Cisco Unified Border Element Version 14 Data Sheet

Data Sheet

Available Languages

Download Options

  • PDF     (463.3 KB)
    View with Adobe Reader on a variety of devices
Updated:July 6, 2022

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Available Languages

Download Options

  • PDF     (463.3 KB)
    View with Adobe Reader on a variety of devices
Updated:July 6, 2022
 

 

Product overview

Part of the Cisco® Collaboration Edge Architecture, Cisco Unified Border Element (CUBE) version 14 is an enterprise-class Session Border Controller (SBC) solution that makes it possible to connect and interwork large, midsize, and small business unified communications networks with public and private IP communication services.

As a licensed feature set of Cisco IOS® XE Software, CUBE has a wide range of capabilities that may be used to secure, monitor, and maintain business-critical connections and to ensure compliance with industry standards. Collectively, CUBE features provide exceptional flexibility when architecting highly available enterprise communications networks that save money and offer richer voice and video collaboration experiences to users.

Comprehensive interworking

As voice, video, and mobile communications systems converge to form more cost-effective, integrated collaboration solutions, the need to interwork diverse networks based on various protocols and security requirements increases. The CUBE SBC serves a critical role in linking these networks and provides a seamless experience for voice and video users.

CUBE is especially suited to facilitating:

      PSTN interconnect using Internet service provider SIP trunks, which allow rapid service delivery and the possibility of capacity pooling across locations.

      Migration from TDM to SIP public telephony trunk services. As a number of Cisco routers allow the concurrent use of voice gateway and CUBE features, a phased trunk migration is possible without requiring changes to the enterprise call control platform.

      Certified connection to Cisco and third-party cloud collaboration services, including Cisco Webex® Cloud Connected Audio (CCA and CCA-SP), Webex Calling Local Gateway, Cisco Hosted Collaboration Solution (HCS) and Direct Routing for Microsoft Phone System (Microsoft Teams), with normalization to customer collaboration systems. CUBE supports high-capacity SIP media connectivity to the Cisco Webex cloud to replace expensive TDM audio connections to conferencing services.

      Business-to-business voice and video system interconnect.

      Multi-tenant solutions that require customer-dedicated SIP trunks on a common platform.

      Codec interworking through the control of midcall codec renegotiation or transcoding.

Note:      Cisco Unified Communications Manager customers requiring business-to-business video features should use Cisco Expressway.

As CUBE terminates and re-originates signaling and media traffic, it is able to provide a secure demarcation between internal and external services, while interworking signaling protocols and encoded media streams between them. Further, CUBE provides a rich set of flexible session control features to secure and route traffic to different destinations and to apply policing and Quality-of-Service (QoS) policies.

Certain CUBE features may also be used with Cisco Communications Manager Express (CME) and Unified Survivable Remote Site Telephony (SRST) applications to connect with SIP trunk services.

Security and compliance

As networks become more interconnected, the need to secure information is of critical importance. Enterprises must comply with rapidly evolving industry standards for the proper handling and protection of sensitive and private information and for the proper auditing of commercial transactions. The comprehensive CUBE SBC feature set helps businesses achieve these requirements with:

      Flexible security rules that prohibit unauthorized connections.

      Behavior evaluation policies that can detect malicious call patterns, including Telephony Denial-of-Service (TDoS) attacks, and invoke an appropriate response – such as terminate, redirect, or record.

      Interworking of encrypted and non-encrypted communication streams.

      Replication of media streams for call recording solutions using either SIPREC or HTTP API.

Cloud communications services

Cloud call control products offer simple-to-provision-and-manage services. However, by their very nature, these services place a greater dependency on the wide-area connections required at customer sites. While additional bandwidth and redundant connectivity can mitigate this requirement, service providers can also use CUBE lineside features to ensure continued service delivery.

      CUBE registration proxy can manage periodic messaging from Cisco Multiplatform Phones (MPP) or third-party SIP endpoints, reducing demand on wide-area connections and permitting larger deployments of endpoints.

