Response Identity – A Problem!
Rogue SIP Proxy
Phishing and SIP exploit
More Examples RFC 4475
Try for yourself with ‘example’ software tools
NIST Recommendations
NIST Recommendations on securing VoIP
Part 6:防火墙,NAT 和SBC
Overview
Issues to address
Firewalls
What does a Firewall do?
Are Firewalls effective?
NAT or Network Address Translation
What is NAT?
NAT Request
NAT Response
UDP Hole punching
Hairpinning
Multiple NATs
The NAT Problem
Types of NAT
Types of NAT
NAT – Full Cone
NAT – Restricted Cone
NAT – Port Restricted Cone
NAT – Symmetric
The NAPT or (PAT) Problem
Problems with NAT, Firewalls and SIP
解决办法
STUN (Session Traversal Utilities for NAT)
STUN and rport
Problems with ‘Classic’ STUN
TURN (Traversal Using Relays around NAT)
STUN RFC 5389
Interactive Connectivity Establishment (ICE)
ICE ‘In Theory’
Candidate information and other ‘ICE stuff’.
ICE ‘In practice’
ICE tags
ICE-Lite and Trickle-ICE
ICE Client settings
More on ICE
Universal Plug and Play (UPnP)
‘Near end’ NAT
‘Far end’ NAT
GRUU (Globally Routable User Agent)
The RTP Problem
The Firewall Problem
Solving the RTP Problem
Symmetric RTP
Media Proxy
Application Level Gateway
SIP Aware Firewalls -呼入
SIP Aware Firewalls - 呼出
Session Border Controllers
SBC for the Enterprise and SBC for the ITSP
Recommended Session Border Controller features
SBCs in Action!
SBCs and message manipulation / normalization
SIP ‘Refer’ problems
SBC ‘Interop’ example
SBC Manufacturers - examples
From SIP to WebRTC (and back)
Part 7:SIP 中继介绍和业务要求
SIP Trunks
What is a SIP Trunk
Alternative to TDM
Separate Data and Voice connections
Converging the network
SIP Trunks and Codecs
SIP Trunk Benefits
SIP Trunking – In More Depth
SIP Trunk Capabilities
SIP Trunking Network Examples
SIP Peering
Peering problems?
Least Cost routing (LCR)
Disaster Recovery
(责任编辑:李俊勇)