Presentation is loading. Please wait.

Presentation is loading. Please wait.

January 23-26, 2007 Ft. Lauderdale, Florida Deploying SIP on a Global Scale Thom O’Connor Director, Product and Services CommuniGate Systems January 25,

Published byLaureen Palmer Modified over 9 years ago

Similar presentations

Presentation on theme: "January 23-26, 2007 Ft. Lauderdale, Florida Deploying SIP on a Global Scale Thom O’Connor Director, Product and Services CommuniGate Systems January 25,"— Presentation transcript:

1

2 January 23-26, 2007 Ft. Lauderdale, Florida Deploying SIP on a Global Scale Thom O’Connor Director, Product and Services CommuniGate Systems January 25, 2007

3 January 23-26, 2007 Ft. Lauderdale, Florida VoIP in the News “We are in the midst of a VoIP communications revolution“ - Jeff Pulver The use of IP PBXs is poised to soar, according to a study by In-Stat that predicts sales of these devices will represent 51% of all PBX sales this year and grow to 91% worldwide by 2009. - Network World, August 2005

4 January 23-26, 2007 Ft. Lauderdale, Florida Long-term Benefits of VoIP Sophisticated call management – presence, call forwarding/routing Integrated voice, video, file transfer, IM (Arguably) communications at lower cost and with richer media (although the cost benefits of are in transition and debatable) Consolidated identity management Granular policy/compliance capabilities ENUM for convergence of telephone numbers & IP addresses Mobility, access, flexibility

5 January 23-26, 2007 Ft. Lauderdale, Florida Focusing on SIP-initiated VoIP VoIP is an ambiguous concept encompassing many protocols including H.323, MGCP, SIP, 3GPP/IMS VoIP provides the IP-based transfer of: –Audio & Video (multimedia) –Instant Messages –Client-driven application sharing & whiteboarding Session Initiation Protocol (RFC 3261): SIP provides for open and standards-based signaling SIP provides registration, authentication, and discovery - allows two or more clients to locate each other, select a media type & define media sockets using SDP RTP used for audio/video payload, and often times directly between end devices

6 January 23-26, 2007 Ft. Lauderdale, Florida Diagram of SIP-initiated VoIP

7 January 23-26, 2007 Ft. Lauderdale, Florida Network Models for IP Communications 1.Service-Provider Model 2.Internet SIP usage with basic SIP Proxies 3.Client-Server SIP model, trusted users only 4.P2P Model 5.Distributed SIP model

8 January 23-26, 2007 Ft. Lauderdale, Florida Service-Provider Model Advantages Easy to implement and use for end users Theoretical possibility of security within each provider Standardization not required Disadvantages Proprietary, (often) closed networks Many non-interop devices Relatively few providers, relatively little choice & potential for oligopoly Actual security of data and accounts is unknown Little/no policy control

9 January 23-26, 2007 Ft. Lauderdale, Florida Internet SIP with basic SIP Proxies Advantages Stateless proxies can achieve high performance, but often not usable or secure Disadvantages Great difficulty in consistent signaling and media establishment with end users, especially those behind firewalls Little or no gateway session control (may be most significant for enterprise users) NAT traversal problems – STUN/TURN provides some NAT capabilities Presence conflicts when more than one end-user agent per user

10 January 23-26, 2007 Ft. Lauderdale, Florida Client-Server SIP model, trusted users only Advantages Tight authentication and REGISTER control Little threat of Spam, Caller ID spoofing Mostly-secure internal communications “Near-end” and “Far- end” NAT traversal capable (if the SIP infrastructure is) Disadvantages Not truly a Internet- wide distributed SIP infrastructure All non-local sessions routed through PSTN or other public service providers (IM gateways, etc.)

11 January 23-26, 2007 Ft. Lauderdale, Florida P2P Model Ref: http://arxiv.org/ftp/cs/papers/0412/0412017.pdf Advantages True IP-to-IP (as well as potentially IP-to-PSTN connectivity) Potentially free and unrestricted for IP-to-IP Cost Disadvantages Not appropriate for Enterprises with controls on security/privacy Implemented today as another closed network Skype authentication network would appear to be a single point of failure Current implementations are not open standards therefore restricted and unknown security Depending on viewpoint… Very difficult to block

