Have an account?

  •   Personalized content
  •   Your products and support

Need an account?

Create an account
Data Sheet

Available Languages

Download Options

  • PDF
    (511.8 KB)
    View with Adobe Reader on a variety of devices
Updated:October 7, 2019

Available Languages

Download Options

  • PDF
    (511.8 KB)
    View with Adobe Reader on a variety of devices
Updated:October 7, 2019
 

Product Overview

Part of the Cisco® Collaboration Edge Architecture, Cisco Unified Border Element (CUBE) version 12 is an enterprise-class Session Border Controller (SBC) solution that makes it possible to connect and interwork large, midsize, and small business unified communications networks with public and private IP communication services.

As a licensed feature set of Cisco IOS® XE Software, CUBE has a wide range of capabilities that may be used to secure, monitor, and maintain business-critical connections and to ensure compliance with industry standards. Collectively, CUBE features provide exceptional flexibility when architecting highly available enterprise communications networks that save money and offer richer voice and video collaboration experiences to users.

Comprehensive Interworking

As voice, video, and mobile communications systems converge to form more cost-effective, integrated collaboration solutions, the need to interwork diverse networks based on various protocols and security requirements increases. The CUBE SBC serves a critical role in linking these networks and provides a seamless experience for voice and video users.

CUBE is especially suited to facilitating:

     PSTN interconnect using Internet service provider SIP trunks, which allow rapid service delivery and the possibility of capacity pooling across locations.

     Migration from TDM to SIP public telephony trunk services. As Cisco Integrated Services Routers (ISR) allow the concurrent use of voice gateway and CUBE features, a phased trunk migration is possible without requiring changes to the enterprise call control platform.

     Certified connection to Cisco and third-party cloud collaboration services, including Cisco Webex® Cloud Connected Audio (CCA and CCA-SP), Webex Calling Local Gateway and Cisco Hosted Collaboration Solution (HCS), with normalization to customer collaboration systems. CUBE supports high-capacity SIP media connectivity to the Cisco Webex cloud to replace expensive TDM audio connections to conferencing services.

     Business-to-business voice and video system interconnect.

     Multi-tenant solutions that require customer-dedicated SIP trunks on a common platform.

     Codec interworking through the control of midcall codec renegotiation or transcoding.

Note:        Cisco Unified Communications Manager customers requiring business-to-business video features should use Cisco Expressway.

As CUBE terminates and re-originates signaling and media traffic, it is able to provide a secure demarcation between internal and external services, while interworking signaling protocols and encoded media streams between them. Further, CUBE provides a rich set of flexible session control features to secure and route traffic to different destinations and to apply policing and Quality-of-Service (QoS) policies.

Certain CUBE features may also be used with Cisco Communications Manager Express (CME) and Unified Survivable Remote Site Telephony (SRST) applications to connect with SIP trunk services.

Security and Compliance

As networks become more interconnected, the need to secure information is of critical importance. Enterprises must comply with rapidly evolving industry standards for the proper handling and protection of sensitive and private information and for the proper auditing of commercial transactions. The comprehensive CUBE SBC feature set helps businesses achieve these requirements with:

     Flexible security rules that prohibit unauthorized connections.

     Behavior evaluation policies that can detect malicious call patterns, including Telephony Denial-of-Service (TDoS) attacks, and invoke an appropriate response – such as terminate, redirect, or record.

     Interworking of encrypted and non-encrypted communication streams.

     Replication of media streams for call recording solutions using either SIPREC or HTTP API.

Cloud Communications Services

Cloud call control products offer simple-to-provision-and-manage services. However, by their very nature, these services place a greater dependency on the wide-area connections required at customer sites. While additional bandwidth and redundant connectivity can mitigate this requirement, service providers can also use CUBE lineside features to ensure continued service delivery.

     CUBE registration proxy can manage periodic messaging from Cisco Multiplatform phones (MPP) or third-party SIP endpoints, reducing demand on wide-area connections and permitting larger deployments of endpoints.

     Lineside survivability provides business continuity to SIP phones on a customer site should connectivity to the cloud service be interrupted.

Note:        CUBE lineside features are offered for use with SIP-based, IP Centrex solutions (such as Cisco BroadCloud®). They cannot be used with Cisco Unified Communications Manager, where Expressway and Unified Survivable Remote Site Telephony products should be considered.

