Peer-to-Peer Solutions Between Service Providers David A. Bryan CTO, Jasomi Networks October 10, 2002 – Fall VON, Atlanta, GA.

Slides:

Advertisements

Similar presentations

The leader in session border control for trusted, first class interactive communications.

Advertisements

SIP, Firewalls and NATs Oh My!. SIP Summit SIP, Firewalls and NATs, Oh My! Getting SIP Through Firewalls Firewalls Typically.

Fall VoN 2000 SIP Servers SIP Servers: A Buyers Guide Jonathan Rosenberg Chief Scientist.

SIP Trunking A VASP Perspective Thomas Roel Convergence Sales Engineer

Addressing Security Issues IT Expo East Addressing Security Issues Unified Communications SIP Communications in a UC Environment.

NAT, firewalls and IPv6 Christian Huitema Architect, Windows Networking Microsoft Corporation.

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

IUT– Network Security Course 1 Network Security Firewalls.

SIP and IMS Enabled Residential Gateway Sergio Romero Telefónica I+D Jan Önnegren Ericsson AB Alex De Smedt Thomson Telecom.

Karl Stahl CEO/CTO Ingate Systems Ingate’s SBCs do more than POTSoIP SIP. They were developed.

Enabling SIP to the Enterprise Steve Johnson, Ingate Systems Security: How SIP Improves Telephony.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Security WG Areas of Interest FYI - Strawman Vancouver June 2001 Sprint PCS ®

H. 323 and firewalls: Problem Statement and Solution Framework Author: Melinda Shore, Nokia Presenter: Shannon McCracken.

1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) Sriram Gopinath( )

NAT (Network Address Translator) Atif Karamat In the name of God the most merciful and the most compassionate.

Secure Telephony Enabled Middle-box (STEM) Maggie Nguyen Dr. Mark Stamp SJSU - CS 265 Spring 2003 STEM is proposed as a solution to network vulnerabilities,

A Guide to major network components

Enterprise Infrastructure Solutions for SIP Trunking

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

Deployment of the VoIP Servers BY: Syed khaja Najmuddin Ahmed Anil Kumar Marikukala.

Virtual Private Network

IT Expo SECURITY Scott Beer Director, Product Support Ingate

Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts.

CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.

Ingate & Dialogic Technical Presentation SIP Trunking Focused.

PART 2: Product Line. Tenor Switches & Gateways Tenor AX Series Solution For Medium to Large Enterprises  Available in 8, 16, 24 and 48 port Available.

Service Oriented VoIP (SOVoIP): True Convergence of Data and Voice Networks Presented By Mohammed Jubaer Arif Supervisors Dr Shanika Karunasekera and Dr.

VoIP security : Not an Afterthought. OVERVIEW What is VoIP? Difference between PSTN and VoIP. Why VoIP? VoIP Security threats Security concerns Design.

 Introduction  VoIP  P2P Systems  Skype  SIP  Skype - SIP Similarities and Differences  Conclusion.

Fall VON - September 28, 1999 C O N N E C T I N G T H E W O R L D W I T H A P P L I C A T I O N S SIP - Ready to Deploy Jim Nelson,

1 © 2002, Cisco Systems, Inc. All rights reserved. H.323 Voice Market H.323-Forum, November 2002, New York, USA H.323 Voice Market Haluk Keskiner Cisco.

Presented by Xiaoyu Qin Virtualized Access Control & Firewall Virtualization.

June 2006 Roles of Session Border Controllers in IMS Networks CANTO - June 2006.

Peering & Routing Designs Using Session Controllers & Media Gateways James Rafferty Voice Peering Forum March 8, 2007.

Session border controllers

FIREWALLS Vivek Srinivasan. Contents Introduction Need for firewalls Different types of firewalls Conclusion.

Quintum Confidential and Proprietary 1 Quintum Technologies, Inc. Session Border Controller and VoIP Devices Behind Firewalls Tim Thornton, CTO.

VoIP Security in Service Provider Environment Bogdan Materna Chief Technology Officer Yariba Systems.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 OSI Transport Layer Network Fundamentals – Chapter 4.

Firewall Technologies Prepared by: Dalia Al Dabbagh Manar Abd Al- Rhman University of Palestine

Sridhar Ramachandran Chief Technology Officer Core Session Controller.

Fundamentals of Proxying. Proxy Server Fundamentals  Proxy simply means acting on someone other’s behalf  A Proxy acts on behalf of the client or user.

The State of VoIP Peering Charles Studt Director of Product Management, VoEX.

Security, NATs and Firewalls Ingate Systems. Basics of SIP Security.

Extending ISA/IAG beyond the limit. AGAT Security suite - introduction AGAT Security suite is a set of unique components that allow extending ISA / IAG.

Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) Sriram Gopinath( )

Switch Features Most enterprise-capable switches have a number of features that make the switch attractive for large organizations. The following is a.

A machine that acts as the central relay between computers on a network Low cost, low function machine usually operating at Layer 1 Ties together the.

9: Troubleshooting Your Network

VoIP enabling legacy products David Duffett, Aculab.

