Firewalls perform three very important, crytical functions in relation to SIP.
We discussed what Network Address Translation (NAT) is, its purpose on the network and why this is a problem when adopting SIP in the enterprise. In this issue, we will look at how Ingate SIP-capable security products solve the issues with NAT and do so while maintaining security.
Firewalls perform three very important functions. These functions are critical for any SIP implementation – including SIP trunking — and may provide other benefits as well depending on the construction of the network and the service that the business wishes to employ. The following are the most important of these functions:
- The firewall resolves NAT traversal issues and enables the adoption of SIP and SIP trunking by securely permitting SIP signaling and related media to traverse the firewall. Without this function, most companies will have one-way audio only.
- The Ingate products also normalize the SIP Traffic so that the IP-PBX at the customer site, and the service provider’s network are fully compatible. While SIP is a standard, each implementation can be slightly different, and the service providers may each require a different level of authentication from the business. With thefirewall in place, these requirements can be met.
- Security becomes important with the introduction of SIP trunking and other SIP services because as a server, the IP-PBX is subject to the same types of threats as any other server on the enterprise network. So the properly architected network will include a firewall device to assure that only authorized users are allowed to send and/or receive phone calls using the service, and that no malicious attacks are launched which could render the IP-PBX inoperable.