Shoretel Ingate SIParator 19 Overview:
Leveling the playing field for smaller enterprises,
Ingate® Systems offers the Ingate SIParator® 19, a powerful
tool that offers small businesses, branch offices and
home workers complete support for IP communications
based on Session Initiation Protocol (SIP). With the
SIParator 19, these businesses can leverage the same
productivity and cost-savings benefits of Voice over
IP (VoIP) and other IP-based communications as large
corporations. The SIParator works seamlessly with your
existing firewall to allow the flow of the SIP traffic.
While traditional firewalls block SIP traffic – including
mission-critical applications like VoIP – the SIParator
resolves this problem, working in tandem with your current
security solutions. It also solves the Network Address
Translation (NAT) traversal issues inherent in SIP communications,
and offers both far- and near-end NAT traversal to extend
the SIP capabilities within the corporate network to
remote workers.
With Ingate products, enterprises can use VoIP and
other live communications on the LAN and globally over
the Internet or private IP networks.
Ingate SIParator 19
Small and versatile, the Ingate SIParator 19 is perfect
for smaller office environments – with no fan; the SIParator
is virtually silent, which means there’s no need for
a separate server room. The management interface for
the products is the same Web-based Graphical User Interface
(GUI) that has been cited by Ingate customers and the
media for ease-of-use.
Included with the Ingate SIParator
19 are five SIP traversal licenses, allowing up to fi
ve calls to traverse at the same time. Additional traversal
licenses can be purchased at any time.
All Ingate SIParators are fully featured and can
be maintained by the network security administrator
utilizing the GUI. Ingate SIParators include an encrypted
Virtual Private Network (VPN) termination module. The
SIParator 19 can be confi gured as a part of the DMZ
or in a standalone mode. In both cases, the benefits
of SIP-based communications can be added to the network
quickly and easily.
Trusted Network Security for VoIP
The Ingate SIParator SIP Proxy architecture grants
fully secure traversal of the SIP traffic. The ports
for the media streams are only opened between the specific
parties of a call and only for the duration of the call.
The SIP proxy inspects the SIP packets before sending
them on. TLS encryption ensures privacy when communicating,
making call eavesdropping, call hijacking and call spoofing
harder to do. Ingate also supports authentication of
users and servers.
Support for SIP Trunking
More and more Internet Service Providers offer a
SIP trunk - a combined Internet and voice connection.
For enterprises with an IP-PBX this is an ideal cost-saving
solution as they no longer need local PSTN gateways
or costly PRIs/BRIs. However, the SIP traffic, as all
other data traffic, needs to traverse the enterprise
firewall. Ingate SIParator19 handles the firewall and
NAT traversal using the built-in SIP proxy.
Choose the Right Features for Your Network
Ingate offers several other add-on software modules
that allow you to tailor the SIParator 19 to meet the
specific demands of your business. Ingate Quality of
Service (QoS) sets priorities to different kinds of
data and allocates bandwidth for varied purposes – for
instance, giving priority to VoIP.
Ingate Remote SIP Connectivity extends the SIP capabilities
of the enterprise to employees working remotely (home
office workers, road warriors, etc.). Remote SIP Connectivity
manages the traversal of the remote NAT from a central
firewall and also includes a STUN server.
Ingate VoIP Survival adds a whole new dimension to
hosted VoIP service by securing full redundancy in a
SIP-based hosted IP-PBX environment all the way out
to the customer premises.
Ingate Enhanced Security Module provides Intrusion
Detection and Intrusion Prevention for SIP as well as
encryption of the communication.
The SIP Registrar Module allows for making the Ingate
Registrar the primary registration server.
Add Global VoIP Connectivity to your IP-PBX
The SIParator 19 opens up a world of possibilities and
cost savings when used with a SIP based IP-PBX. Businesses
can route telephone calls via IP, not only between branch
offices and home workers, but also to offices and other
users using SIP-based Internet telephony. No longer
limited to telephony voice, communication can also include
video, instant messaging, presence and more.
In addition, the SIParator 19 makes it possible for
home workers, road warriors and even branch offices
to belong the same central IP-PBX - with the highest
level of security. The SIParator also affords the possibility
to set up a private VoIP network, if preferred. Advanced
IP- PBX functions are supported, including such as call
transfer, call hold, and voicemail.
Configuration:
Configuration
1: DMZ
The connects to the existing firewall through the DMZ
interface. All traffic will pass through the existing
firewall. This configuration requires that a static
range of UDP and TCP ports are opened between the Internet
and the SIParator and between the SIParator and the
LAN. SIP clients on the LAN need to have the SIParator
defined as their outgoing proxy or be referred to it
via DNS. The firewall continues to control security,
but SIP traffic is routed to the LAN only through the
SIParator.
Configuration 2: DMZ/LAN
The Ingate SIParator connects to the DMZ of the existing
firewall and to the LAN. This means that SIP traffic
and media streams only have to pass through the existing
firewall once (or not at all for all calls inside the
office). A static range of UDP and TCP ports needs to
be opened in the firewall between the Internet and the
SIParator. SIP clients on the LAN need to have the SIParator
defined as their outgoing proxy or be referred to it
via DNS.
Configuration 3: Standalone
The SIParator connects to both the LAN and the Internet,
operating entirely in parallel with the existing firewall.
The SIParator will only handle SIP signaling and media
streams; everything else will pass through existing
firewall. This setup has no requirements for the existing
firewall and requires no configuration changes. SIP
clients on the LAN need to have the SIParator defined
as their outgoing proxy or be referred to it via DNS.
Shoretel
Ingate SIParator 19