      Lineside survivability provides business continuity to SIP phones on a customer site should connectivity to the cloud service be interrupted.

Note:      CUBE lineside features are offered for use with SIP-based, IP Centrex solutions (such as Cisco BroadCloud®). They cannot be used with Cisco Unified Communications Manager, where Expressway and Unified Survivable Remote Site Telephony products should be considered.

Contact center solutions

CUBE offers numerous features that may be used to architect and optimize fully featured contact center solutions. Examples include:

      Call Progress Analysis (CPA) for outbound calling campaigns

      Interactive Voice Response (IVR) solutions

      Media replication for call recording and analysis

Flexibility, Reliability, and Scale

Cisco offers industry-leading flexibility when it comes to deploying SBC functionality in almost any enterprise architecture. As CUBE is offered as part of Cisco IOS XE Software, it may be used concurrently with industry-leading IP networking, security, and QoS features. You can also choose from a wide range of host platforms to suit scale, performance, resiliency, and budget requirements (see Table 2). From IOS XE 17.7.1a, CUBE may be deployed in Cisco SD-WAN solutions.

In addition to physical hosts from Cisco Integrated Services Router (ISR), Cisco Catalyst®Edge Router and Aggregation Services Router (ASR) product families, CUBE features are available for virtualized environments with the Cisco Cloud Services Router (CSR) and Catalyst Edge Software.

Stateful high availability with active/standby redundant pairs and clustering with Cisco Unified SIP Proxy allows enterprises to build highly scalable, business-critical solutions.

CUBE licensing models

The CUBE features described above are licensed to enable three principal use models:

      Trunking for service interconnect and protocol interworking. Trunk licenses are available for both standard (single node) and enhanced (high-availability and advanced features) network architectures to facilitate site-to-site and PSTN connectivity. Each trunk license enables a single call session in addition to a single forked media session for recording where required.

      Lineside to enhance the delivery of hosted SIP communications services. Previously only available for the Cisco 800 Series Routers through the NanoCUBE license, CUBE Lineside client licenses are now available for all platforms listed in Table 2. Each Lineside license enables registration proxy and survivability features for one local SIP endpoint.

      Media Proxy for advanced call recording and compliance solutions. Deployed independently from CUBE platforms configured for trunkside or lineside applications, CUBE Media Proxy allows corporate customers to meet compliance requirements by simultaneously recording or analyzing calls at up to five destinations simultaneously. Each Media Proxy license enables one forked media session in either standard or redundant configurations.

Smart Licensing

CUBE Smart Licenses allow for entitlement pooling and portability across all CUBE platforms registered to an organization’s Cisco Smart Licensing account. Providing further flexibility, Cisco Smart Licensing also allows the borrowing of higher-entitlement CUBE licenses if required.

Starting with CUBE version 12.5 (Cisco IOS XE 16.10.1a), all platforms must report license usage to a customer’s Cisco Smart Software Management service account. For more information regarding Smart Licensing, see: https://www.cisco.com/go/smartlicensing

CUBE feature support

CUBE supports a comprehensive range of session control, security, interworking, and demarcation SBC features, many of which are detailed in Table 1.

Table 1.        Cisco Unified Border Element features

Feature

Support details

Protocol and signal interworking
  SIP to SIP (including Cisco Unified Communications Manager and Cisco TelePresence ®)

Media support
  RTP and RTCP
  Binary Flow Control Protocol (BFCP) passthrough

Media interworking
  SIP delayed-offer to SIP early-offer interworking for audio or video calls

Media modes
  Media flow-through
  Media flow-around

Signaling transport mode
  Transport Control Protocol (TCP)
  Transport Layer Security (TLS)
  User Datagram Protocol (UDP)
  TCP, TLS and UDP interworking

Fax support
  T.38 fax relay
  Fax pass-through
  Fax over G.711

Modem support
  Modem pass-through
  Modem over G.711

Dual-Tone Multifrequency (DTMF)
  RFC 2833 /RFC 4733
  SIP notify
  Key Press Markup Language (KPML)
  Interworking capabilities include:

    RFC 2833/4733 to G.711 in-band DTMF2

    sip-info to rtp-nte interworking

    RFC 2833/4733 to KPML

Supplementary services
  SIP supplementary services (holds and transfers) support using REFER or REINVITE
  Multicast Music on Hold (MMoH) to Unicast MoH conversion
  Call Progress Analysis (CPA) 1 to analyze far-end media (live versus recorded media) for outbound call centers

Internetworking
  Configurable SIP profiles to manipulate SIP message content, including header fields and Session Descriptor Protocol (SDP) attributes
  Conditional SIP profiles, performing header modification dependent on header content
  P-Asserted-Identity (PAI), P-Preferred-Identity (PPI), and Remote-Party-ID (RPID) internetworking
  Unsupported Multipurpose Internet Mail Extensions (MIME)-type attachment pass-through
  Unsupported SIP header pass-through
  SDP attribute pass-through
  Dial-peer bind (allows CUBE to connect to multiple service providers)
  Incoming dial-peer match based on remote IP address
  Assisted RTCP for Microsoft Lync/Skype for Business interoperability
  Mid-call signaling block or pass-through when media changes
  Early dialog UPDATE /183 consumption
  Block incoming 180 and 183 signaling messages
  Restrict video call to audio only
  Media Anti-trombone
  IPv4 to IPv6 interworking
  Configurable SIP error codes
  SIP error code pass-through

Call routing and dialing options
  E164-based dialing
  Uniform Resource Identifier (URI)-based dialing
  Routing based on nonsequential E164 and/or URI lists
  Destination-based or source-based routing
  Dial Peer Groups (Trunk Groups) (outbound routing determined by inbound dial pattern)
  Server Groups to define order of selection of alternative or backup routing paths for outbound routing
  Routing based on duple header variables (both AND OR logic)
  Refer and call redirect consumption and pass-through
  Outbound call load distribution with random or round robin schemes
  Call re-routing based on network errors or error responses
  P-called-party-ID support

Multitenancy, multi-VRF, and trunk realms
  Support for dial plan scenarios requiring either or both inter- and intra- IP VRF routing tables
  Per-VRF-domain SIP user agent for multi-tenancy support (up to 100 VRFs)
  Realm commonality of multiple trunks, even with different user agent definitions per trunk

Cisco Call Admission Control (CAC)
  CAC based on maximum number of calls per trunk (maximum number of calls)
  CAC based on IP circuits
  CAC based on total calls, CPU use, or memory use threshold
  CAC based on bandwidth availability and call-spike detection

OPTIONS SIP message support
  Support for response to OPTIONS-PING messages with OPTION-PING groups based on session target
  Support for generation of in-dialog OPTIONS-PING messages
  Support for generation of out-of-dialog OPTIONS-PING messages to control dial-peer status

Media forking
  Media forking features for voice and video to integrate with media recording or analysis servers
  API-based mechanisms for invoking media forking
  Support for standard SIPREC media forking
  Raw media forking using secure WebSockets for Cisco Contact Center solutions. (Requires Enhanced License)
● Media Proxy mode for forking calls to up five different destinations 2
  Secure forking of a non-secure call

IP routing feature
  Support for Cisco IOS XE Software-based routing features, including Border Gateway Protocol (BGP), Enhanced IGRP (EIGRP), and Multiprotocol Label Switching (MPLS)
  Support for Cisco IOS XE Software-based policy routing features
  Support for Cisco IOS XE Software-based Access-Control-List (ACL) features

Voice-quality statistics

RTCP data from incoming and outgoing call legs used to provide:

  Packet loss, jitter, and Round-Trip Time (RTT)
  Per-call leg call-quality statistics

QoS
  IP precedence and Differentiated-Services-Code-Point (DSCP) marking
  Per-call QoS packet marking

