reference deployment

Ribbon SBC SWe on AWS

Secure multimedia session control and efficient, fault-tolerant real-time communications

This Quick Start deploys the Ribbon Session Border Controller Software Edition (SBC SWe) on the Amazon Web Services (AWS) Cloud in about 30 minutes.

You can use the Ribbon SBC SWe to secure real-time communications, including unified communications, conferencing and collaboration, and contact center services, on AWS. SBC SWe provides robust interworking and normalization for multiple signaling and media protocols, call admission control to manage traffic levels, and multiple security features for both signaling and media to protect privacy and to help ensure regulatory compliance.

The Ribbon SBC SWe consists of the following components:

  • An integrated session border controller as a Session Initiation Protocol (SIP) back-to-back user agent (B2BUA).
  • A high-availability front-end (HFE) node to assist with improved media restoration times in the event of an SBC instance failure.
  • An Asterisk application server acting as a SIP registrar.
  • An Ansible control node to launch playbooks that configure the session border controller through a REST API.

Deploying the Ribbon SBC SWe on AWS delivers a solution that is elastic and fault-tolerant, uses compute resources efficiently for cost control, and dynamically adjusts to varying degrees of traffic load.

portworx logo

This Quick Start was developed by Ribbon
in collaboration with AWS. Ribbon is
an APN Partner.

  •  What you'll build
  •  How to deploy
  •  Cost and licenses
  •  What you'll build
  • Use this Quick Start to automatically set up the following environment on AWS:

    • A highly available architecture capable of handling application-level failure within a single Availability Zone.*
    • A virtual private cloud (VPC) configured with public and private subnets according to AWS best practices, to provide you with your own virtual network on AWS.*
      • The public subnet handles SIP signaling and media from SIP endpoints on the internet. It includes a Linux bastion host that allows inbound Secure Shell (SSH) access to the SBC instances in the management private subnet. It also includes a managed NAT gateway to allow access to the Amazon Elastic Compute Cloud (Amazon EC2) API.*
      • The Quick Start sets up four private subnets:
        • Management subnet for SBC traffic management. This subnet includes an Ansible configuration server to launch playbooks that configure the SBC.
        • High availability (HA) subnet for mirroring and synchronization of traffic between the two SBC instances.
        • Core (trusted media) subnet to handle signaling and media between the SBC and an application server or registrar (Asterisk).
        • Access (untrusted media) subnet to handle signaling and media between the SBC and the HFE node.
    • A gateway VPC endpoint to allow Amazon Simple Storage Service (Amazon S3) access from the EC2 instances in a private subnet.*
    • Two SBC instances that form an SBC HA pair with interfaces to the four private subnets.
    • An HFE node to improve SBC instance failover performance.
    • An Asterisk application server that also acts as a SIP registrar.
    • An S3 bucket that contains playbooks and scripts to configure the HFE, SBC, and Asterisk application server.
    • VPC endpoints to access the S3 buckets and other services over the AWS private network.

    *  The template that deploys the Quick Start into an existing VPC skips the components marked by asterisks and prompts you for your existing VPC configuration.

  •  How to deploy
  • To deploy the Ribbon SBC SWe on AWS, follow the instructions in the deployment guide. The deployment process takes about 30 minutes and includes these steps:

    1. If you don't already have an AWS account, sign up at, and sign in to your account.
    2. Subscribe to the Amazon Machine Image (AMI) for SBC in AWS Marketplace.
    3. Subscribe to the AMI for Asterisk in AWS Marketplace.
    4. Launch the Quick Start, choosing from the following options:
    5. Set up the SIP endpoints.
    6. Test the deployment by making sure that the SIP signaling interface is reachable and initiating a test call.
    7. (Optional) Obtain and install an SBC SWe license.
  •  Cost and licenses
  • You are responsible for the cost of the AWS services used while running this Quick Start reference deployment. There is no additional cost for using the Quick Start.

    The AWS CloudFormation templates for this Quick Start include configuration parameters that you can customize. Some of these settings, such as instance type, will affect the cost of deployment. For cost estimates, see the pricing pages for each AWS service you will be using. Prices are subject to change.

    Tip     After you deploy the Quick Start, we recommend that you enable the AWS Cost and Usage Report to track costs associated with the Quick Start. This report delivers billing metrics to an S3 bucket in your account. It provides cost estimates based on usage throughout each month, and finalizes the data at the end of the month. For more information about the report, see the AWS documentation.

    This Quick Start requires a subscription to the Amazon Machine Image (AMI) for SBC SWe, which is available from AWS Marketplace. Additional pricing, terms, and conditions may apply.

    This Quick Start doesn’t require a license for SBC SWe. However, if you don’t have a license, SBC SWe supports only up to two concurrent calls between registered endpoints.
    If you are interested in a higher concurrent call count or premium features such as encrypted signaling/media, you will need to purchase a license. Fill out the Ribbon SBC AMI Licensing form to request a license for enhanced services. After you deploy the Quick Start, follow the instructions in the deployment guide to apply the license to your deployment.

    This Quick Start uses the Asterisk application server as a SIP registrar and also requires a subscription to the AMI for Asterisk from AWS Marketplace. Additional pricing, terms, and conditions may apply. There is a free trial period of 15 days, after which you will be billed on an hourly or annual basis.