today announced its solutions for the fixed-mobile convergence (FMC) security gateway market with the introduction of its Net-Net Multiservice Security Gateway (MSG). The Net-Net MSG securely wires subscribers to their mobile voice and data services over untrusted hybrid wireline/wireless access networks using IPsec tunnels. It is configurable as a standalone product to fulfill the requirements of a 3GPP UMA Security Gateway (SeGW) and a 3GPP I-WLAN Tunnel Terminating Gateway (TTG). It is also available as a tightly integrated solution when combined with Acme Packet’s industry leading Net-Net® session border controller (SBC). Additionally, Acme Packet introduced its third hardware platform, the Net-Net 4000 ATCA (Advanced Telecommunications Computing Architecture) blade, for integrating industry-leading SBC and MSG functionality in the ATCA chassis of wireless system vendors.

Acme Packet’s new carrier-class Net-Net MSGs are designed to:

• Enable wireless service providers to maximize revenues and minimize costs by accelerating fixed-mobile substitution and by enabling service and core network convergence.
• Extend service reach to wireless endpoints over untrusted networks—femtocell/WLAN access networks and Internet backhaul.
• Provide the secure bridge to rich, interactive, multimedia IMS and SIP-based applications accessed over both wireless and fixed networks by mobile, residential and enterprise subscribers.

The business goals of wireless service providers to maximize revenues and reduce costs are driving them to use IP in the delivery of all services in both their access and core networks. Fixed-mobile substitution (FMS)—making the wireless phone the only phone—is well underway. However, poor radio coverage in many geographic areas and inside buildings has limited this substitution. Femtocell and WiFi access points increase radio coverage and reduce costs by tunneling mobile endpoint traffic across untrusted hybrid wireless and Internet broadband networks. FMC and the deployment of all-IP 4G radio access networks (RANs) will ultimately reduce costs by leveraging a single IP-based service infrastructure for all voice and data services.

In the interim, there are additional revenue opportunities by delivering enhanced SIP-based services over today’s 3G RANs. These include video sharing, video calling, push-to-talk, home monitoring, instant messaging, multimedia collaboration, white-boarding, international toll bypass and others. The delivery of SIP-based interactive communication (IC) services over fixed and mobile, trusted and untrusted networks has proven to require carrier-class, feature-rich session border controllers. Service delivery over untrusted networks will additionally require carrier-class, high-capacity, high-performance security gateways.

“Wireless service providers are rapidly embracing ways to accelerate fixed-mobile substitution and fixed-mobile convergence in an effort to create new revenue streams, grow subscriber bases and cut costs,” said Joe McGarvey, Principal Analyst with Current Analysis. “To facilitate this strategy, wireless providers will be deploying 3GPP UMA and I-WLAN architectures to support dual mode handsets and femtocells to extend wireless coverage and services in the home and workplace. Acme Packet's Net-Net MSG introduction is well-timed. Combined with its proven session border control capabilities, Acme Packet has the right solutions to enable this endeavor.”

“With the introduction of the Net-Net MSG, Acme Packet is building upon its success in satisfying the requirements of tier one service providers delivering both fixed-line and wireless SIP services,” said Seamus Hourihan, vice president of marketing and product management at Acme Packet. “Our Net-Net MSG is a flexible, high-capacity, high-performance security gateway and, with our integrated SBC functionality, enables the delivery of SIP/IMS services today and in the future.”

Acme Packet Net-Net Multiservice Security Gateway advantages

Acme Packet’s Net-Net Multiservice Security Gateway features several, significant technical advantages that maximize system capacity and performance, ensure non-stop service availability, enable flexible deployment options and minimize costs.

Industry-leading IPsec tunnel system capacity and density

Net-Net MSG configurations are supported on three platforms which scale from 128,000 to 1 million tunnels per system. These platforms support up to 256K tunnels per rack unit and over 12 million tunnels per 7 foot telco rack in high availability system configurations, minimizing capital and operating expenses.

High performance IPsec processing architecture

Two-levels of hardware acceleration enable extremely fast IPsec tunnel set-up and wirespeed IPsec traffic encryption/decryption without impacting SIP signaling or media control, or traffic forwarding performance.

Integrated, hardware-software-based DoS/DDoS protection

Acme Packet’s proven SIP session and layer 3 / 4 protection capabilities in large tier 1 access SBC deployments have been extended to defend against IPsec-related attacks and control overloads.

Carrier-class high availability (HA) support

Acme Packet’s proven, stateful HA capabilities have been extended to support transparent, “hitless” failover for IPsec’s IKE Security Associations and tunnels to ensure uninterrupted service.

Virtualized MSG and SBC functions

Acme Packet’s proven, SBC virtualization capabilities have been extended to support multiple, separate logical I-WLAN TTG and UMA SeGW functions within a single physical system. Virtualization enables service providers to use a single system to support multiple services—I-WLAN and UMA, residential and enterprise, retail and wholesale, or multiple mobile virtual network operator (MVNO) customers—minimizing capital and operating expenses.

Integrated, industry-leading SBC functionality

Acme Packet’s industry-leading SBC functionality can be integrated with the I-WLAN TTG function, speeding time to service via proven interoperability and minimizing capital and operating expenses. Acme Packet supplies unparalleled control for real-time interactive SIP-based voice, video and multimedia sessions in five areas—security, service reach maximization, SLA assurance, revenue and cost optimization and regulatory compliance.

The function and feature richness of Acme Packet’s Net-Net MSGs is detailed in the table below. Both Net-Net MSG only configurations and the integrated TTG-SBC configuration are supported on the existing Net-Net 4000 and 9000 series systems and the new Net-Net 4000 ATCA blade.

Acme Packet Net-Net 4000 ATCA blade

Acme Packet’s Net-Net 4000 ATCA blade is designed to be easily integrated by wireless and wireline communication systems vendors into their ATCA chassis. The blade consisting of an ATCA front card and rear transition module is purpose-built hardware and uses a design based upon the most widely deployed SBC, Acme Packet’s Net-Net 4000, that has been upgraded with the latest processing and memory components including IPsec hardware acceleration modules. The blade supports all SBC and MSG functions and features available in Acme Packet’s Net-Net OS to provide the critical controls for delivering trusted, first class services.

Acme Packet will be attending Mobile World Congress 2008 in Barcelona, Spain from February 11 - 14, 2008, in Hall 4, Level 7, Room HS31. Service providers and wireless infrastructure system vendors who are interested in understanding these new products in more detail should contact Mike Tate, This e-mail address is being protected from spam bots, you need JavaScript enabled to view it , mobile number +33 (0)6 12 54 66 60 to set up a meeting.

Acme Packet Multiservice Security Gateway functions and features

Information Source:    BUSINESS WIRE