burkett sura

Information about burkett sura

Published on January 4, 2008

Author: Cinderella

Source: authorstream.com

Content

Slide1:  Calling Across The Boundaries Mike Burkett, VP Products [email protected] April 25, 2002 Why should you care about NATs and Firewalls?:  Why should you care about NATs and Firewalls? Network Address Translation (NAT) and Firewalls will block your IP voice and video calls. What is NAT?:  What is NAT? Network Address Translation Allows multiple users/devices to share a single public internet address Implemented within the router Think of it like a PBX with a public trunk number and private extensions for IP networks Shared Public Address 64.121.30.1 What is a Firewall?:  What is a Firewall? Separates and “Protects” the Private Network from the outside world. Examines every packet that goes in to or out from the enterprise. Typically blocks all unsolicited inbound packets Think of a mail room clerk filtering your inbound and outbound mail Outside World Private Network Unsolicited Disallowed Why H.323 & SIP Don’t Work…:  Why H.323 & SIP Don’t Work… With firewalls Require inbound connections for inbound calls Each call requires multiple TCP and UDP connections to random ports With NATs Private addresses hidden from the outside network – means no inbound calling Outbound calling endpoints request media sent to their private address – means one way video/audio The Imaginary IP World:  The Imaginary IP World No Firewalls No NAT No Security All public IP Addresses All Calls Successful Not the real world! Bob 64.123.31.15 Susan 34.58.15.21 Tom 216.115.109.7 Branch Office 208.45.133.21 Teleworker 24.30.203.101 Corporate 207.46.230.5 Today’s Real IP Video World:  Today’s Real IP Video World WAN WAN Bob 10.2.1.5 Susan 192.168.0.107 Tom 192.168.0.108 Teleworker 10.100.5.4 Corporate 10.1.1.25 Branch Office 172.16.31.13 Firewall/NAT at the edge of the corporate network NAT or Firewall hidden in the network Firewalls & NAT: Where?:  Firewalls & NAT: Where? Deployed Everywhere: Corporate Networks Home Networks Individual PCs And Hidden In the Net Anywhere someone wants to Share a connection Protect a network WAN What choices do you have?:  What choices do you have? Bypass Public Endpoints Private Network Gateway MCU Replace Upgrade Hardware Infrastructure Traverse Use Ridgeway Software Bypass: Public Endpoints:  Bypass: Public Endpoints How Give the endpoints public IP addresses Move them outside the firewall Benefits May be lowest capital cost? Issues Requires Dedicated Public IP Addresses Removes Protection of Firewall Not easily scalable Cannot overcome network based NAT/FW WAN Bypass: Private Network:  Bypass: Private Network How Establish Virtual Private Network (VPN), usually via Firewall configuration Benefits Works for Intra-Company communications May already be in place Issues Not for inter-enterprise communications Requires configuration at every location May have performance impacts – increased delay Some VPNs won’t handle NAT WAN Bypass: PSTN/ISDN Gateway:  Bypass: PSTN/ISDN Gateway How Gateway to PSTN or ISDN at edge of network Benefits May already be in place for calling “off-net” Issues Loses benefits of the pure IP solution Doesn’t solve problem for the mobile IP endpoint IP WAN PSTN/ ISDN Bypass: MCU:  Bypass: MCU How Deploy MCU with two network interfaces, one inside & one outside of firewall/NAT Benefits Natural extension for existing MCU deployments Issues Can be expensive solution; not appropriate for SOHO or consumer deployment Localized solution, needs to be deployed at every NAT/FW Cannot overcome network based NAT/FW WAN Replace: Upgrade Infrastructure:  Replace: Upgrade Infrastructure How Upgrade firewalls and routers with Application Level Gateway (ALG) Benefits Brand name solutions? Issues This means changes to mission critical network components for the enterprise network Fix every NAT & Firewall for every protocol Unreachable: Physically, Politically, or Intellectually? Cannot overcome network based NAT/FW WAN Traverse: Ridgeway:  Host Network Guest Network Guest Network DMZ Proxy/Registrar/GK WAN Traverse: Ridgeway How Place single server at “reachable address” Download software client for any “guest network” Benefits No upgrade for existing mission critical components Handles any number of NATs & Firewalls, even network based Handles SIP or H.323 Compatible with your existing infrastructure Voice and Video Mobile solution Download-and-Call means no waiting to call into a new location The Ridgeway Method:  The Ridgeway Method Ridgeway (RW) Clients connect to the RW Server Outbound Fixed ports: 2776/2777 RW Server/Clients “proxy” the GK so it appears at the RW Client Endpoints set RW Client as their GK and register and then appear as a ports on the RW Server Behind the scenes: All TCP traffic goes over the pre-established TCP connection As UDP streams are needed the RW client pushes a stream out to the server that the server can use for return traffic (outbound, fixed ports) From endpoint perspective, calls proceed as usual Host Network Guest Network DMZ Proxy/Registrar/GK WAN Ridgeway Client IP Freedom Server Ridgeway Client More On Ridgeway Traversal:  More On Ridgeway Traversal Commercially deployed today in both enterprise and service provider environments One server for multiple endpoints & networks No upgrade to existing NAT/FW or endpoints No open inbound firewall ports No charge for client Upgrade server capacity instantly Add-on for VPN & PSTN gateway solutions Summary:  Summary Firewalls & NATs are everywhere Firewalls & NATs block IP Voice & Video Solution Choices: Bypass, Replace, Traverse Traversal: Don’t mess with your critical components Treat the network like a black box Download and call today! Free trial www.ridgewaysystems.com http://www.vide.net/vpz/firewalls.html