Network Address Translation (NAT) traversal
  NAT traversal support for SIP phones deployed behind non-Application Line Gateway (ALG) data routers
  Stateful NAT traversal
  ICE-Lite

Network hiding
  IP network privacy and topology hiding
  IP network security boundary
  Intelligent IP address translation for call media and signaling
  Back-to-back user agent, replacing all SIP-embedded IP addressing
  History information-based topology hiding and call routing

Number translation
  Number translation rules for Voice-over-IP (VoIP) numbers
  URI-based dialing translations

Codecs
  OPUS low bitrate 6 kbps to very high-quality 510 kbps
  G.711 mu-law and a-law
  G.722
  G.723ar53, G.723ar63, G.723r53, and G.723r63
  G.726r16, G.726r24, and G.726r32
  G.728
  G.729, G.729A, G.729B, and G.729AB
  Internet Low Bitrate Codec (iLBC) 13330 or 15200 bps
  Internet Speech Audio Code (iSAC) 10 to 32 kbps
  AAC-LD MP4A-LATM
  Mid-call codec renegotiation and preservation
  Narrowband Adaptive Multi-rate (AMR-NB) 4750-12200 bps

Transcoding1
  Transcoding between any two different families of codecs from the following list:

    G.711 a-law and mu-law

    G.729, G.729A, G.729B, and G.729AB

    iLBC

    G.722

    OPUS (PVDM4 modules only)

  Mid-call transcoder insert and drop

Transrating1
  Transrating of packetization rates for the following codecs:

    G.711 a-law and mu-law

    G.723 5.3/6/3 kbps

    G.729, G.729A, G.729B, and G.729AB

    G.722

Security
  Rogue SIP invite and rogue RTP packet detection with alerting
  Configurable RTP port range
  IP security (IPsec)
  SRTP flow-through
  Transport Layer Security (TLS) version 1.2, with exclusivity
  SRTP-to-RTP and STRP-to-SRTP interworking with Next-Generation Encryption (NGE) cipher suites
  Configurable SIP listening port per trunk
  Disable unused transport mechanisms
  SIP registration and digest authentication support
  Various mechanisms for control of RTP and UDP packet flooding
  Voice security policy application integration (via HTTP API)
  Peer whitelisting /IP Trusted List
  Silent discard of SIP messages from untrusted peers
  Compatible with IOS Zone Based Firewall

Authentication, Authorization, and Accounting (AAA)
  AAA with RADIUS

Voice media applications
  Tool Command Language (TCL) scripts support for application customization
  Web-based API to monitor and control signaling and media traffic (for external policy control)

API
  Web-based API compatible with Web Service Description Language (WSDL) development tools to support call monitoring and control, Call-Detail Records (CDRs), and serviceability attribute interaction with external application; specifically designed for voice-policy applications

Billing
  Standard CDRs for accurate billing available through:
  AAA records
  Syslog
  Simple Network Management Protocol (SNMP)

Line-side Registration Proxy
  Proxy registration of endpoints using the standard SIP registration process (including third-party SIP endpoints) for connecting with third-party hosted call-control services (e.g. Cisco BroadSoft ®)
  Local and PSTN survivability in the event of loss of WAN connectivity to a hosted call control
  Proxy endpoint registration with 10 endpoints per SIP registration event

Inter-Cluster Lookup Service (ILS) routing
  Support for ILS routing to complement ILS dial-plan exchange between Cisco Unified Communications Manager clusters or to simplify call-routing complexity between multiple clusters

Video

Rich media
  Simultaneous support for data, audio, and video

Signaling interworking
  SIP delayed-offer to SIP early-offer calls

Media
  Support for multiplex RTP calls (for Cisco TelePresence solution)
  Simple Traversal of UDP through NAT (STUN) /Datagram TLS (DTLS) pass-through for telepresence

QoS
  DSCP markings to prioritize video streams as they traverse the network

Data support
  T.120 data collaboration (flow-around only)

Camera control
  Far-End Camera Control (FECC)

