logging in or signing up burkett sura Cinderella Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINTLite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 212 Category: Education License: All Rights Reserved Like it (0) Dislike it (0) Added: January 04, 2008 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript Slide1: Calling Across The Boundaries Mike Burkett, VP Products mburkett@ridgewaysystems.com April 25, 2002Why should you care about NATs and Firewalls?: Why should you care about NATs and Firewalls? Network Address Translation (NAT) and Firewalls will block your IP voice and video calls.What is NAT?: What is NAT? Network Address Translation Allows multiple users/devices to share a single public internet address Implemented within the router Think of it like a PBX with a public trunk number and private extensions for IP networks Shared Public Address 64.121.30.1What is a Firewall?: What is a Firewall? Separates and “Protects” the Private Network from the outside world. Examines every packet that goes in to or out from the enterprise. Typically blocks all unsolicited inbound packets Think of a mail room clerk filtering your inbound and outbound mail Outside World Private Network Unsolicited DisallowedWhy H.323 & SIP Don’t Work…: Why H.323 & SIP Don’t Work… With firewalls Require inbound connections for inbound calls Each call requires multiple TCP and UDP connections to random ports With NATs Private addresses hidden from the outside network – means no inbound calling Outbound calling endpoints request media sent to their private address – means one way video/audioThe Imaginary IP World: The Imaginary IP World No Firewalls No NAT No Security All public IP Addresses All Calls Successful Not the real world! Bob 64.123.31.15 Susan 34.58.15.21 Tom 216.115.109.7 Branch Office 208.45.133.21 Teleworker 24.30.203.101 Corporate 207.46.230.5Today’s Real IP Video World: Today’s Real IP Video World WAN WAN Bob 10.2.1.5 Susan 192.168.0.107 Tom 192.168.0.108 Teleworker 10.100.5.4 Corporate 10.1.1.25 Branch Office 172.16.31.13 Firewall/NAT at the edge of the corporate network NAT or Firewall hidden in the networkFirewalls & NAT: Where?: Firewalls & NAT: Where? Deployed Everywhere: Corporate Networks Home Networks Individual PCs And Hidden In the Net Anywhere someone wants to Share a connection Protect a network WANWhat choices do you have?: What choices do you have? Bypass Public Endpoints Private Network Gateway MCU Replace Upgrade Hardware Infrastructure Traverse Use Ridgeway SoftwareBypass: Public Endpoints: Bypass: Public Endpoints How Give the endpoints public IP addresses Move them outside the firewall Benefits May be lowest capital cost? Issues Requires Dedicated Public IP Addresses Removes Protection of Firewall Not easily scalable Cannot overcome network based NAT/FW WANBypass: Private Network: Bypass: Private Network How Establish Virtual Private Network (VPN), usually via Firewall configuration Benefits Works for Intra-Company communications May already be in place Issues Not for inter-enterprise communications Requires configuration at every location May have performance impacts – increased delay Some VPNs won’t handle NAT WANBypass: PSTN/ISDN Gateway: Bypass: PSTN/ISDN Gateway How Gateway to PSTN or ISDN at edge of network Benefits May already be in place for calling “off-net” Issues Loses benefits of the pure IP solution Doesn’t solve problem for the mobile IP endpoint IP WAN PSTN/ ISDNBypass: MCU: Bypass: MCU How Deploy MCU with two network interfaces, one inside & one outside of firewall/NAT Benefits Natural extension for existing MCU deployments Issues Can be expensive solution; not appropriate for SOHO or consumer deployment Localized solution, needs to be deployed at every NAT/FW Cannot overcome network based NAT/FW WANReplace: Upgrade Infrastructure: Replace: Upgrade Infrastructure How Upgrade firewalls and routers with Application Level Gateway (ALG) Benefits Brand name solutions? Issues This means changes to mission critical network components for the enterprise network Fix every NAT & Firewall for every protocol Unreachable: Physically, Politically, or Intellectually? Cannot overcome network based NAT/FW WANTraverse: Ridgeway: Host Network Guest Network Guest Network DMZ Proxy/Registrar/GK WAN Traverse: Ridgeway How Place single server at “reachable address” Download software client for any “guest network” Benefits No upgrade for existing mission critical components Handles any number of NATs & Firewalls, even network based Handles SIP or H.323 Compatible with your existing infrastructure Voice and Video Mobile solution Download-and-Call means no waiting to call into a new location The Ridgeway Method: The Ridgeway Method Ridgeway (RW) Clients connect to the RW Server Outbound Fixed ports: 2776/2777 RW Server/Clients “proxy” the GK so it appears at the RW Client Endpoints set RW Client as their GK and register and then appear as a ports on the RW Server Behind the scenes: All TCP traffic goes over the pre-established TCP connection As UDP streams are needed the RW client pushes a stream out to the server that the server can use for return traffic (outbound, fixed ports) From endpoint perspective, calls proceed as usual Host Network Guest Network DMZ Proxy/Registrar/GK WAN Ridgeway Client IP Freedom Server Ridgeway ClientMore On Ridgeway Traversal: More On Ridgeway Traversal Commercially deployed today in both enterprise and service provider environments One server for multiple endpoints & networks No upgrade to existing NAT/FW or endpoints No open inbound firewall ports No charge for client Upgrade server capacity instantly Add-on for VPN & PSTN gateway solutionsSummary: Summary Firewalls & NATs are everywhere Firewalls & NATs block IP Voice & Video Solution Choices: Bypass, Replace, Traverse Traversal: Don’t mess with your critical components Treat the network like a black box Download and call today! Free trial www.ridgewaysystems.com http://www.vide.net/vpz/firewalls.html You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