12 January 23-26, 2007 Ft. Lauderdale, Florida Distributed SIP Model -> Begins to look a whole lot like email today Advantages True “Internet Communication” Sophisticated SIP gateways with session control capabilities Reliable media streams Server-based presence agents Session border control capabilities allow for content scanning, policy control (such as being able to enforce SIPS and SRTP) Disadvantages Predictable addressing leads to same problems of spam Depending on your point of view, greater possibility of stream interception at gateway choke points (as compared to P2P

13 January 23-26, 2007 Ft. Lauderdale, Florida Evolutionary Path for Internet Communications? Current IM and “free VoIP” model is similar to that of the PSTN phone network – centralized services providing end-user accounts VoIP as a form of Internet Communications is far more powerful – distributed, open, interoperable with many servers/clients Ultimately – will look more like email does today? Move from IP-to-PSTN/PSTN-to-IP to end-to-end, IP-to-IP Trend towards distributed services out towards end-points (domain/DNS-based, maybe true P2P) WiFi/WiMAX phones may provide the last mile for end-to-end Conclusion: SIP/RTP must be implemented via the standards and architectural best practices to be opened at the gateway points

14 January 23-26, 2007 Ft. Lauderdale, Florida Implications of Distributed VoIP Recipients must be given tools to manage accessibility and risks Strong requirements for user and domain-level authentication and ultimately, reputation services Requirements for relay protections, content filtering, gateway policies, anti-spoofing, lawful intercept Protection against DDoS, IP-based restrictions - RBLs, blacklists, whitelists User-based rules for protection Requirements for HA, clustering, and QOS Less reliance/dependence on service providers (acting as oligopolies) Policy management through sophisticated SIP gateway controls

15 January 23-26, 2007 Ft. Lauderdale, Florida Challenges of Implementing VoIP/SIP SIP protocol still in rolling development Many vendors adding non-standard methods that don’t always interop QOS and bandwidth issues, lost/out-of-order packets Power over Ethernet (PoE) not widespread Each SIP end-user device may state its own presence “Near-end” and “Far-end” NAT traversal Little policy/compliance for end-to-end data transfer Scalability & HA of VoIP infrastructure Emergency procedures (911) Security challenges (data capture, MITM, DDoS, virus?, encryption not commonly used) CALEA – capturing end-point data and media (though not necessarily un-encrypted media)

16 January 23-26, 2007 Ft. Lauderdale, Florida Dynamic Cluster with SIP Farm Single-address for email, collaboration, and VoIP Email traffic can be separated from SIP Farm Consolidated Identity management but Frontends are “specialized” Protects voice QOS even in event of DDoS or spam

17 January 23-26, 2007 Ft. Lauderdale, Florida Implications of Presence & Availability Far more invasive to be receiving voice calls unexpectedly than email/IM Requires assurance of identity in order to make presence and availability decisions Presence could reveal vulnerabilities, and must be granted granularly and selectively, especially outside the protected environment

18 January 23-26, 2007 Ft. Lauderdale, Florida Total Converged Solution with CGP Complete SIP- based infrastructure and applications Personalized voice and data services for thousands of domains All-Active Dynamic Cluster for 99.999% uptime for Messaging and Real-time traffic CGP handles all SBC and NAT traversal functions CommuniGate Pro

19 January 23-26, 2007 Ft. Lauderdale, Florida Super Cluster Cluster of Clusters Used for scaling when regions are desired or when limited by storage subsystem Capable of sharing mailboxes between Backend clusters

20 January 23-26, 2007 Ft. Lauderdale, Florida CGP is not a Closed System The closed-network model for VoIP will inevitably end No one ever needs to ask whether their system can send an email to Yahoo Insecure for business – relies on outside, often unknown vendors Susceptible to cost hikes Not based on standards Not a true “end-to-end” model for direct connectivity Not a real Internet model - based more on the PSTN of the past

21 January 23-26, 2007 Ft. Lauderdale, Florida CGP Embraces Open Standards Open, RFC-compliant standards ensure all users can communicate The distributed Internet model has been proven with email, and is inevitable with voice Businesses are empowered with the ability to define their security and privacy policies Service Providers can offer security and encryption as well as perform Lawful Interception All users can choose their own choice of client for email, collaboration, and voice and still interoperate with one another

22 January 23-26, 2007 Ft. Lauderdale, Florida EdgeGate Services In a Dynamic Cluster, the CommuniGate Pro “Frontend Servers” handle most EdgeGate Services In the Core Server, all functions handled on the same server Built-in Connection flow control, SPF, Reverse Connect, and Session Border Control Third-party plugins provided to complete the anti- spam/anti-virus defense: - Mailshell SpamCatcher - Cloudmark Authority - McAfee VirusScan - Sophos Virus Scanner - Kaspersky Virus Scanner

