The SIP trunking enabler Solutions for SIP Trunking
The SIP trunking enabler Solutions for SIP Trunking
Benefits of Ingate SIP Trunking Products for Service Providers § Support for all SIP PBX’s in the market § Expansion of Service Provider market of opportunity § Service Provider Demarcation Point § Clear point of demarcation towards customer § Resolution of NAT traversal issues § Security and Control § Easy expansion to support Unified Communications § Ingate Element Management System § Efficient provisioning and monitoring
SIP Trunking and Beyond Core Functionality: § NAT/Firewall traversal § Interoperability between PBX and Service Provider Networks § Quality of Service (Qo. S)` § Security § Service Provider Demarcation Point An Ingate solution can also enable: § § Connecting remote users to the PBX Secure interoffice connection Wi. Fi mobile phone communication Multimedia communication
Benefits of SIP Trunking § § § Monthly cost savings Single network for all communications Lower cost of Moves, Adds and Changes Disaster Recovery / Business Continuity User provisioning First step in achieving Unified Communications § Voice, Video, IM, Presence, etc. § Remote workers § Wi. Fi mobile phone communication SIP is the future of Telecommunications
The Ingate Products Enabling General NAT/firewall Traversal for SIP Complete Firewalls Add-on to Existing Firewalls SIParator® Existing Firewall DMZ § Firewall & NAT/PAT § SIP Proxy § SIP Back to Back User Agent § SIP Registrar
The Ingate Family d gra le sib to SW s Po up Firewall® 1550 or SIParator® 55 Firewall® 1500 or SIParator® 50 Firewall® 1190 or SIParator® 19 e 300 Calls* 380 Mbit/s 75000 Packets/s 150 Calls* 330 Mbit/s 28500 Packets/s 50 Calls* 50 Mbit/s 4500 Packets/s *) Calls = Concurrent RTP Sessions = SIP Trunks Firewall® 1650 or SIParator® 65 Firewall® 1900 or SIParator® 90 650 Calls* 385 Mbit/s 125 000 Packets/s 1 500 Calls* 2 600 Mbit/s 230 000 Packets/s
Confirmed Interoperability IP-PBXs Service providers § 360 Networks §Airespring §AT&T §Band. Tel §Bandwidth. com §Broadvox §Cbeyond §Cellip §Cordia Corporation §Excel Switching §Gamma §Global Crossing §IP-Only § Juma Networks Ingate SIParator® -or. Ingate Firewall §Level 3 §Netlogic §Nexvortex §Nuvox §O 1 §Paetec §Primus §RNK Telecom SIP Trunk §TDC §Tele 2 §Toplink Compliant with §Vo. EX §Vo. IP Unlimited §Voxbone More in pipeline. . . Carrier Equipment §Acme Packet §Broadsoft §Nex. Point §Sonus §Sylantro See: www. siptrunk. org § 3 Com §Aastra §Digium / Asterisk §Avaya §Cisco Call Manager §Ericsson MX-One §Fonality §Innovaphone §Interactive Intelligence §Iwatsu §Microsoft §Mitel §NEC / Sphere §Nortel §Objectworld §SER §Shoretel §Siemens §SIP-Gear §Swyx More in pipeline. .
