traffic through the SBC and on to the service provider network. As long as the SBC address is preconfigured on the UE, whenever a request originates from the SBC, traffic passes seamlessly through the configured SBC.

Access - (UNI) Deployment