23 January 23-26, 2007 Ft. Lauderdale, Florida Massively Scalable Clustering for VoIP Signaling Session Media Session Media Session Media Proxy Media Session

24 January 23-26, 2007 Ft. Lauderdale, Florida HP-CommuniGate-Navtel VoIP Benchmark

25 January 23-26, 2007 Ft. Lauderdale, Florida VoIP Benchmark Results - Navtel

26 January 23-26, 2007 Ft. Lauderdale, Florida VoIP Benchmark Results - sipp

27 January 23-26, 2007 Ft. Lauderdale, Florida

Download ppt "January 23-26, 2007 Ft. Lauderdale, Florida Deploying SIP on a Global Scale Thom O’Connor Director, Product and Services CommuniGate Systems January 25,"

Similar presentations

Unified Communications Bill Palmer ADNET Technologies, Inc.

Unified Communications Bill Palmer ADNET Technologies, Inc.
The leader in session border control for trusted, first class interactive communications.

The leader in session border control for trusted, first class interactive communications.
SIP, Firewalls and NATs Oh My!. www.dynamicsoft.com SIP Summit 2001 5.01.01 SIP, Firewalls and NATs, Oh My! Getting SIP Through Firewalls Firewalls Typically.

SIP, Firewalls and NATs Oh My!. SIP Summit SIP, Firewalls and NATs, Oh My! Getting SIP Through Firewalls Firewalls Typically.
Copyright © 2007 Telcordia Technologies Challenges in Securing Converged Networks Prepared for : Telcordia Contact: John F. Kimmins Executive Director.

Copyright © 2007 Telcordia Technologies Challenges in Securing Converged Networks Prepared for : Telcordia Contact: John F. Kimmins Executive Director.
SIP Trunking A VASP Perspective Thomas Roel Convergence Sales Engineer 651.796.7043

SIP Trunking A VASP Perspective Thomas Roel Convergence Sales Engineer
Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.
Guide to Network Defense and Countermeasures Second Edition

Guide to Network Defense and Countermeasures Second Edition
IP Communications Services Redefining Communications Teresa Hastings Director WorldCom SIP Services Conference – April 18-20, 2001.

IP Communications Services Redefining Communications Teresa Hastings Director WorldCom SIP Services Conference – April 18-20, 2001.
January 23-26, 2007 Ft. Lauderdale, Florida An introduction to SIP Simon Millard Professional Services Manager Aculab.

January 23-26, 2007 Ft. Lauderdale, Florida An introduction to SIP Simon Millard Professional Services Manager Aculab.
Karl Stahl CEO/CTO Ingate Systems Ingate’s SBCs do more than POTSoIP SIP. They were developed.

Karl Stahl CEO/CTO Ingate Systems Ingate’s SBCs do more than POTSoIP SIP. They were developed.
Solutions for SIP The SIP enabler We enable SIP communication for business What the E-SBC can do for you.

Solutions for SIP The SIP enabler We enable SIP communication for business What the E-SBC can do for you.
January 23-26, 2007 Ft. Lauderdale, Florida IP Communications, Secure – By Design Roger W. Farnsworth.

January 23-26, 2007 Ft. Lauderdale, Florida IP Communications, Secure – By Design Roger W. Farnsworth.
Testing SIP Services Over IP. Agenda  SIP testing – advanced scenarios  SIP testing - Real Life Examples.

Testing SIP Services Over IP. Agenda  SIP testing – advanced scenarios  SIP testing - Real Life Examples.
Skype Connected to a SIP PBX

Skype Connected to a SIP PBX
Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.
Von 2004 Will SIP Win? Brad Templeton Chairman of the Board Electronic Frontier Foundation

Von 2004 Will SIP Win? Brad Templeton Chairman of the Board Electronic Frontier Foundation
Enterprise Infrastructure Solutions for SIP Trunking

Enterprise Infrastructure Solutions for SIP Trunking
Copyright Microsoft Corp. 2006 Ramnish Singh IT Advisor Microsoft Corporation Secure Remote Access Challenges, Choices, Best Practices.

Copyright Microsoft Corp Ramnish Singh IT Advisor Microsoft Corporation Secure Remote Access Challenges, Choices, Best Practices.
IT Expo SECURITY Scott Beer Director, Product Support Ingate +1-613-963-0933.

IT Expo SECURITY Scott Beer Director, Product Support Ingate
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

Similar presentations

Ads by Google