burkett sura Cinderella Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINTLite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 212 Category: Education License: All Rights Reserved Like it (0) Dislike it (0) Added: January 04, 2008 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript Slide1: Calling Across The Boundaries Mike Burkett, VP Products mburkett@ridgewaysystems.com April 25, 2002Why should you care about NATs and Firewalls?: Why should you care about NATs and Firewalls? Network Address Translation (NAT) and Firewalls will block your IP voice and video calls.What is NAT?: What is NAT? Network Address Translation Allows multiple users/devices to share a single public internet address Implemented within the router Think of it like a PBX with a public trunk number and private extensions for IP networks Shared Public Address 64.121.30.1What is a Firewall?: What is a Firewall? Separates and “Protects” the Private Network from the outside world. Examines every packet that goes in to or out from the enterprise. Typically blocks all unsolicited inbound packets Think of a mail room clerk filtering your inbound and outbound mail Outside World Private Network Unsolicited DisallowedWhy H.323 & SIP Don’t Work…: Why H.323 & SIP Don’t Work… With firewalls Require inbound connections for inbound calls Each call requires multiple TCP and UDP connections to random ports With NATs Private addresses hidden from the outside network – means no inbound calling Outbound calling endpoints request media sent to their private address – means one way video/audioThe Imaginary IP World: The Imaginary IP World No Firewalls No NAT No Security All public IP Addresses All Calls Successful Not the real world! Bob 64.123.31.15 Susan 34.58.15.21 Tom 216.115.109.7 Branch Office 208.45.133.21 Teleworker 24.30.203.101 Corporate 207.46.230.5Today’s Real IP Video World: Today’s Real IP Video World WAN WAN Bob 10.2.1.5 Susan 192.168.0.107 Tom 192.168.0.108 Teleworker 10.100.5.4 Corporate 10.1.1.25 Branch Office 172.16.31.13 Firewall/NAT at the edge of the corporate network NAT or Firewall hidden in the networkFirewalls & NAT: Where?: Firewalls & NAT: Where? Deployed Everywhere: Corporate Networks Home Networks Individual PCs And Hidden In the Net Anywhere someone wants to Share a connection Protect a network WANWhat choices do you have?: What choices do you have? Bypass Public Endpoints Private Network Gateway MCU Replace Upgrade Hardware Infrastructure Traverse Use Ridgeway SoftwareBypass: Public Endpoints: Bypass: Public Endpoints How Give the endpoints public IP addresses Move them outside the firewall Benefits May be lowest capital cost? Issues Requires Dedicated Public IP Addresses Removes Protection of Firewall Not easily scalable Cannot overcome network based NAT/FW WANBypass: Private Network: Bypass: Private Network How Establish Virtual Private Network (VPN), usually via Firewall configuration Benefits Works for Intra-Company communications May already be in place Issues Not for inter-enterprise communications Requires configuration at every location May have performance impacts – increased delay Some VPNs won’t handle NAT WANBypass: PSTN/ISDN Gateway: Bypass: PSTN/ISDN Gateway How Gateway to PSTN or ISDN at edge of network Benefits May already be in place for calling “off-net” Issues Loses benefits of the pure IP solution Doesn’t solve problem for the mobile IP endpoint IP WAN PSTN/ ISDNBypass: MCU: Bypass: MCU How Deploy MCU with two network interfaces, one inside & one outside of firewall/NAT Benefits Natural extension for existing MCU deployments Issues Can be expensive solution; not appropriate for SOHO or consumer deployment Localized solution, needs to be deployed at every NAT/FW Cannot overcome network based NAT/FW WANReplace: Upgrade Infrastructure: Replace: Upgrade Infrastructure How Upgrade firewalls and routers with Application Level Gateway (ALG) Benefits Brand name solutions? Issues This means changes to mission critical network components for the enterprise network Fix every NAT & Firewall for every protocol Unreachable: Physically, Politically, or Intellectually? Cannot overcome network based NAT/FW WANTraverse: Ridgeway: Host Network Guest Network Guest Network DMZ Proxy/Registrar/GK WAN Traverse: Ridgeway How Place single server at “reachable address” Download software client for any “guest network” Benefits No upgrade for existing mission critical components Handles any number of NATs & Firewalls, even network based Handles SIP or H.323 Compatible with your existing infrastructure Voice and Video Mobile solution Download-and-Call means no waiting to call into a new location The Ridgeway Method: The Ridgeway Method Ridgeway (RW) Clients connect to the RW Server Outbound Fixed ports: 2776/2777 RW Server/Clients “proxy” the GK so it appears at the RW Client Endpoints set RW Client as their GK and register and then appear as a ports on the RW Server Behind the scenes: All TCP traffic goes over the pre-established TCP connection As UDP streams are needed the RW client pushes a stream out to the server that the server can use for return traffic (outbound, fixed ports) From endpoint perspective, calls proceed as usual Host Network Guest Network DMZ Proxy/Registrar/GK WAN Ridgeway Client IP Freedom Server Ridgeway ClientMore On Ridgeway Traversal: More On Ridgeway Traversal Commercially deployed today in both enterprise and service provider environments One server for multiple endpoints & networks No upgrade to existing NAT/FW or endpoints No open inbound firewall ports No charge for client Upgrade server capacity instantly Add-on for VPN & PSTN gateway solutionsSummary: Summary Firewalls & NATs are everywhere Firewalls & NATs block IP Voice & Video Solution Choices: Bypass, Replace, Traverse Traversal: Don’t mess with your critical components Treat the network like a black box Download and call today! Free trial www.ridgewaysystems.com http://www.vide.net/vpz/firewalls.html