Скачать презентацию SIP trunk Problems Solutions Shore Tel
1d4bde89767220db2086956f1cc77e78.ppt
- Количество слайдов: 17
Скачать презентацию SIP trunk Problems Solutions Shore Tel
Скачать презентацию SIP trunk Problems Solutions Shore Tel
SIP trunk Problems & Solutions Shore. Tel & INGATE Siparator Jerome Joanny Sr Product Manager - Shore. Tel Enterprise Pure IP Telephony Solutions Shore. Tel CONFIDENTIAL (c) Shore. Tel, Inc. 2007 -- ALL RIGHTS RESERVED
SIP Trunk - What are the advantages? • Lower recurring costs from the carrier • Flexible calling plans – bundled minutes, no long distance charges • More feature offering – virtual numbers • Deployment flexibility – Incremental provisioning vs. block provisioning – Self serve portals – buy services without meeting your rep – Quicker increments – no waiting for a truck roll • Dual use of data pipe, voice and data Calls Data Company A Shore. Tel CONFIDENTIAL (c) Shore. Tel, Inc. 2007 -- ALL RIGHTS RESERVED IP Cloud
SIP trunking problems • NAT traversal for SIP – NAT resides at L 3/L 4 – SIP at L 7 – NAT processing “breaks” SIP addressing • Network & SIP Communication security – Physical medium is the IP pipe – Firewalls control what goes in or out such pipe • SIP Protocol Normalization & translation – Not all SIP are created equal … and compatible – Open Standard …open to interpretations Shore. Tel CONFIDENTIAL (c) Shore. Tel, Inc. 2007 -- ALL RIGHTS RESERVED
The ‘NAT’ and SIP Story • • The Details of port and private IP address are encapsulated in the SIP header message Application Layer messages contain information that isn’t relevant outside of the enterprise network SIP Header Invite From: 192. 168. 1. To: 65. 73. 1. 34: 5060 IP 192. 168. 1. 55 ? Public IP 65. 73. 1. 34 Client B Client A Public IP 64. 72. 1. 31 Public IP 66. 63. 1. 23 Client Y IP 192. 168. 1. 57 Company A Shore. Tel CONFIDENTIAL (c) Shore. Tel, Inc. 2007 -- ALL RIGHTS RESERVED
Network & SIP security issues • SIP trunks use IP infrastructure • IP networks are ‘protected domains’ connected by untrusted ‘public’ connections. • Reliable method is required that allows communication between domains protected by Firewalls Carrier SIP Trunk Cloud Firewall Ouch! Company A Firewall Ouch! Firewalls block the prime function of a trunk – Allow systems from different enterprises connect Shore. Tel CONFIDENTIAL (c) Shore. Tel, Inc. 2007 -- ALL RIGHTS RESERVED Company B
The SIP Normalization situation Sure! I will transfer you to Jane John ‘REFER’ to Jane Bob 972 -678 -0464 603 -883 -6569 Shore. Tel Hi John ! May I speak with Jane ? ALG Call-ID: X ? REFER? 603 -883 -6580@ shoretel. com What's that? IP 168. 203. 30. 11 Jane 603 -883 -6580 Shore. Tel CONFIDENTIAL (c) Shore. Tel, Inc. 2007 -- ALL RIGHTS RESERVED (Jane)
Shore. Tel & Ingate : delivering a solution that Works ! • Solve SIP firewall and NAT traversal issues with a consistent solution – NAT traversal problems are the source of 90% initial setup issues • Ensure customers can keep total ownership of network security when SIP is introduced • Provide SIP normalization if/when required • Provide partners and customers validated ‘end to end’ multi-vendor solutions in the SIP ‘plug and pray’ era Shore. Tel CONFIDENTIAL (c) Shore. Tel, Inc. 2007 -- ALL RIGHTS RESERVED