The Live IP Communication Problem of the Decennium A common Network and common Protocols changed our lives: SMTP gave us global email! HTTP gave us the WEB! IMS SIP is the Internet standard for Live IP Communication: The next step of Internet usage! Find each other and do something in real time. Telephony being just one application. However, SIP does not traverse the common NATs and firewalls* separating the LANs from the Internet . * Live IP Communication Requires: - Locate the person - Set up a session - Open real time media streams (SIP based) Internet email FW FW LAN web FW FW LAN
The Ingate SIP Architecture Firewall & NAT Router ü Dynamic NAT & Firewall Engine ü SIP Proxy Server, capable of routing to/from various address spaces (NAT) ü The routing SIP Proxy Server controls the media through the NAT & Firewall ü SIP Registrar for user location information SIP Proxy User Location
Extensive SIP Feature Set SIP Trunking Se r C vic om e pa Pro tib vid ilit e y r SIP Filtering Qo. S, Taffic Mgmt ENUM Support y BX ilit -P tib IP pa om C SIP Trunking Tool Set Flexible Control t Firewall & NAT Authentication SIP Proxy, ALG, B 2 BUA, Registrar se ol Near-End Traversal To Termination / Transcoding EM Encryption O IP Ba Cen ck tre up x Security Far-End NAT Traversal and STUN Sol. for Remote Workers SIP-ALG-only Firewalls can only do this much
IP-PBX Trunk Must Meet Service Provider Trunk PSTN SIP Trunking Provider Network. GW SIP System SIP Trunk 1) 2) 3) 4) 5) IPPBX Why may Ingate be required to connect a PBX? 1) NAT/Firewall Traversal – Must NAT to same address space! 2) Basic SIP and Network Interoperability - E. g. Authentication, Registrations, UDP/TLS/TCP, Dynamic IP address, etc. 3) SIP Repair - E. g. Call Transfer, Fragmented packets, Bugs, etc. 4) Features - E. g. Remote Users, Administration (remote and local) 5) Security - E. g. Will LAN be opened? Is the PBX designed to be public? 2) 3) 4) 5) SIP Trunk Interface Modern IP-PBXs are of this type. Media goes directly between phone and SIP Trunk. PBX with system phones IPPBX Few PBXs are of this type. Asterisk with firewall (IPtables /NETfilter) can be compiled and configured this way, but requires a lot. Vo. IP & Data LAN only PBX Type 1 Signaling: Media: PBX Type 1. 5 PBX Type 2
NAT/Firewall Traversal Problem when SIP Trunking over the Internet Public Internet SIP Trunking Provider SIP System GW PSTN SIP Trunking does not pass a SIP unaware NAT/firewall! IP-PBX Firew all …and the firewall cannot be opened enough to make it work because of NAT. Data LAN
With a SIP Trunk over the Internet, it is not really an option to just connect it to a Vo. IP LAN. Public Internet SIP Trunking Provider SIP System SIP Trunk Over the Internet IP-PBX Who will issue a public white IP addresses to every Phone? Firew all GW PSTN Severe Security Warning! No one wants the whole Voice LAN exposed to the Internet. Any extra firewall here needs to be SIP aware or widely open. Data LAN Vo. IP LAN ? ? No Soft or Multimedia Clients! UC?
Ingate Firewall® Creating a Common Data and Vo. IP LAN for SIP-Trunking over the Internet SIP Trunking Provider Public Internet Remote Users IP PBX SIP System PSTN GW SIP Trunk over Internet Firew all Ingate Firewall® Demarcation point and bringing SIP communication to the LAN Data & Vo. IP LAN with Qo. S Soft Clients and Multimedia Terminals
Ingate SIParator® Used with Existing Firewall for SIP Trunking Service over Internet Public Internet Remote Users IP-PBX SIP Trunking Provider SIP System GW PSTN SIP Trunk over Internet Firew all Ingate SIParator® Demarcation point and bringing SIP communication to the LAN Data & Vo. IP LAN Soft Clients and Multimedia Terminals
Managed SIP Trunk Connected to Separate Enterprise Vo. IP LAN in Operator’s Space SIP Trunking Provider Network GW Public Internet No Remote Users! IP-PBX Will Service Provider issue IP addresses to every Phone? PSTN SIP System Managed SIP Trunk Firew all Provider: Security Warning! Enterprise: Security Warning! Data LAN Vo. IP LAN ? ? No Soft or Multimedia Clients! UC?
