Editing IP Multimedia Subsystem (section)

====Call Session Control Function (CSCF) ====
Several roles of SIP servers or proxies, collectively called Call Session Control Function (CSCF), are used to process SIP signaling packets in the IMS.

* A ''Proxy-CSCF'' (P-CSCF) is a [[SIP proxy]] that is the first point of contact for the IMS terminal. It can be located either in the visited network (in full IMS networks) or in the home network (when the visited network is not IMS compliant yet). Some networks may use a [[Session Border Controller]] (SBC) for this function. The P-CSCF is at its core a specialized SBC for the [[User–network interface]] which not only protects the network, but also the IMS terminal. The use of an additional SBC between the IMS terminal and the P-CSCF is unnecessary and infeasible due to the signaling being encrypted on this leg. The terminal discovers its P-CSCF with either [[Dynamic Host Configuration Protocol|DHCP]], or it may be configured (e.g. during initial provisioning or via a 3GPP IMS Management Object (MO)) or in the [[IP Multimedia Services Identity Module|ISIM]] or assigned in the [[PDP Context]] (in [[General Packet Radio Service]] (GPRS)).
** It is assigned to an IMS terminal before registration, and does not change for the duration of the registration.
** It sits on the path of all signaling, and can inspect every signal; the IMS terminal must ignore any other unencrypted signaling.
** It provides subscriber authentication and may establish an [[IPsec]] or [[Transport Layer Security|TLS]] security association with the IMS terminal. This prevents [[spoofing attack]]s and [[replay attack]]s and protects the privacy of the subscriber.
** It inspects the signaling and ensures that the IMS terminals do not misbehave (e.g. change normal signaling routes, disobey home network's routing policy).
** It can compress and decompress SIP messages using [[SigComp]], which reduces the round-trip over slow radio links.
** It may include a Policy Decision Function (PDF), which authorizes media plane resources e.g., [[quality of service]] (QoS) over the media plane. It is used for policy control, bandwidth management, etc. The PDF can also be a separate function.
** It also generates charging records.
* An ''Interrogating-CSCF'' (I-CSCF) is another SIP function located at the edge of an administrative domain. Its IP address is published in the [[Domain Name System]] (DNS) of the domain (using [[NAPTR]] and [[SRV record|SRV]] type of DNS records), so that remote servers can find it, and use it as a forwarding point (e.g., registering) for SIP packets to this domain.
** it queries the HSS to retrieve the address of the S-CSCF and assign it to a user performing SIP registration
** it also forwards SIP request or response to the S-CSCF
** Up to Release 6 it can also be used to hide the internal network from the outside world (encrypting parts of the SIP message), in which case it's called a ''Topology Hiding Inter-network Gateway'' (THIG). From Release 7 onwards this "entry point" function is removed from the I-CSCF and is now part of the ''Interconnection Border Control Function'' (IBCF). The IBCF is used as gateway to external networks, and provides [[Network address translation|NAT]] and [[Firewall (networking)|firewall]] functions ([[Firewall pinhole|pinholing]]). The IBCF is a [[session border controller]] specialized for the [[network-to-network interface]] (NNI).
* A ''Serving-CSCF'' (S-CSCF) is the central node of the signaling plane. It is a SIP server, but performs session control too. It is always located in the home network. It uses Diameter Cx and Dx interfaces to the HSS to download user profiles and upload user-to-S-CSCF associations (the user profile is only cached locally for processing reasons and is not changed). All necessary subscriber profile information is loaded from the HSS.
** it handles SIP registrations, which allows it to bind the user location (e.g., the [[IP address]] of the terminal) and the SIP address
** it sits on the path of all signaling messages of the locally registered users, and can inspect every message
** it decides to which application server(s) the SIP message will be forwarded, in order to provide their services
** it provides routing services, typically using [[Electronic Numbering]] (ENUM) lookups
** it enforces the policy of the network operator
** there can be multiple S-CSCFs in the network for [[load distribution]] and [[high availability]] reasons. It's the HSS that assigns the S-CSCF to a user, when it's queried by the I-CSCF. There are multiple options for this purpose, including a mandatory/optional capabilities to be matched between subscribers and S-CSCFs.