1 What’s Next For SIP Trunking? Carriers Enabling and Bringing WebRTC Features With Their Trunks © 2015 Ingate Systems AB Prepared for:Ingate SIP Trunking,

NETWORKING FUNDAMENTALS. Network+ Guide to Networks, 4e2.

Implications of Trust Relationships for NSIS Signaling (draft-tschofenig-nsis-casp-midcom.txt) Authors: Hannes Tschofenig Henning Schulzrinne.

ITU Workshop on “Voice and Video Services Interoperability Over Fixed-Mobile Hybrid Environments, Including IMT-Advanced (LTE)" ” Geneva, Switzerland,

To Rent or Buy the IP PBX? Maybe it’s Both…. Building a VoIP Solution That Enables Both.

Networking Components Assignment 3 Corbin Watkins.

“End to End VoIP“ The Challenges of VoIP Access to the Enterprise Charles Rutledge VP Marketing Quintum Technologies

Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.

25/09/ Firewall, IDS & IPS basics. Summary Firewalls Intrusion detection system Intrusion prevention system.

Defining Network Infrastructure and Network Security Lesson 8.

1Security for Service Providers – Dave Gladwin – Newport Networks – SIP ’04 – 22-Jan-04 Security for Service Providers Protecting Service Infrastructure.

I. Basic Network Concepts

Enterprise Infrastructure Solutions for SIP Trunking

Protecting Yourself in a WebRTC World

Helping to Achieve ROI Targets with SIP Trunking

Ingate & Dialogic Technical Presentation

TDR authentication requirements

Presentation transcript:

Peer-to-Peer Solutions Between Service Providers David A. Bryan CTO, Jasomi Networks October 10, 2002 – Fall VON, Atlanta, GA

Why Peer? Cost Savings –Lower completion costs –Less new equipment Extend Reach –New geographical regions –Regulatory issues Opportunities to Partner –Each may have good local client base/grasp of local market

How Can Companies Peer? 3 ways to do this –Use the PSTN Includes Back-to-Back gateways Lots of problems (cost, loss of signal, etc.) –Open connections direct to each other Issue with firewalls/NATs Often Peers are potential competitors – don’t want to leak information –Use some sort of purpose-built device IP-to-IP Gateways VoIP aware firewalls

Specific Devices : VoIP Enabled Firewall Carrier A Carrier B Fire wall corrects the signaling, and can open and close ports to allow the media to pass In many scenarios, the firewall is controlled by a Firewall Control Proxy Both carriers may have similar deployments of firewall and proxy.

Specific Devices : IP-to-IP Gateway Carrier A Carrier B Both carriers may have similar deployments of IP-to-IP Gateway. IP-to-IP gateway between carriers. Each side is a new call. Generally, doesn’t use a control proxy. Proxy terminates calls at the device just like any other gateway. (May be in DMZ using existing firewall) 

Issues with Peering NAT/Firewall traversal Anonymization Billing Authentication Legal Intercept QoS Matching Network mismatches Protocol translation Media codec translation Network Security Fraud detection/prevention Demarcation Point

NAT/Firewall Traversal Carriers still want to be able to connect with firewalls Carriers may be on separate IP spaces Need to be able to interoperate Carrier A Carrier B

Anonymization Carriers may want (or be legally obliged) to hide identity of the user who originated the call, but still need to track it internally Carrier A Carrier B Incoming call is “anonymous”, but still has traceable information (i.e., IP address) When delivered to Carrier B, identifying information may need to be stripped

Billing Billing is often generated at Gateways, but gateway is in terminating carrier’s space. Carrier A Carrier B Billing is generated here, but Carrier A would like own billing records PSTN

Legal Intercept Again, intercept is often done at the PSTN connection, but Carrier A may be legally required to provide intercept. Carrier A Carrier B PSTN ? Boundary may be only place in network where media and signaling both flow.

Authentication Need to be able to verify that users are authorized to use service, and possibly check before call for prepaid. This might need to happen on both sides. Carrier A Carrier B ? AuthSrv Ok to Call?

QoS Matching Different providers may use different marking schemes for QoS, and these need to be translated Carrier A Carrier B ?

Conversions Network Mismatches –IPv4/IPv6, particularly between countries and as time moves on –Different Network designs (transport, physical media, etc.) Protocol Conversion –H.323 to SIP translation –Various “flavors” Media Codec Translation –Need to translate to compatible, but minimize total number (particularly with wireless)

Network Security Want to hide information about your network –Who do you terminate with? –How many proxies or switches in the network? –What nodes were visited on this call? –Network topology Want to ensure no “bad” traffic from remote network –Prevent malformed requests that could crash servers –Prevent malicious requests designed to disrupt service, intercept traffic, or steal service –Detect incompatible devices sending information to your network and squash

Fraud Detection/Prevention Need to detect fraudulent uses, like multiplexing multiple calls over a single billable call Carrier A Carrier B 1 Bill is generated for only one call 3 Users are making three calls

Demarcation Point Useful for trouble shooting –Able to prove that flow is “good” up to the edge of the network Generate statistics and metrics Leg to stand on when problems arise

Jasomi’s Product Line Enterprise-to-Carrier and Carrier-to-Carrier Solutions Jasomi - The Network Boundary Experts Visit us in Booth 234