Related presentations


Other presentations created by Cinderella

Interactions of Life Communities
01. 01. 2008
0 views

Interactions of Life Communities

MDTherapySpEd Grant
23. 11. 2007
0 views

MDTherapySpEd Grant

MRB cables jan 4 2005
28. 11. 2007
0 views

MRB cables jan 4 2005

Panel for Down Syndrome
29. 11. 2007
0 views

Panel for Down Syndrome

Standardized Recipes
05. 12. 2007
0 views

Standardized Recipes

88 Zhao
29. 10. 2007
0 views

88 Zhao

TMTAstrometry
05. 11. 2007
0 views

TMTAstrometry

Jesus 1 The Word Was God
01. 10. 2007
0 views

Jesus 1 The Word Was God

Chapter 08
12. 11. 2007
0 views

Chapter 08

kotake
14. 11. 2007
0 views

kotake

Analytical Thinking
19. 11. 2007
0 views

Analytical Thinking

BESFranz02 28 02
18. 12. 2007
0 views

BESFranz02 28 02

6 communism and cold war
19. 12. 2007
0 views

6 communism and cold war

HSTeventsweb
05. 11. 2007
0 views

HSTeventsweb

Science and Christianity
23. 12. 2007
0 views

Science and Christianity

grouppresentation
25. 12. 2007
0 views

grouppresentation

Health Politics Case 5 Maioni
31. 12. 2007
0 views

Health Politics Case 5 Maioni

Womens political
07. 01. 2008
0 views

Womens political

01 overview
15. 11. 2007
0 views

01 overview

Project Eastwood
05. 11. 2007
0 views

Project Eastwood

post ww ii presidents
28. 12. 2007
0 views

post ww ii presidents

noble
12. 12. 2007
0 views

noble

gmcase
24. 02. 2008
0 views

gmcase

Nov2001 BorsesD MPEG7
27. 02. 2008
0 views

Nov2001 BorsesD MPEG7

news 20071122225647
05. 03. 2008
0 views

news 20071122225647

presentation koch Friesen2004b
11. 03. 2008
0 views

presentation koch Friesen2004b

GTL Presentation V1 5
14. 03. 2008
0 views

GTL Presentation V1 5

itu id16112004
27. 03. 2008
0 views

itu id16112004

wp 18 e
30. 03. 2008
0 views

wp 18 e

Economic Update AFIAA May2007
13. 04. 2008
0 views

Economic Update AFIAA May2007

CGF98 talk
07. 11. 2007
0 views

CGF98 talk

noutati
10. 12. 2007
0 views

noutati

powerpointSBH
05. 11. 2007
0 views

powerpointSBH

061109 Bio
18. 12. 2007
0 views

061109 Bio

create
03. 10. 2007
0 views

create

produkt11
04. 01. 2008
0 views

produkt11

Slovenia Theory04
03. 01. 2008
0 views

Slovenia Theory04