Acme Packet’s multiservice security gateway (MSG), the Net-Net Security Gateway (SG), enables fixed-mobile substitution (FMS) and convergence (FMC) by securing the delivery of voice and data services over untrusted Internet and WiFi networks to femtocells and dual-mode endpoints. The Net-Net SG configuration is supported on our hardware platforms—the Net-Net 4000 and 9000 series systems, and the Net-Net 4000 ATCA blade. It leverages our Net-Net OS software platform to offer industry-leading security gateway capabilities in terms of architectural flexibility, capacity, performance, functionality, carrier-class availability and manageability.
MSG architectural flexibility - The Net-Net SG supports two distinct functions for securing voice and data services using IPsec tunnels over untrusted networks:
3GPP I-WLAN Tunnel Terminating Gateway (TTG) - for securing SIP interactive communications and packet data services
3GPP UMA Security Gateway (SeGW) - for securing GSM voice services and packet data services
Integrated, industry-leading SBC functionality - Acme Packet’s industry-leading SBC functionality can be integrated with the I-WLAN TTG, speeding time to service via proven interoperability while minimizing capital and operating expenses. Acme Packet supplies unparalleled control for real-time interactive SIP-based voice, video and multimedia sessions in five areas—security, service reach maximization, SLA assurance, revenue and cost optimization, and regulatory compliance.
Industry-leading IPsec tunnel system capacity and density - Three platforms scale from 128 thousand to 1 million tunnels per system. These platforms support up to 256 thousand tunnels per rack unit and over 12 million tunnels per 7-foot telco rack in high availability system configurations, minimizing capital and operating expenses.
High performance IPsec processing architecture - Two levels of hardware acceleration enable extremely fast IPsec tunnel set-up and wire speed IPsec traffic encryption/decryption without impacting traffic forwarding performance or, in integrated SBC configurations, SIP signaling and media control.
Integrated, hardware-software-based DoS/DDoS protection - Dynamic self-protection defends the Net-Net SG against layer 3 / 4 and IPsec-related attacks and overloads.
Carrier-class high availability (HA) – Check-pointing of Internet Key Exchange (IKE) security associations, as well as the maintenance of tunnel and configuration state ensures transparent, “hitless” failover for uninterrupted service.
Virtualized MSG and SBC functions – Supports multiple, separate logical I-WLAN TTG and UMA SeGW functions within a single physical system; virtualization enables service providers to use a single system to support multiple services—I-WLAN and UMA, residential and enterprise, retail and wholesale, or multiple mobile virtual network operator (MVNO) customers—minimizing capital and operating expenses.
Management – Acme Packet Net-Net EMS, CLI, telnet, FTP, XML, RADIUS, SNMP and syslog
MSG functions and features
京公網(wǎng)安備 11010502049343號