VoIP Firewall

1. VoIP's firewall challenges
   One of the interesting nuggets from SuperComm 2002 was the lip service that large service providers are giving voice over IP. Under pressure from direct enterprise sales of VoIP platforms to their best customers, BellSouth and others are now offering or planning to offer managed VoIP services from platforms such as Cisco's AVVID equipment. Providers need to keep an eye out for pesky implementation problems that early adopters have discovered. One such issue is the treatment of VoIP in a secure enterprise environment. At the crux of the problem is the basic enterprise firewall. VoIP problems occur on phone calls that originate in the outside world - a big problem when waiting for someone to call you back .
                                                
2. NATAcces VoIP Firewall Technology
   This unique technology in the company’s Tenor VoIP MultiPath Switches that allows VoIP implementers to keep their VoIP gateways behind NATs and NAT-enabled firewalls. NATAccess performs network address translation within packet payloads during the call set-up process. By providing the outside party's router with the appropriate public IP addresses for internal users, NATAccess allows authorized streaming VoIP traffic–and only authorized traffic–to pass through the firewall. 
                     
3. VoIP Traffic with the PIX Firewall
   In this sample configuration, a PIX Firewall is configured in order to allow the traversal of two different Voice over IP  protocols-H.323, and Session Initiation Protocol (SIP). Due to the fact that VoIP protocols are made up of signaling and IP address/port combinations, there are a number of issues with VoIP and Network Address Translations (NAT). The PIX Firewall fixup protocol addresses these issues. 
                  
4. Firewall-Friendly VoIP Secure Gateway
   IP telephony services using Voice over Internet Protocol (VoIP) technologies have rapidly spread over the last several years. Many IP telephony services have recently been started: for example, consumer IP telephony services provided by legacy telephone carriers, IP-PBX (Private Branch eXchange) services provided by enterprises, and IP telephony outsourcing services for enterprises (IP Centrex services) provided by ISPs carriers. In the case of IP-Centrex services, ISPs/carriers provide not only IP-Centrex services but also consumer IP telephony services, so ISPs/carriers can provide secure interoperation between an enterprise IP phone and a consumer IP phone. However, apart from IP-Centrex services, IP-PBX services cannot interoperate with consumer IP telephony services.
                       
5. VoIP SIP Firewall
   The challenge Session Initiation Protocol (SIP) has evolved to become the new secured multimedia communications standard for real-time person-to-person IP communications as defined by the Internet Engineering Task Force (IETF). SIP enables users to communicate with each other in real-time on a standards-based protocol resulting in secure, reliable, predictable, and standards-compliant connectivity. The VoIP SIP is used in a range of applications including:-
   * VoIP (Voice Over IP) 
   * Video Conferencing 
   * Instant Messaging 
   * Online Gaming 
   * Unified Messaging and much more. 
                                      
6. VoIP Broadband Firewall Router
   This VoIP (802.11g) Firewall Router packs many powerful features into a single box to allow home and SOHO users to enjoy affordable VoIP calls, while having the mobility and high-speed Internet access. The world-standard Gateway feature known as “Least Cost Routing” enables users to choose the best VoIP call rates provided by various Internet Telephony Service Providers (ITSPs). Two integrated FXS ports provide dual lines for making VoIP calls. An additional FXO port enables you to make calls via PSTN Fixed-line while providing even faster Internet access sharing. Unparalleled firewall security features such as SPI, DoS attack prevention, and URL Content Filtering protect your Internet access against attacks by hackers. In addition, the Quality of Service feature ensures a smooth net connection for inbound and outbound data with minimal traffic congestion.