Video suppression
  Terminate video media session for connection to audio-only sessions

Video codecs
  H.261
  H.263/H.263+
  H.264
  MPEG4

Network management

Manageability, serviceability, and troubleshooting
  Resource usage monitoring over SIP trunk
  Sortable dial peers
  SIP session ID for end-to-end call tracing
  SNMP per-call quality traps
  SNMP and syslog SIP trunk status messages
  DEBUG commands allowing user-selectable levels of debug information, from critical to verbose
  DEBUG commands allowing user-selectable information for specific call characteristics
  VoIPTrace continuous diagnostic capture
  Yang data model allowing configuration and management via RESTCONF and NETCONF

High availability

High availability
  Inbox redundancy with Cisco ASR 1006 and ASR 1006-X
  Box-to-box redundancy with Cisco 4000 Series ISRs, Catalyst Edge 8000, Cisco ASR 1000, and CSR 1000V models (based on RG infrastructure)
  Use of port channels to allow a connection to redundant switches
  Requires Enhanced Trunk or Media proxy session license.
1 Requires DSP resource
2 Media Proxy mode cannot be used concurrently with Voice Gateway, CUBE trunk or CUBE lineside features.

Note:      H.323 features are deprecated from IOS XE 17.6.1 onwards. Refer to the Product Bulletin for further information.

Router platform support

CUBE is developed as a component of Cisco IOS XE Software and runs on the platforms listed in Table 2. Maximum trunk session capacity and call processing performance is provided here for the purposes of comparison only. Operational capacity is dependent on various factors, such as call presentation rate, call type (for example, call center or standard IP telephony), transcoding, encryption, and media forking. Figures included in Table 2 are based on simple telephony calls and assume ideal conditions that optimize for either call volume or rate. Capacity figures are provided for platforms running IOS XE 17.3.1 or newer releases configured with the control plane memory listed in Table 2.  While there is no minimum memory requirement to run CUBE features, maximum session capacity will be reduced if less memory than listed is used.

Certain CUBE deployment scenarios may require additional hardware for WAN termination or transcoding. CUBE supports all data interface types available for the host router platform.

Virtualized CUBE (vCUBE) is available as a licensed feature for the Cisco Cloud Services Router (CSR 1000V) and Catalyst Edge 8000V software, allowing customers to use CUBE features in Network Functions Virtualization (NFV) environments.

CUBE features that require direct access to DSPs or voice interfaces are not available with vCUBE or ISR1100 models.

From IOS XE 17.7.1a, CUBE features may be used in IOS XE autonomous mode, or in controller mode as part of a Cisco SD-WAN solution.

Table 2.        CUBE Platform Support

Router platform

Control Plane Memory

Maximum trunk sessions

Maximum sustainable call setup rate (Calls per second)

Cisco 1100 ISR1

Default

500

5

Cisco 4321 ISR

4 GB

500

4

Cisco 4331 ISR

4 GB

1000

10

Cisco 4351 ISR

4 GB

2000

13

Cisco 4431 ISR

8 GB

3000

15

Cisco 4451-X ISR

8 GB

6000

40

Cisco 4461 ISR

8 GB

10,000

55

C8200L-1N-4T

4 GB

1500

9

C8200-1N-4T

8 GB

2500

14

C8300-1N1S-6T

8 GB

7000

40

C8300-1N1S-4T2X

8 GB

8000

45

C8300-2N2S-6T

8 GB

7500

42

C8300-2N2S-4T2X

16 GB

10,000

55

Cisco CSR 1000V /C8000V 1vCPU2

4 GB

1000

5

Cisco CSR 1000V /C8000V 2vCPU2

4 GB

3000

20

Cisco CSR 1000V /C8000V 4vCPU2

8 GB

6000

30

Cisco ASR 1001-X

16 GB

12,000

50

Cisco ASR 1002-X

16 GB

14,000

55

Cisco ASR 1006-X with
RP3 and ESP100/ESP100X

16 GB

16,000

65

Cisco ASR 1004 /ASR 1006 /
ASR 1006-X with RP2 and ESP40

16 GB

16,000

70
1ISR1100 4G/6G models for SDWAN do not support the CUBE feature set.
2 Based on tests using Cisco UCS ® C240 host with Intel ® Xeon ® 6132 2.60GHz processors running VMware ESXi 6.7. Performance quoted for 2 vCPU virtual machine also applies for vCUBE in Amazon Web Services and Microsoft Azure.

