Acme Packet is one of two companies I watch very closely in the sessions border controller space. I've spoken with them several times. I'm looking forward to their participation in a panel I'll be moderating on VoIP security at the upcoming Internet Telephony Expo in Los Angeles.

Here's an announcement detailing over 40 new features for the latest release of their Net-Net OS session border controller, advancing the control functions of the Net-Net SBCs in the areas of security, service reach maximization, SLA assurance, revenue and profit protection and regulatory compliance. Yes, you read that right, over 40 new features. They've been hard at work.

Acme Packet Advances Access Border Control Functions
Net-Net OS Release 5.0 extends capabilities of Acme Packet Net-Net session border controllers for controlling access to service provider, enterprise and contact center VoIP networks

BURLINGTON, MA, JUNE 14, 2007 — Acme Packet® (NASDAQ: APKT), the leader in session border control solutions, today announced over 40 new features and enhancements that further extend the capabilities of its Net-Net® session border controllers (SBCs) for controlling access to IP voice (VoIP), video and multimedia networks. These features, delivered in Net-Net OS Release 5.0, advance the control functions of the Net-Net SBCs in the areas of security, service reach maximization, SLA assurance, revenue and profit protection and regulatory compliance.

In service provider networks, the access border is between the provider’s residential, business or mobile subscribers and its core service infrastructure, which includes devices such as softswitches, IMS call session control function (CSCF) elements, application servers, media servers and media gateways. In large enterprises, this border is in the data center between the enterprise’s employees or Internet-connected customers and its IP PBX and other VoIP application servers. And in contact centers, this border is in the data center or at the edge of a multiprotocol label switching (MPLS) network, spanning multiple sites between the contact center’s customers and home-based customer service representatives, and the contact center’s core network, which includes automatic call distributor (ACD) and interactive voice response (IVR) systems as well as application and media servers.

“As the SBC market leader, with an installed base approaching 400 customers, we are in a unique position with regards to understanding our customers’ advanced requirements for controlling their access borders,” said Seamus Hourihan, Acme Packet’s vice president of marketing and product management. “The vast majority of these new features were developed in direct response to the numerous requests we receive daily from our service provider, enterprise and contact center customers around the world.”

New access border features for advanced control
The new access border control features in Net-Net OS Release 5.0 (detailed in the table below) enhance the advanced signaling and media control required by service providers, enterprises and contact centers at their access borders. They further enhance the functions of Acme Packet Net-Net SBCs in the areas of security, service reach maximization, SLA assurance, revenue and profit protection and regulatory compliance.

In the area of security, several enhancements improve the SBC’s denial of service (DoS) and distributed DoS (DDoS) self-protection capabilities for session initiation protocol (SIP), transport layer security (TLS), media gateway control protocol (MGCP) and address resolution protocol (ARP) attacks or overloads. The SIP enhancement enables the Net-Net SBC to differentiate between a massive endpoint re-registration event and a malicious registration flood attack. TLS performance is optimized via TLS session caching and reuse. A collection of new SIP, H.323, SIP-H.323 interworking (IWF) and session description protocol (SDP) control features improve the ability of the SBC to deliver trusted services.

New signaling and media control features in Net-Net OS 5.0 further augment service/application support and maximize reach. Because session content is moving beyond just interactive voice and video, Acme Packet’s comprehensive control capabilities have been extended to the data, text, image and application content of multimedia sessions, such as gaming and multimedia collaboration. Admission control, quality of service (QoS) marking or mapping and bandwidth policing is now provided for these media types. Many new SIP, H.323, SIP-H.323 interworking and SDP enhancements facilitate greater interoperability to extend service reach.

Several new overload and admission control features assure service level agreements (SLAs) for incoming traffic and police network usage. Overloads on core signaling softswitches or IMS CSCF elements can be controlled by selective call rejection or diversion based upon telephone number, IP address or domain. Aggregate signaling constraints are now supported by individual SIP interfaces. Limits on individual SIP users in terms of the number of active calls or bandwidth being used can be enforced.

Acme Packet’s portfolio of regulatory compliance features has also significantly expanded. For emergency (E911) service within IMS architectures, an ETSI TISPAN-compliant DIAMETER e2 interface to an external location server is now supported. This interface enables the SBC to add location information to SIP message headers and assists in routing to the appropriate emergency service center (PSAP). In the area of lawful intercept, Net-Net OS 5.0 supports the ETSI TISPAN interfaces—X1_1 for target provisioning, X2 for call data delivery and X3 for call content delivery.

Collectively, these new features, combined with the extensive and robust set available in prior releases, enable service providers, large enterprises and contact centers to support new services and applications, extend service reach, ensure quality and control costs using a secure, trusted Acme Packet SBC solution.

