1 / 16

Polycom Conference Firewall Solutions

Polycom Conference Firewall Solutions. The use of Video Conferencing Is Rapidly Growing. More and More people are adopting IP conferencing Audio and Video is improving drastically, making it easy to conference over the internet

brie
Télécharger la présentation

Polycom Conference Firewall Solutions

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Polycom Conference Firewall Solutions

  2. The use of Video Conferencing Is Rapidly Growing • More and More people are adopting IP conferencing • Audio and Video is improving drastically, making it easy to conference over the internet • Increasing need to scale, manage, and deploy all while maintaining a secure environment • The goal is to connect Anywhere, Anytime, without boundaries

  3. Continued questions in conferencing today … • Who can I call? • How do I call? • Is there a firewall involved? • What kind of endpoints do I have?

  4. Video over IP Deployment Challenges • Existing networking infrastructure is not “media-aware” • Firewalls block Media (Video/Audio) calls • Network Address Translation (NAT) breaks addressing • Video/Audio and data traffic on shared WAN pipes degrades voice and video quality • User Concerns • Dialing concerns • How do I call them? What should I dial? • Do I have to register with them? • Why can’t they call me? • Designing around the above problems is difficult and expensive with legacy CPE hardware

  5. How do you fix the problem? • NAT Avoidance • Uses techniques to avoid a firewall / NAT • May require additional CPE • NAT Traversal • Video calls traverse the firewall / NAT • Multiple methods available

  6. Public IP PROXY Public – Private IP TUNNELS Virtual Private Networks (VPN) One approach – Avoid the NAT problem

  7. Firewall Traversal Solutions • Application Layer Gateway (ALG) • Enables a firewall to become media aware without compromising security • H.460 Based Traversal • ITU defined NAT/FW traversal method • Works with legacy firewalls

  8. Application Layer Gateway (ALG) • Resolves Network Address Translations issues • Media and protocol aware • Preserves all features (Encryption/Content Sharing) • Uses Stateful Packet Inspection • Dynamically opens and closes ports • Provides topology hiding to protect the H.323 Components (endpoints, bridges, gatekeepers) and data devices

  9. Application Layer Gateway (ALG) • ALG Pros • Security (intrinsic Firewall) • Dynamic Port utilization for call duration • Scalable - Enables Shortest Path Media Routing • Less costly – no extra bandwidth • Ideal for “fixed” video installations • Video endpoint registration not mandatory • Flexible dialing • ALG Cons • Not practical for mobile work force

  10. H.460 – Traversal of H.323 across NATs and Firewalls • H.460 ITU Standard • Extension to H.323 • Developed by Polycom, Radvision, Tandberg • Approved August 2005 • H.460 enables H.323 signalling and media to traverse NAT/FW installations • Utilizes a Traversal Server (TS) at a central location • Requires H.460 aware endpoints to register with Traversal Server • All VSX systems are H.460 aware with VSX Release 8.5!

  11. H.460 – Traversal Server • H.460 Pros • Allows for IP calling with legacy firewalls • IP and Port issues resolved at Traversal Server • Simplistic for registered H.460 endpoints • Ideal for mobile users (road warriors / hot spots / home users) • H.460 Cons • Extra bandwidth may be needed at Traversal Server location • Requires endpoints to register with the Traversal Server • Scalability - all traffic routed through the host location (signaling and media) • Less Secure (Traversal Server may not be a Firewall)

  12. Choosing The Right Solution • ISDN gateway • More expensive • ISDN not available everywhere • H.323 aware firewall • Restricts the feature set – encryption • Not ISP friendly • VPN • Exposure risk for Home Offices • Not used for enterprise-to-enterprise communication • Put all video systems on public IP addresses • Vulnerable to attack • Limited availability of public IP addresses • Not scalable

  13. Introducing the Polycom V2IU • Simplifies - Inter-company video conferencing • Resolves - NAT/Firewall traversal problems for Video over IP • Protects - Video and Voice devices with an application aware firewall • Flexible –Can be deployed as an ALG or Traversal Server (H.460) 6400 Series 85 Meg Base MSRP - $42,800 5300 Series 10 Meg or 25 Meg Base MSRP - $7,199 4300 3 Meg Base MSRP - $1,999 • V2IU Product Family – “Voice and Video Interface Unit”

  14. V2IU Key Features And Benefits With VSX Release 8.5, all VSX solutions are H.460 compliant!

  15. Complete PolycomSolution

  16. Thanks !Questions?

More Related