Licensing options

CUBE may be purchased through a Cisco Collaboration Flex Plan subscription.

CUBE license subscriptions may be purchased using A-FLEX-3, A-FLEX-3-EDU, or A-FLEX-3-FEDRAMP offers with options listed in Table 3. For more information on ordering CUBE as a subscription, refer to the Cisco Collaboration Flex Plan Ordering Guide. Entitlements provided through Flex subscriptions are term-based and may be used to entitle any version of CUBE (including those that use RTU licenses).

Table 3.        CUBE Subscription options

Product Code

Description

A-FLEX-ENH-CUBE

One CUBE trunk enhanced session subscription

A-FLEX-STD-CUBE

One CUBE trunk standard session subscription

A-FLEX-MP-CUBE

One Media Proxy stream subscription

Cisco environmental sustainability

Information about Cisco’s environmental sustainability policies and initiatives for our products, solutions, operations, and extended operations or supply chain is provided in the 2021 Cisco Purpose Report.

Reference links to information about key environmental sustainability topics are provided in the following table:

Sustainability topic

Reference

Information on product material content laws and regulations

Materials

Information on electronic waste laws and regulations, including products, batteries, and packaging

WEEE compliance

Cisco makes the packaging data available for informational purposes only. It may not reflect the most current legal developments, and Cisco does not represent, warrant, or guarantee that it is complete, accurate, or up to date. This information is subject to change without notice.

Cisco Capital

Flexible payment solutions to help you achieve your objectives

Cisco Capital makes it easier to get the right technology to achieve your objectives, enable business transformation and help you stay competitive. We can help you reduce the total cost of ownership, conserve capital, and accelerate growth. In more than 100 countries, our flexible payment solutions can help you acquire hardware, software, services and complementary third-party equipment in easy, predictable payments. Learn more.

Summary

Organizations large and small are realizing the value of SIP-based communication. The Cisco session border controller, CUBE, is helping these organizations take advantage of service providers’ SIP services by providing voice and video connectivity for both trunk and lineside services. As such, CUBE is ideal for businesses of all sizes; it cost-effectively supports a variety of SIP services, whether premises-based or with hosted call control, with the added benefit that CUBE uses the customer’s existing investment in Cisco routers.

For more information

For more information about the Cisco Unified Border Element (CUBE), visit https://www.cisco.com/go/cube or contact your local Cisco account representative.

Document history

New or revised topic

Described In

Date

Removed perpetual license offer details.

 

June 2022

Added Cisco SD-WAN support.

 

Jan 2022

Removed End of Sale H.323 features.  Further clarification on platform memory requirements.

Table 1 and Platform Support

November 11, 2021

Added subscription ordering and H.323 deprecation details

 

August 16, 2021

Added information relating to newer Catalyst 8000 series products.

 

May 20, 2021

Added information relating to newer Catalyst 8000 series products.

 

Mar 15, 2021

Added information related to Catalyst Edge router platforms.

 

Nov 2020

Content updated for CUBE 14.0 (IOS XE 17.3.1)

Router platform support, new codec, Microsoft Phone System support and version 14 licensing

July 31, 2020

Content updated for CUBE 12.8 (IOS XE 17.2.1)

Router platform support

April 04, 2020

Added minimum memory requirements, new support for ISR1100 and updated scaling figures

Router platform support

Sep 27, 2019

Content fully updated for CUBE Version 12

Updated: CUBE Version 12

Feb 13, 2019

 

 

 

Learn more