	Security	Service reach	SLA assurance	Revenue & profit protection	Regulatory compliance
Security
SBC DoS protection - SIP registration restart avalanche protection	X		X
SBC DoS protection - TLS	X
SBC DoS protection - MGCP enhancements, on/off hook notify	X
SBC DoS protection - ARP queues and policing	X
IPSec scalability - 256,000 security associations (new network interface units, 1GB add-on memory)	X
SIP TLS scalability (1GB add-on memory)	X
SIP TLS session caching & reuse	X		X
SIP registration event package (RFC3680) security	X
SIP delayed media update	X
H.323 core signaling interface per IP PBX	X
IWF: privacy for IP PBX trunking	X
IWF: privacy extensions for untrusted networks	X
Signaling overload control - selective call SDP - anonymization	X
Signaling & media control
Multimedia (data, application, image, text) control	X	X	X
SIP header manipulation rules using regular expressions		X
SIPconnect for IP PBX		X
SIP IMS implicit service route		X
SIP/TCP NAT traversal - separate configurable registration interval		X
SIP INFO - RFC2833 DTMF interworking		X
SIP port mapping - AoR to core SIP/UDP ports		X
SIP random registered-contact (Japan TTC JJ-90.22)		X
SIP response maps - per SIP interface		X
SIP configurable timers - per SIP interface & realm		X	X
H.323 codec fallback - slow start to fast start		X
H.323 NOTIFY support		X
IWF: H.323 RAS failure codes - SIP failure code mapping		X
SDP - codec removal & reordering		X
Overload & admission control, load balancing & routing
Core signaling overload control - selective call rejection/diversion by phone number, IP address, domain	X		X	X	X
Admission control - policy server DIAMETER interface (ETSI TISPAN A-RACF Rq, 3GPP PDF Gq)			X
Admission control - policy server connection failure options			X
Admission control - emergency session overrides			X		X
Admission control - SIP interface, aggregate signaling constraints			X
Admission control - SIP user per realm, session and bandwidth limits	X		X	X
Admission control - SIP media release policies			X
Admission control - SDP RTP flows, encoding of public IP addresses  (PCMM)			X
Load balancing - automatic recursion within session agent group			X	X
H.323 RAS LRQ alternate routing			X
Emergency services
Admission control - location server DIAMETER interface (ETSI TISPAN NASS CLF e2)					X
Lawful intercept
LI ETSI X1_1, X2 & X3 interface support		X			X
LI complex call flow support - SS8 & Verint					X
LI configuration access control - administrator security	X				X
LI dynamic reconfiguration					X
LI target provisioning - SIP URI		X			X

About Acme Packet
Acme Packet, the leader in session border control solutions, enables the delivery of trusted, first class interactive communications—voice, video and multimedia sessions—across IP network borders. Our Net-Net family of session border controllers supports multiple applications in service provider, large enterprise and contact center networks— from VoIP trunking to hosted enterprise and residential services to fixed-mobile convergence. They satisfy critical security, service assurance and regulatory requirements in wireline, cable and wireless networks; support multiple protocols— SIP, H.323, MGCP/NCS and H.248; and support multiple border points—interconnect, access and data center. Our products have been selected by over 390 service providers in 77 countries, including 23 of the top 25, and 75 of the top 100 service providers in the world. For more information, contact us at +1 781.328.4400, or visit www.acmepacket.com.

Acme Packet Safe Harbor Statement
Statements contained herein that are not historical fact may be forward-looking statements within the meaning of Section 27A of the Securities Act of 1933 and Section 21E of the Securities Exchange Act of 1934. Such forward-looking statements may relate, among other things, to our position in the session border control market, our expected financial and operating results, our ability to establish and maintain intellectual property rights, our ability to build and grow Acme Packet, the benefits and advantages of our products, including any enhancements or new features, services and programs and our ability to achieve our goals, plans and objectives. Such forward-looking statements do not constitute guarantees of future performance and are subject to a variety of risks and uncertainties that could cause our actual results to differ materially from those anticipated. These include, but are not limited to: difficulties in growing our customer base, difficulties leveraging market opportunities, difficulties providing solutions that meet the needs of customers, poor product sales, long sales cycles, difficulty developing new products, difficulty in relationships with vendors and partners, higher risk in international operations, difficulty managing rapid growth, and increased competition. Additional factors that could cause actual results to differ materially form those projected or suggested in any forward-looking statements are contained in our recent filings with the Securities and Exchange Commission, including those factors discussed under the caption “Risk Factors” in such filings.

# # #