Contact Center Solutions

CUBE offers numerous features that may be used to architect and optimize fully featured contact center solutions. Examples include:

     Call Progress Analysis (CPA) for outbound calling campaigns

     Interactive Voice Response (IVR) solutions

     Media replication for call recording

Flexibility, Reliability, and Scale

Cisco offers industry-leading flexibility when it comes to deploying SBC functionality in almost any enterprise architecture. As CUBE is offered as part of Cisco IOS XE Software, it may be used concurrently with industry-leading IP networking, security, and QoS features. You can also choose from a wide range of host platforms to suit scale, performance, resiliency, and budget requirements (see Table 2).

In addition to physical hosts from Cisco Integrated Services Router (ISR) and Aggregation Services Router (ASR) product families, CUBE features are available for virtualized environments with the Cisco Cloud Services Router (CSR).

Stateful high availability with active/standby redundant pairs and clustering with Cisco Unified SIP Proxy allows enterprises to build business-critical solutions for up to 64,000 concurrent sessions.

CUBE Licensing Models

The CUBE features described above are licensed to enable three principal use models:

     Trunking for service interconnect and protocol interworking. Trunk licenses are available for both standard (single node) and redundant (high-availability pair) network architectures to facilitate site-to-site and PSTN connectivity. Each trunk license enables a single call session in addition to a single forked media session for recording where required.

     Lineside to enhance the delivery of hosted SIP communications services. Previously only available for the Cisco 800 Series Routers through the NanoCUBE license, CUBE Lineside client licenses are now available for all platforms listed in Table 2.  Each Lineside license enables registration proxy and survivability features for one local SIP endpoint.

     Media Proxy for advanced call recording and compliance solutions. Deployed independently from CUBE platforms configured for trunkside or lineside applications, CUBE Media Proxy allows corporate customers to meet compliance requirements by simultaneously recording or analyzing calls at up to five destinations simultaneously. Each Media Proxy license enables one forked media session in either standard or redundant configurations.

Smart Licensing

CUBE Smart Licenses allow for entitlement pooling and portability across all CUBE platforms registered to an organization’s Cisco Smart Licensing account. Providing further flexibility, Cisco Smart Licensing also allows the borrowing of higher-entitlement CUBE licenses if required.

Starting with CUBE version 12.5 (Cisco IOS XE 16.10.1a), all platforms must be registered with a customer’s Cisco Smart Software Management service account. For more information regarding Smart Licensing, see: https://www.cisco.com/go/smartlicensing

CUBE Feature Support

CUBE supports a comprehensive range of session control, security, interworking, and demarcation SBC features, many of which are detailed in Table 1.

Table 1.             Cisco Unified Border Element Features

Feature

Support details

Protocols

  H.323 and SIP

Protocol and signal interworking

  H.323 to H.323 (including Cisco Unified Communications Manager)
  H.323 to SIP (including Cisco Unified Communications Manager)
  SIP to SIP (including Cisco Unified Communications Manager and Cisco TelePresence ®)

Media support

  RTP and RTCP
  Binary Flow Control Protocol (BFCP) passthrough

Media interworking

  SIP delayed-offer to SIP early-offer interworking for audio or video calls
  H.323 Slow Start to H.323 Fast Start for audio calls

Media modes

  Media flow-through
  Media flow-around

Signaling transport mode

  Transport Control Protocol (TCP)
  User Datagram Protocol (UDP)
  TCP-to-UDP interworking

Fax support

  T.38 fax relay
  Fax pass-through
  Fax over G711

Modem support

  Modem pass-through
  Modem over G711

Dual-tone multifrequency (DTMF)

  H.245 alphanumeric
  H.245 signal
  RFC 2833 / RFC 4733
  SIP notify
  Key Press Markup Language (KPML)
  Interworking capabilities include:
   H.323 to SIP
   RFC 2833/4733 to G.711 in-band DTMF *
   sip-info to rtp-nte interworking
   Various SIP-to-H.323 DTMF interworking options
   RFC 2833/4733 to KPML

Supplementary services

  Call hold, call transfer, and call forwarding for H.323 networks using H.450 and transparent passing of Empty Capability Set (ECS)
  SIP-to-SIP supplementary services (holds and transfers) support using REFER
  SIP-to-SIP supplementary services (holds and transfers) support using REINVITE
  H.323-to-SIP supplementary services for Cisco Unified Communications Manager with Media Termination Point (MTP) on the H.323 trunk
  Multicast Music on Hold (MMoH) to Unicast MoH conversion
  Call Progress Analysis (CPA) * to analyze far-end media (live versus recorded media) for outbound call centers