INGATE Siparator addressing the NAT issue 603 -883 -6569 Firewall 972 -678 -0464 To: 972 -678 -0464@ IP 168. 105. 45. 19 From: 603 -883 -6569 @10. 200. 16 Shore. Tel IP 10. 200. 16 For calls to route successfully internal IP addresses have to be re-written The SBC handles the Network Address Translation (NAT) Shore. Tel CONFIDENTIAL (c) Shore. Tel, Inc. 2007 -- ALL RIGHTS RESERVED IP 168. 203. 30. 11 Address re-write IP 168. 203. 30. 11 To/URI: 972 -678 -0464@ IP 168. 105. 45. 19 account@provider. co m From: 603 -883 -6569 @10. 200. 16
ITSPs can’t reach the IPBX in the LAN Service Provider can only address the known public IPaddress of the Enterprise 603 -883 -6569 Shore. Tel 972 -678 -0464 Firewall From: 972 -678 -0464@ IP 168. 203. 30. 11 To: 603 -883 -6569@168. 105. 45. 19 IP 10. 200. 16 For calls to route successfully IP addresses have to be re-written The SBC again handles the Network Address Translation (NAT) Shore. Tel CONFIDENTIAL (c) Shore. Tel, Inc. 2007 -- ALL RIGHTS RESERVED IP 168. 203. 30. 11 Address re-write To/URI: 603 -883 -6569@168. 105. 45. 19 IP 10. 200. 16 IP 168. 105. 45. 19
No Need to Replace the Existing How does the Siparator help? Firewall! Normal Firewalls Siparator DMZ SIP-enables any firewall It works with existing firewalls Dynamically manages ports need for SIP: -SIP Signaling port 5060 -Range of UDP/TCP ports Provides a B 2 BUA & SIP Proxy Shore. Tel CONFIDENTIAL (c) Shore. Tel, Inc. 2007 -- ALL RIGHTS RESERVED
The ITSP SIP transfer problem B 2 BUA handles the “REFER” SIP method locally and a new media stream is set up to Jane Sure! I will transfer you to Jane John 603 -883 -6569 Shore. Tel Hi John ! May I speak with Jane ? ITSP sees a RE-INVITE with the same Call ID REFER to Jane Bob 972 -678 -0464 ALG Call-ID: X ? Call-ID: Y IP 168. 203. 30. 11 DMZ Re-INVITE Jane 603 -883 -6580 Shore. Tel CONFIDENTIAL (c) Shore. Tel, Inc. 2007 -- ALL RIGHTS RESERVED SBC with B 2 BUA *) The REFER SIP method
Shore. Tel’s philosophy on integration • Provide partners and customers with validated ‘end to end’ multi-vendor solutions in the SIP ‘plug and pray’ era – Making it all work together can be as complex as solving a third order differential equation – Allow partners to work with ‘known entities’ • Solve SIP firewall and NAT traversal issues with a consistent solution – Allow support to be clear on the components of the solution and isolate problems easily Shore. Tel CONFIDENTIAL (c) Shore. Tel, Inc. 2007 -- ALL RIGHTS RESERVED
Summary • SIP trunking works • The ‘solution’ is about more than just connectivity • There are many flavors of SIP out there – Be sure you only use those validated as working together Shore. Tel CONFIDENTIAL (c) Shore. Tel, Inc. 2007 -- ALL RIGHTS RESERVED
Backup Shore. Tel CONFIDENTIAL (c) Shore. Tel, Inc. 2007 -- ALL RIGHTS RESERVED
SIP Trunks Misconceptions • They must be the same as it says ‘trunk’ • They are IP so they require less HW • They are cheaper – really? – Depends on what your counting • You can just connect directly – Security? – What’s that? Call 408 348 8545 SIP Trunk Carrier SIP Trunk Cloud 15 Company A Shore. Tel CONFIDENTIAL (c) Shore. Tel, Inc. 2007 -- ALL RIGHTS RESERVED
Template page • Single image system with best in class Carrier SIP Trunk Cloud Company B Company A Shore. Tel CONFIDENTIAL (c) Shore. Tel, Inc. 2007 -- ALL RIGHTS RESERVED 16
• Each device has its own private IP address. IP 192. 168. 1. 55 IP 192. 168. 1. 1 Client A From: 64. 72. 1. 31: 2000 To: 65. 73. 1. 33: 80 Public IP 65. 73. 1. 33 Client B Public IP 64. 72. 1. 31 Public IP 66. 63. 1. 23 Client Y Client X IP 192. 168. 1. 56 IP 192. 168. 1. 57 Company A Shore. Tel CONFIDENTIAL (c) Shore. Tel, Inc. 2007 -- ALL RIGHTS RESERVED
Скачать презентацию SIP trunk Problems Solutions Shore Tel
1d4bde89767220db2086956f1cc77e78.ppt