BorderWare’s SIP Security Gateway provides a comprehensive, powerful solution for securing the delivery of real-time communications including VoIP (IP Telephony), Video Conferencing, Instant Messaging and Presence. Enterprises interested in deploying SIP enabled applications must put security measures in place that protect valuable corporate resources from attack while extending the reach of these applications to remote employees, partners and customers. Traditional perimeter-based firewalls do not provide the necessary functionality.
SIPassure is deployed at the network edge or in the DMZ, and manages all inbound and outbound SIP sessions, applying NAT access rules and other policy decisions. SIPassure dynamically manages inbound and outbound SIP requests and routes real-time traffic to the appropriate destination, with full access control and authentication. Advanced security is provided by authenticating all registered users and ensuring that all SIP commands and related data remain secure while ensuring quality of service.
NAT and Firewall Traversal
SIPassure enables NAT and Firewall traversal by providing full inbound and outbound proxying of all SIP and RTP traffic. Each packet is processed by SIPassure to determine network topology and session state information. The packets are transformed as needed to ensure they can traverse Firewalls and NAT devices. Similar processing is applied to both inbound and outbound packets, to provide Near-End and Far-End NAT traversal. This allows organizations to extend the benefits of SIP enabled applications to users no matter where they are located.
Quality of Service
Voice over IP is very sensitive to network performance characteristics such as latency (how long it takes to get a packet from one endpoint to another) and jitter (how that delay varies over time). As SIPassure processes media packets, it applies a configurable Type of Service (ToS) tag to each packet, allowing the rest of the network infrastructure to apply the appropriate prioritization required for high quality voice services. SIPassure supports clustering with centralized management to ensure the system can scale to meet the needs of the most demanding environments.
Application Management
System administrators are provided with an intuitive Web based user interface with centralized cluster management to control and monitor the system. Monitoring features including usage statistics, detailed reports and logs allow administrators to understand how the system is being used and define policies to provide system users with high quality reliable service. Support for management standards such as SNMP and syslog means that SIPassure can be integrated with existing network management tools such as HP Openview, Tivoli, Concord Network Health and more.
Ensured Interoperability
SIPassure is implemented using established industry standards and protocols and is fully RFC-compliant. Interoperability with products from other vendors is verified through continuous in house and third party testing. |
