* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download IP PBX - AudioCodes
Survey
Document related concepts
Wireless security wikipedia , lookup
Computer network wikipedia , lookup
Multiprotocol Label Switching wikipedia , lookup
Zero-configuration networking wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Piggybacking (Internet access) wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Distributed firewall wikipedia , lookup
Deep packet inspection wikipedia , lookup
UniPro protocol stack wikipedia , lookup
Wake-on-LAN wikipedia , lookup
SIP extensions for the IP Multimedia Subsystem wikipedia , lookup
Transcript
TM Mediant 1000 Multi Service Business Gateway Product Presentation May 2009 © 2006 AudioCodes Ltd. All rights reserved. AudioCodes Confidential Proprietary Presentation Topics MSBG Concept Mediant 1000 MSBG System Overview MSBG Functionality and Features Presentation Topics MSBG Concept Mediant 1000 MSBG System Overview MSBG Functionality and Features Today’s Converged Small-Medium Enterprise PBX Corporate LAN WAN Router PSTN Firewall SBC WAN Access VoIP Gateway Multiple Vendors to deal with Collection of Devices Cumbersome IT staff training Separate Management methodologies No distinct demarcation point High CAPEX High OPEX The Solution: Multi-Service Business Gateway PBX Corporate LAN WAN SBC Router Firewall Access Media Gateway 3rd Party IP-PBX on OSN IP PBX Corporate LAN WAN AudioCodes MSBG Offer • Leverages AudioCodes best of bread Media Gateway technology • Implement Session Border Controller (SBC) based on AudioCodes SBC technology • Add full-featured Enterprise-Class LAN Switching, Routing, Advanced QoS, Firewall and WAN access • Embedded integration of 3rd party IP-PBX hosted applications • Enhanced Media Processing functionality Presentation Topics MSBG Concept Mediant 1000 MSBG System Overview MSBG Functionality and Features Field Proven Design and Functionality • Mediant 1000 MSBG inherited the field proven design of the Mediant 1000 • Reuse of Hardware and Media Gateway software stack Mediant 1000 MSBG – Front View (1) • Scalable and cost-effective , 1U (“pizza-box”) chassis • All voice modules are hot swappable • Up to 6 I/O modules for analog and digital PSTN interfaces • Supports 1, 2, or 4 E1/T1/J1 trunk spans • Up to 24 analog ports FXS/FXO, each module with up to 4 ports and up to 6 analog modules • Up to 20 BRI ports, each module with 4 ports per module, and up to 5 modules per chassis Hardware Profile – Front View (2) • Single or Dual AC Power Supply • CRMX Module with Dual Processors • Media Processing Modules for IP2IP and Conferencing off loading Mediant 1000 MSBG – Rear View (1) • Open Solution Network (OSN) Server for 3rd Party solutions • Hard Disk CRMX Module • The Mediant 1000 MSBG introduces a new RMX module • Dual Processors – Processor for Data Networking – Processor for VoIP services – Dual processors design is optimized for best performance • 3 port 10/100/1000Base-T LAN Switch • Integrated Mezzanine for various WAN access interfaces LAN Switch – 10/100/1000Base-T Copper – Roadmap: 1000BaseSX/LX, T1 and ADSL2+ and SHDSL WAN Access Presentation Topics MSBG Concept Mediant 1000 MSBG System Overview MSBG Functionality and Features MSBG Functionality LAN Switching Data Routing Data Security MSBG Media Gateway VoIP SAS SBC MSBG Data Functionality LAN Switching Data Routing Data Security MSBG Media Gateway VoIP SAS SBC MSBG LAN Switching Functionality • CRMX supports on-board 3 10/100/1000Base-T LAN switch ports with nonblocking switching performance • Port-based VLANs supporting 802.1Q access and trunk ports • Supports 802.1p/ToS/Diffserve QoS • High performance lookup engine with support for up to 1024 MAC addresses MSBG Routing Functionality • – OSPFv2 – RFC 2328 Dynamic Host Configuration Protocol – BGPv4 – RFC 1771, RFC 2858 – DHCP server, DHCP Relay and DHCP – BGP Extended Community Client Attribute for BGP/MPLS VPNs – DHCP Server supports fixed binding of – Policy-based Routing (e.g. DSCP- IP to MAC address • based, BGP Policy Routing) Multiple IP interfaces for LAN/WAN routing – IP interfaces assignment to different VLANs • Routing – Static Routing – RIPv1 – RFC 1058 – RIPv2 – RFC 2453 • Network Address translation • WAN