Internetworking

  Configurable SIP profiles to manipulate SIP message content, including header fields and Session Descriptor Protocol (SDP) attributes
  Conditional SIP profiles, performing header modification dependent on header content
  P-Asserted-Identity (PAI), P-Preferred-Identity (PPI), and Remote-Party-ID (RPID) internetworking
  Unsupported Multipurpose Internet Mail Extensions (MIME)-type attachment pass-through
  Unsupported SIP header pass-through
  SDP attribute pass-through
  Dial-peer bind (allows CUBE to connect to multiple service providers)
  Incoming dial-peer match based on remote IP address
  Assisted RTCP for Microsoft Lync / Skype for Business interoperability
  Mid-call signaling block or pass-through when media changes
  Early dialog UPDATE / 183 consumption
  Block incoming 180 and 183 signaling messages
  Restrict video call to audio only
  Media Anti-trombone
  IPv4 to IPv6 interworking
  Configurable SIP error codes
  SIP error code pass-through

Call routing and dialing options

  E164-based dialing
  Uniform Resource Identifier (URI)-based dialing
  Routing based on nonsequential E164 and/or URI lists
  Destination-based or source-based routing
  Dial Peer Groups (Trunk Groups) (outbound routing determined by inbound dial pattern)
  Server Groups to define order of selection of alternative or backup routing paths for outbound routing
  Routing based on duple header variables (both AND OR logic)
  Refer and call redirect consumption and pass-through
  Outbound call load distribution with random or round robin schemes
  Call re-routing based on network errors or error responses
  P-called-party-ID support

Multitenancy, multi-VRF, and trunk realms

  Support for dial plan scenarios requiring either or both inter- and intra- IP VRF routing tables
  Per-VRF-domain SIP user agent for multi-tenancy support
  Realm commonality of multiple trunks, even with different user agent definitions per trunk

Cisco Call Admission Control (CAC)

  CAC based on maximum number of calls per trunk (maximum number of calls)
  CAC based on IP circuits
  CAC based on total calls, CPU use, or memory use threshold
  CAC based on bandwidth availability and call-spike detection

OPTIONS SIP message support

  Support for response to OPTIONS-PING messages with OPTION- PING groups based on session target
  Support for generation of in-dialog OPTIONS-PING messages
  Support for generation of out-of-dialog OPTIONS-PING messages to control dial-peer status

Media forking

  Media forking features for voice and video to integrate with media recording or analysis servers
  API-based mechanisms for invoking media forking
  Support for standard SIPREC media forking
  Media Proxy mode for forking two to five concurrent media sessions **

IP routing feature

  Support for Cisco IOS XE Software-based routing features, including Border Gateway Protocol (BGP), Enhanced IGRP (EIGRP), and Multiprotocol Label Switching (MPLS)
  Support for Cisco IOS XE Software-based policy routing features
  Support for Cisco IOS XE Software-based Access-Control-List (ACL) features

Voice-quality statistics

RTCP data from incoming and outgoing call legs used to provide:
  Packet loss, jitter, and Round-Trip Time (RTT)
  Per-call leg call-quality statistics

QoS

  IP precedence and Differentiated-Services-Code-Point (DSCP) marking
  Per-call QoS packet marking

Network Address Translation (NAT) traversal

  NAT traversal support for SIP phones deployed behind non-Application Line Gateway (ALG) data routers
  Stateful NAT traversal
  ICE-Lite

Network hiding

  IP network privacy and topology hiding
  IP network security boundary
  Intelligent IP address translation for call media and signaling
  Back-to-back user agent, replacing all SIP-embedded IP addressing
  History information-based topology hiding and call routing

Number translation

  Number translation rules for Voice-over-IP (VoIP) numbers
  URI-based dialing translations

Codecs

  G.711 mu-law and a-law
  G.722
  G.723ar53, G.723ar63, G.723r53, and G.723r63
  G.726r16, G.726r24, and G.726r32
  G.728
  G.729, G.729A, G.729B, and G.729AB
  Internet Low Bitrate Codec (iLBC) 13330 or 15200 bps
  Internet Speech Audio Code (iSAC) 10 to 32 kbps
  AAC-LD MP4A-LATM
  Mid-call codec renegotiation and preservation
  Narrowband Adaptive Multi-rate (AMR-NB) 4750-12200 bps

Transcoding*

  Transcoding between any two different families of codecs from the following list:
   G.711 a-law and mu-law
   G.729, G.729A, G.729B, and G.729AB
   iLBC
   G.722
  Mid-call transcoder insert and drop

