Net-SAFE Architecture: Topology Hiding & SIP Manipulation

Topology hiding is primarily performed by the SBC’s Back-to-Back User Agent (B2BUA) function. Use of the SIP-NAT configuration object or the flexible SIP Manipulation feature provide capabilities to dynamically alter any identifying information pertaining to a customer core network in signaling messages.

SIP Manipulation rules allow the customer to check for a value in any element of any SIP message and take action if a rule matches. Actions include changing a value, deleting an element or parameter, completing a header, or adding a completely new header to the message. Requests can be rejected, and MIME types and bodies can also be manipulated. To provide further topology hiding in the SDP portion of a SIP message, the customer should enable SDP anonymization.

An example of the SIP-NAT feature used for topology hiding is available in the document “520-0005-04 BCP - SIP Access Configuration.” An example of the SIP Manipulation feature used for topology hiding is presented in Section 7 “HMR Bridging” of “520-0038-01 BCP SIP Peering Configuration”.

Configuration of SIP HMR (Header Manipulation Rules) is detailed in SIP Signaling Services” of the ACLI Configuration Guide. Configuration of SDP anonymization is detailed in “Security” of the ACLI Configuration Guide.