Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Net neutrality law wikipedia , lookup
Wireless security wikipedia , lookup
Computer security wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Piggybacking (Internet access) wikipedia , lookup
Wake-on-LAN wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Deep packet inspection wikipedia , lookup
Distributed firewall wikipedia , lookup
SIP extensions for the IP Multimedia Subsystem wikipedia , lookup
The Need for Enterprise Session Border Controller The E-SBC allows the enterprise to control its SIP implementation ® The Ingate SIParator 1 Why does the Enterprise need an SBC? Normalization of the SIP signaling NAT and Firewall traversal Eliminate single points of failure Quality of Service • Protect against Denial of Service attacks Disaster recovery Reduce opportunity for theft of services Intrusion Prevention / Detection Avoid delivery of mal-formed packets Control through authentication • To enable SIP to the enterprise To permit placement of the PBX behind the firewall Security through deep packet inspection To insure interoperability with the service provider To deliver the highest quality voice Performance metrics Encryption for private communications Two Ways to Connect to a SIP Trunk Over a Managed Line Over the Public Internet PSTN PSTN Public Internet SIP Trunking Provider Network SIP System Public Internet SIP Trunking Provider Network SIP System SIP Trunk over Internet Managed SIP Trunk IPPBX IPPBX Data & VoIP LAN Data & VoIP LAN Confirmed Interoperability Service providers 360 Networks Airespring AT&T BandTel Bandwidth.com Bell Canada Broadvox Cablevision Cbeyond Cellip Cordia Deltacom Excel Gamma Global Crossing IP-Only Nectar Level 3 Netlogic NetSolutions Nexvortex Nuvox OneCommunications Paetec Primus Qwest RNK Telecom Skype SoTel TDC Tele2 Toplink Verizon VoEX VoIP Unlimited Windstream Voxbone More in pipeline..... Ingate SIParator® -orIngate Firewall SIP Trunk Compliant with Carrier Equipment Acme Packet Broadsoft GenBand Sonus IP-PBXs Aastra Aastra MX-One Adtran Netvanta UC Avaya CM & SM Cisco Call Manager Digium / Asterisk Fonality HP VCX Innovaphone Interactive Intelligence Iwatsu Microsoft OCS 2007 Mitel NEC / Sphere Nortel BCM / SCS / CS1K Panasonic SER Shoretel Siemens SIP-Gear Swyx NAT and Firewall Traversal Problem Public Internet SIP Trunking Provider PSTN SIP System SIP Trunking does not pass a SIP unaware NAT/firewall! IP-PBX … and the firewall cannot even be opened enough to make it work. Data LAN E-SBC Functions Ingate SIP Proxy SIP Proxy/Registrar SIP Signaling 168.x.xx 10.x.xx Media IP-Phone ITSP 1.Check the SIP signaling, packet inspection -Full flexibility to handle future threats 2.Rewrite for the different address spaces 3.Forward the signaling to the correct SIP proxy or client 4.Open ports (UDP/TCP) in the firewall for the media -Only for the duration of the call -Only between the exact endpoints 5.Media flows through the ports 6.Close ports after the call DOS Protection Dynamically allow authenticated users Mobile user Spammer IP-PBX Internet ITSP Block non authenticated users Monitor traffic and block end-points with a un-normal behavior Encryption • Encrypted SIP signalling – Support for TLS • Encrypted media – Support for SRTP (Sdescriptions) Termination , Pass through or Transcoding IP-Phone TLS TLS In Inthe the clear clear SRTP SRTP RTP SRTP __SRTP__ Ingate Firewall or SIParator IP-PBX / SIP Server Extensive SIP Feature Set Far-End NAT Traversal and STUN Sol. for Remote Workers Encryption Security SIP Filtering SIP Proxy, ALG, B2BUA, Registrar Firewall & NAT Flexible Control SIP Trunking Tool Set SIP Trunking ENUM Support Near-End Traversal Authentication Taffic QoS, Mgmt Termination / Transcoding SIP-ALG-only Firewalls can only do this much Network Installation Options Why does the Enterprise need an SBC? Eliminate interoperability issues Resolve NAT traversal through the firewall Security Place the PBX in the private IP space Authenticate to prevent theft of services Protect against Denial of Service attacks Eliminate single points of failure Manage bandwidth for optimal voice experience Measure quality of the voice Encryption of Signaling and Media for privacy Please contact me at any time: Steve Johnson President Mail & SIP: [email protected] Direct: 1-603-883-6569