Managed SIP Trunking with SBC Adapting SIP to NAT: ed Space of the Enterprise LAN SIP Trunking Provider Network GW Public Internet No Remote Users! IP-PBX PSTN SIP System Enterprise: Do we dare let the Service Provider have full access to our LAN? Managed SIP Trunk Firew all Other customers Vo. IP& Data LAN
Ingate SIParator® Used with Existing Firewall for Managed SIP Trunking Service Public Internet Remote Users IP-PBX SIP Trunking Provider Network GW PSTN SIP System Managed SIP Trunk Firew all Ingate SIParator® Demarcation point and SIP communication via both WAN pipes. Data & Vo. IP LAN Soft Clients and Multimedia Terminals
Ingate Firewall® Creating a Common Data and Vo. IP LAN for Managed SIP Trunking Service Public Internet Remote Users IP-PBX SIP Trunking Provider Network GW PSTN SIP System Managed SIP Trunk Ingate Firewall® Demarcation point and SIP communication via both WAN pipes. Data & Vo. IP LAN Soft Clients and Multimedia Terminals
SIP Trunking Over on a Dedicated Access, with a Central SBC doing Far End NAT Traversal through NAT/FW SIP Trunking Provider Network Public Internet PSTN SIP System Far end NAT traversal through NAT/FW by keep alive packets etc. from Operator SBC. No Remote Users! IP-PBX GW Firew all Custo m NAT/ er FW Dedicated access for Qo. S. Does not work with all NATs & Firewalls. No PBX SIP normalization. Vo. IP& Data LAN
Ingate SIParator® Used with Existing Firewall for Managed SIP Trunking Service Public Internet Remote Users IP-PBX SIP Trunking Provider Network GW SIP System Managed SIP Trunk Firew all PSTN No far end NAT traversal workaround required. Ingate SIParator® Demarcation point and SIP communication via both WAN pipes. Data & Vo. IP LAN
Ingate Firewall® Creating a Common Data and Vo. IP LAN for Managed SIP Trunking Service Public Internet Remote Users IP-PBX SIP Trunking Provider Network GW PSTN SIP System Managed SIP Trunk No far end NAT traversal workaround required. Ingate Firewall® Demarcation point and SIP communication via both WAN pipes. Data & Vo. IP LAN
SIP Trunking Over a Dedicated or Internet Access, with a Central SBC doing Far End NAT Traversal through CPE NAT Public Internet SIP Trunking Provider Network GW SIP System No Remote Users! IP-PBX Firew all ADSL NAT R outer PSTN Far end NAT traversal through CPE router by keep alive packets etc. from Operator SBC. Dedicated access for Qo. S. Does not work with all NATs & Firewalls. No PBX SIP normalization. Vo. IP& Data LAN
SIP Trunking Over on an Internet Access, using an Ingate/Intertex CPE (Firewall/SIParator) with ADSL Public Internet Remote Users IP-PBX SIP Trunking Provider Network GW Separate Internet data access is optional. Combined Data Fi&re. Vo. IP wall Service with Qo. S possible. SIP System PSTN No far end NAT traversal workaround required. A with DSL F E-S W BC ADSL 2+ Annex A/B/M Built in E-SBC with SIP NAT/Firewall Traversal, Qo. S and SIP normalization. Vo. IP & Data LAN
Two Ways to Provide a SIP Trunk Over a Managed Line Over the Public Internet PSTN SIP Trunking Provider Network. GW Public Internet SIP System PSTN Managed SIP Trunk IPPBX Firew all Data & Vo. IP LAN SIP Trunking Provider Network. GW Public Internet SIP System SIP Trunk over Internet IPPBX Firew all Data & Vo. IP LAN
SIP Trunking plug-and-play Step 1 – Address provisioning A. Connect Your Ingate according to the picture B. Type MAC address and IP address of the Ingate unit. D. Press Next and the tool will automatically provide an IP address to the Ingate. C. Select a password. No password is set default. E. When done the SIP Trunking tool can be launched. Status information
SIP Trunking plug-and-play A. Select ITSP from drop down menu and provide necessary account information Step 2 – Trunking configuration B. Select IP PBX brand & IP address on your internal network. C. Select SIParator type (only available for SIParators). D. DNS servers to use. Optional E. Optional to add and remove prefixes. F. Configure external interface using DHCP or static IP G. Configure netmask for the internal network H. When done, the tool will generate a configuration based on your input and you will automatically be redirected to the Ingate and only need to apply the configuration and you are done!
Please contact me at any time: Steve Johnson President Mail & SIP: steve@ingate. com Mobile: 1 -603 -557 -7918 Direct: 1 -603 -883 -6569
- Slides: 28