Transrating*

  Transrating of packetization rates for the following codecs:
   G.711 a-law and mu-law
   G.723 5.3/6/3 kbps
   G.729, G.729A, G.729B, and G.729AB
   G.722

Security

  Rogue SIP invite and rogue RTP packet detection
  Alerts for rogue packet activity
  Configurable RTP port range
  IP security (IPsec)
  SRTP flow-through
  Transport Layer Security (TLS) version 1.2, with exclusivity
  SRTP-to-RTP and STRP-to-SRTP interworking with Next-Generation Encryption (NGE) cipher suites
  Configurable SIP listening port
  Disable unused transport mechanisms
  SIP registration and digest authentication support
  Various mechanisms for control of RTP and UDP packet flooding
  Voice security policy application integration (via HTTP API)
  Peer whitelisting / IP Trusted List
  Silent discard of SIP messages from untrusted peers
  Compatible with IOS Zone Based Firewall

Authentication, Authorization, and Accounting (AAA)

  AAA with RADIUS

Voice media applications

  Tool Command Language (TCL) scripts support for application customization
  Web-based API to monitor and control signaling and media traffic (for external policy control)

API

  Web-based API compatible with Web Service Description Language (WSDL) development tools to support call monitoring and control, Call-Detail Records (CDRs), and serviceability attribute interaction with external application; specifically designed for voice-policy applications

Billing

  Standard CDRs for accurate billing available through:
   AAA records
   Syslog
   Simple Network Management Protocol (SNMP)

Lawful intercept

  Provision of replicated packets to third-party mediation device

Line-side Registration Proxy

  Proxy registration of endpoints using the standard SIP registration process (including third-party SIP endpoints) for connecting with third-party hosted call-control services (e.g. Cisco BroadSoft ®)
  Local and PSTN survivability in the event of loss of WAN connectivity to a hosted call control
  Proxy endpoint registration with 10 endpoints per SIP registration event

Inter-Cluster Lookup Service (ILS) routing

  Support for ILS routing to complement ILS dial-plan exchange between Cisco Unified Communications Manager clusters or to simplify call-routing complexity between multiple clusters

Video

Protocols

  H.323 and SIP

Rich media

  Simultaneous support for data, audio, and video

Signaling interworking

  SIP delayed-offer to SIP early-offer calls

Media

  Support for multiplex RTP calls (for Cisco TelePresence solution)
  Simple Traversal of UDP through NAT (STUN) / Datagram TLS (DTLS) pass-through for telepresence

H.323-enhanced features

  H.235 pass-through for secure calls
  H.239 pass-through for picture-in-picture feature

QoS

  DSCP markings to prioritize video streams as they traverse the network

Data support

  T.120 data collaboration flow-around only

Camera control

  Far-End Camera Control (FECC)

Video suppression

  Terminate video media session for connection to audio-only sessions

Video codecs

  H.261
  H.263/H.263+
  H.264
  MPEG4

Network management

Manageability, serviceability, and troubleshooting

  Resource usage monitoring over SIP trunk
  Sortable dial peers
  SIP session ID for end-to-end call tracing
  SNMP per-call quality traps
  SNMP and syslog SIP trunk status messages
  DEBUG commands allowing user-selectable levels of debug information, from critical to verbose
  DEBUG commands allowing user-selectable information for specific call characteristics

High availability

High availability

  Inbox redundancy with Cisco ASR 1006 and ASR 1006-X
  Box-to-box redundancy with Cisco 4000 Series ISRs, Cisco ASR 1000, and CSR 1000V models (based on RG infrastructure)
  Use of port channels to allow a connection to redundant switches

Note: Media is preserved for active calls at the time of failover in each redundancy configuration listed.

* Requires a DSP resource. Available only on the Cisco 4000 Series Integrated Services Routers and Cisco ASR 1000 Series Aggregation Services Routers.
** Media Proxy mode cannot be used concurrently with Voice Gateway, CUBE trunk or CUBE lineside features.

Router Platform Support

CUBE is developed as a component of Cisco IOS XE Software and runs on the platforms listed in Table 2. Maximum trunk session capacity and call processing performance is provided here for the purposes of comparison only. Operational capacity is dependent on various factors, such as call presentation rate, call type (for example, call center or standard IP telephony), transcoding, encryption, and media forking. Figures included in Table 2 are based on simple telephony calls and assume ideal conditions that optimize for either call volume or rate.  Updated capacity figures are provided for platforms running IOS XE 16.12.1 or newer releases.

