2 New Features

The S-Cz10.1.0 release of the Oracle Communications Session Border Controller (SBC) software supports the following new features.

Certificate Automation

You can enable the SBC to perform key X.509 certificate related tasks automatically, including certificate renewals. These functions, based on the Certificate Management Protocol (CMP) defined within RFC 4210 and RFC 4211, make the SBC a CMP client, which interacts with a CMP server managed by a Certificate Authority (CA).

This feature requires the Certificate Management Protocol (CMP) entitlement.

See the Certificate Automation topic in the Security chapter of the Configuration Guide for more information.

Hiding Session Updates

You can configure the SBC to simplify call flows by hiding session updates that do not impact the ongoing call flow. Instead of sharing renegotiations with the opposite leg, the SBC responds locally with 200 OK for reINVITE and UPDATE renegotiations. This also ensures that SDP versions and sequence numbers (CSeq) are handled properly.

You configure this on the hsu-policy configuration element on the session-router, then apply hsu-policy to an interface, realm, or session agent.

See the Hiding Session Updates topic in the SIP Signaling Services chapter of the Configuration Guide for more information.

Continuing Calls in Failed REFER Call Transfers when Advanced Media Termination Clients send Music on Hold

In scenarios where Advanced Media Termination clients (such as Microsoft Teams) sending music on hold when referring calls, you can now configure whether the SBC ends the original call automatically when the REFER transfer fails, or lets it continue.

See the Continuing Calls in Failed REFER Call Transfers topic in the SIP Signaling Services chapter of the Configuration Guide for more information.

Custom Diameter ACR AVPs for SIP

When using diameter accounting, you can populate reserved ACR AVPs for SIP calls with SIP headers by using header manipulation rules (HMR). Previously, you could only use HMR with VSAs in RADIUS accounting.

See the Custom Diameter ACR AVPs for SIP topic in the Diameter Accounting chapter of the Accounting Guide for more information.

STIR/SHAKEN Client Updates

The STIR/SHAKEN client has been enhanced as follows:
  • In ATIS deployments, you can configure a list of scenarios for which to bypass STI-AS requests and, optionally, configure a static token to use for bypassed requests.
  • You can reject calls based on the verstat and reasonCode in the STI-VS server response for 200 OK responses in 3GPP deployments. This builds on the existing call rejection functionality.
  • You can configure the following for the STI server heartbeat mechanism:
    • You can now configure the SBC start performing heartbeat checks as soon as the STI server is configured.
    • The heartbeat check can include a dummy identity header.
    • The SBC can verify if the response to the heartbeat check contains valid JSON and specific reason codes before adding the server to the rotation.
  • You can see new statistics for calls that did not trigger STI-AS/VS requests, calls that did but received no response, and calls that bypasses STI-AS/VS.
  • You can monitor CPU usage for the curld process by using the show processes command.

See the STIR/SHAKEN Client chapter of the Configuration Guide for more information about these enhancements.

SAN/CN Validation for TLS SIP Calls

You can now configure the SBC to validate the Subject Alternative Name (SAN) and Common Name (CN) from an incoming TLS certificate against a session agent during the TLS handshake, before SIP data is exchanged, in compliance with RFC 5922, sections 7.3 and 7.4.

See the SAN/CN Validation topic in the Security chapter of the Configuration Guide for more information.

Diameter Manipulation Rule Enhancements

You can now use diameter manipulation rules to copy AVPs at different levels and within different grouped AVPs. Previously, you could only act on AVPs at the same level within the same grouped AVP.

See the Manipulating Grouped AVPs topic in the External Policy Servers chapter of the Configuration Guide for more information.

New Number-Portability-Routing-Information AVP

A new AVP, Number-Portability-Routing-Information (2024), has been introduced. This AVP contains the routing number (rn) received from a mobile number portability (MNP) request and is grouped in the IMS-Information group AVP.

See the Including Number Portability Routing Information in ACRs and CDRs topic in the Diameter Accounting chapter of the Accounting Guide.

CDR Updates for Modem Tone Detection

When modem tone detection is configured and modem tones are detected on a call, the CDR now logs the name, family, and direction of modem tones detected on the call.

See the Accounting for Modem Tone Detection topic in the Transcoding chapter of the Configuration Guide and Accounting Guide for more information.

Real Time Configuration Support for SIPREC

You no longer need to reboot the SBC to apply SIPREC configurations on the session-recording-server configuration element. This helps prevent service disruption when enabling SIPREC on active networks. It is also helpful in HA environments, where you previously had to reboot both standby and active node to apply the configuration.

See the Configuring SIPREC topic in the Selective Call Recording SIPREC chapter of the Call Monitoring Guide for more information about configuring SIPREC.

New Commands for vSBC, vSLB, and PNF Included in show support-info

The show support-info command now includes additional commands to support virtual SBCs, virtual Subscriber-Aware Load Balancers, and PNF platforms.

See the System Support Information for Troubleshooting topic in the Fault Management chapter of the Maintenance and Troubleshooting Guide for a list of all commands included in show support-info.

New Argument for backup-config

You can now use the all argument with the backup-config command to include files for LRT, media playback, fraud protection, SBC Processing Language, and Peak license data (in addition to all other backed up files).

The documentation has also been updated to include the saved argument, and to specify which arguments the standard and non-standard options apply to.

See the backup-config topic in the ACLI Reference Guide for information about the specific directories included in the backup with this new argument.

TLS for Syslog

You can now encrypt syslog messages with TLS as they flow across your network. In syslog-servers configuration element, set the transport-protocol attribute to TLS and set the tls-profile attribute to the name of the TLS profile you want to use.

System Resource Monitoring Enhancements

You can now use the Resource Monitoring feature to monitor utilization for additional resources:
  • Platform-level CPU usage and core memory utilization
  • Application-level CPU usage (for SIPD, MBCD, ATCPD)
  • Application-level file descriptor (FD) usage
  • PAC buffer usage

New statistics, alarms, and MIBs have been added to support these new resources.

See the System Resource Monitoring topic in the System Configuration chapter of the Configuration Guide and the Resource Monitor MIBs section of the Enterprise SNMP GET Requests chapter of the MIB Guide for more information.