access via PPPoE, PPTP, L2TP, DHCP MSBG Quality of Service Architecture The INTERNET The ACCESS The MSBG The LAN SIP Server PBX Web Server Internet Email Server Access Network MSBG Other CE 802.1p Prioritization Diffserv – MAC, IP, DSCP/ToS, port and application-based Classification, Marking and Queuing Traffic Shaping WAN Rate Limiting TCP Serialization Reduction BW Reservation Class-Based Queuing (CBQ) for VoIP Prioritization over Data LAN WAN MSBG allows dynamic BW allocation with automatic ALG SIP VoIP classification and Priority while keeping WAN fully utilized WAN Link Throughput 1 Data traffic consumes WAN fractionally 4 2 Data traffic may consume more BW, while being shaped by MSBG at MAX WAN Link throughput 3 MSBG polices Data traffic due to higher priority VoIP VoIP sessions terminates freeing the WAN for Data traffic VoIP BW is guaranteed MSBG Data Security Architecture The INTERNET The ACCESS The MSBG The LAN VPN Teleworker Web Server Internet MSBG Email Server SME/SMB VPN Router Other CE SPI F.W with ALG Port Forwarding and DMZ support for Intranet Servers/Hosts Web Site Restriction NAPT/NAT Services VPN – Site-to-Site(IPSec), Teleworker VPN(PPTP, L2TP, IPSec) Application Level Gateway (ALG) • ALG allows Application Recognition intelligence to feed F.W and QoS functions for optimized, configuration-free performance: • FTP • MIRC • ICMP • AOL IM • SQLNet • ICQ • NETBios • Net2Phone • TFTP • MSFT IM • DNS • Windows messenger • Video • Yahoo IM • IPSec ESP (IPsec client ) • IKE • Skype • – Quick Time, Real Player – H.323 – Net Meeting SIP MSBG Functionality LAN Switching Data Routing Data Security MSBG Media Gateway VoIP SAS SBC MSBG SIP Media Gateway (1) • Uses Mediant 1000 most advanced and mature SIP implementation • Latest SIP version, RFC 3261 and IETF drafts • RTP and SRTP (with SDP Security – RFC 4568) • Lifeline switching in case of power failure and optional PSTN fallback or alternative routing in case of network failure – On Analog and Digital interfaces • Supports optional Media Processing Module – Up to 20 conference legs – Recording, playing and tone detection AudioCodes SAS • Continuous VoIP service for IP phones, IP-Centrex and distributed IP-PBX networks PSTN 1 4 Enterprise LAN 2 WAN IP Network 3 SIP Signaling Soft Switch Health SIP Check IP2IP Calls in Emergency Mode IP to PSTN Calls in Emergency Mode Soft Switch/ IP-PBX AudioCodes MSBG SBC (1) • The MSBG SBC is an intermediate SIP session controlling entity focused on SME/SMB requirements • MSBG SBC works in a B2BUA mode • Controlling SIP Services between Enterprise LAN and SP WAN networks • Used for connecting different SIP applications\IP-PBXs SBC AudioCodes MSBG SBC (2) • MSBG SBC Features: Transcoding and Mediation Admission Control SIP Normalization NAT Traversal Survivability Topology Hiding DoS Protection VoIP SPI Firewall SIP Routing NAT Traversal (1) • Basic NAT Traversal (e.g. ITSPs with Globally Unique IP) – Allowing LAN to WAN VoIP Signaling and Bearer by using two independent legs VoIP VPN Enterprise LAN TDM Transport MPLS VPN Backbone ITSP Soft Switch IP PBX SIP Trunk NAT Traversal (2) • Far End Users (FEU) and UA behind a NAT in the WAN – Managing dynamic DB according to FEU Registrations – Maintaining remote NAT binding state, by setting frequent Registration refreshments • Offloading FEU refresh Registrations from the LAN IP PBX – First Incoming RTP Packet is used to overcome bearer NAT Traversal Enterprise NAT 1 3 Enterprise LAN 2 Enterprise VPN MPLS VPN Backbone FEU registers in MSBG DB Offloading FAU Registrations from IP PBX IP PBX NAT Binding Refresh FEU VOIP Firewall and security • Layer 3 firewall – out of the Data/Routing functionality of the MSBG • SIP Signaling – Deep and stateful packet inspection of all SIP Signaling packets – Each SIP dialog initiation may be accepted\ rejected according to the values of the incoming SIP message and other layer 3 characteristics • SIP TLS provides for Authentication as well – Packets not belonging to a valid SIP dialog are discarded • RTP – – – – Opening pin holes according to offer answer negotiation Deep packet inspection of all RTP packets Late rouge detection Broken connection • Black / White lists – for both Layer 3 FW and SIP Classification