Certain CUBE deployment scenarios may require additional hardware for WAN termination or transcoding. If connected to the IP network through a WAN circuit, CUBE supports all connectivity methods and interface cards supported by the host router platform.

Virtualized CUBE (vCUBE) is available as a licensed feature for the Cisco Cloud Services Router (CSR 1000V), allowing customers to use CUBE features in Network Functions Virtualization (NFV) environments. CUBE features that require direct access to DSPs or voice interfaces are not available with vCUBE.

Table 2.             CUBE Platform Support

Router platform

Minimum memory requirement

Maximum trunk sessions

Maximum sustainable call setup rate (Calls per second)

Cisco 1100 ISR

Default

500

5

Cisco 4321 ISR

4 GB

500

4

Cisco 4331 ISR

4 GB

1000

10

Cisco 4351 ISR

4 GB

2000

13

Cisco 4431 ISR

8 GB

3000

15

Cisco 4451-X ISR

8 GB

6000

40

Cisco CSR 1000V 1vCPU1

4 GB

1000

5

Cisco CSR 1000V 2vCPU1

4 GB

3000

20

Cisco CSR 1000V 4vCPU1

8 GB

6000

30

Cisco ASR 1001-X

16 GB

12,000

50

Cisco ASR 1002-X

16 GB

14,000

55

Cisco ASR 1004 / ASR 1006 / ASR 1006-X with RP2 and ESP40

16 GB

16,000

70

1 Based on tests using Cisco UCS ® C240 host with Intel ® Xeon ® 6132 2.60GHz processors running VMware ESXi 6.0.

Licensing

When ordering Cisco CUBE, use the Smart License-enabled product codes in Table 3 to ensure that entitlements are delivered directly to the customer Smart Account. All license options require at least one year of Software Support Service (SWSS) coverage.

Table 3.             CUBE Smart License Ordering Information

Product code

Description

L-CUBE

Top-level part number. Select this first

CUBE License options

CUBE-T-STD

One Standard Trunk Session License

CUBE-T-RED

One Trunk Session License with support for box-to-box redundancy

CUBE-L-STD

One Standard Lineside License

CUBE-MP-RED

Entitlement for one Media Fork with support for box-to-box redundancy

CUBE License upgrade option

CUBE-T-RED-UP

Upgrade one Standard Trunk License to support box-to-box redundancy

Cisco Environmental Sustainability

Information about Cisco’s environmental sustainability policies and initiatives for our products, solutions, operations, and extended operations or supply chain is provided in the “Environment Sustainability” section of Cisco’s Corporate Social Responsibility (CSR) Report.

Reference links to information about key environmental sustainability topics (mentioned in the “Environment Sustainability” section of the CSR Report) are provided in the following table:

Sustainability Topic

Reference

Information on product-material-content laws and regulations

Materials

Information on electronic waste laws and regulations, including products, batteries and packaging

WEEE Compliance

Cisco makes the packaging data available for informational purposes only. It may not reflect the most current legal developments, and Cisco does not represent, warrant, or guarantee that it is complete, accurate, or up to date. This information is subject to change without notice.

Cisco Capital

Flexible Payment Solutions to Help you Achieve your Objectives

Cisco Capital makes it easier to get the right technology to achieve your objectives, enable business transformation and help you stay competitive. We can help you reduce the total cost of ownership, conserve capital, and accelerate growth. In more than 100 countries, our flexible payment solutions can help you acquire hardware, software, services and complementary third-party equipment in easy, predictable payments. Learn more.

Summary

Organizations large and small are realizing the value of SIP-based communication. The Cisco session border controller, CUBE, is helping these organizations take advantage of service providers’ SIP services by providing voice and video connectivity for both trunk and lineside services. As such, CUBE is ideal for businesses of all sizes; it cost-effectively supports a variety of SIP services, whether premises-based or with hosted call control, with the added benefit that CUBE uses the customer’s existing investment in Cisco routers.

For More Information

For more information about the Cisco Unified Border Element (CUBE), visit https://www.cisco.com/go/cube or contact your local Cisco account representative.

Document History

New or revised topic

Described In

Date

Added minimum memory requirements, new support for ISR1100 and updated scaling figures

Router Platform Support

Sep 27, 2019

Content fully updated for CUBE Version 12

Updated: CUBE Version 12

Feb 13, 2019

 

Learn more