Lower recurring costs from the carrier

ShoreTel CONFIDENTIAL(c) ShoreTel, Inc. 2007 -- ALL RIGHTS RESERVED

Enterprise Pure IPTelephony Solutions

SIP trunk Problems & SolutionsShoreTel & INGATE Siparator

Jerome Joanny Sr Product Manager - ShoreTel

ShoreTel CONFIDENTIAL (c) ShoreTel, Inc. 2007 -- ALL RIGHTS RESERVED

• Lower recurring costs from the carrier• Flexible calling plans – bundled minutes, no long distance

charges• More feature offering – virtual numbers• Deployment flexibility

– Incremental provisioning vs. block provisioning– Self serve portals – buy services without meeting your rep– Quicker increments – no waiting for a truck roll

• Dual use of data pipe, voice and data

Company A

SIP Trunk - What are the advantages?

IP CloudCallsData


SIP trunking problems

• NAT traversal for SIP– NAT resides at L3/L4 – SIP at L7– NAT processing “breaks” SIP addressing

• Network & SIP Communication security– Physical medium is the IP pipe – Firewalls control what goes in or out such pipe

• SIP Protocol Normalization & translation– Not all SIP are created equal … and compatible– Open Standard …open to interpretations


The ‘NAT’ and SIP Story

• The Details of port and private IP address are encapsulated in the SIP header message

• Application Layer messages contain information that isn’t relevant outside of the enterprise network

Company A

Client B

Client Y

IP 192.168.1.57

Public IP 64.72.1.31



SIP HeaderInvite From: 192.168.1.To: 65.73.1.34:5060

Client A

IP 192.168.1.55

?SIP HeaderInvite From: 192.168.1.To: 65.73.1.34:5060


Network & SIP security issues

Carrier SIPTrunk Cloud

Company A

Company B

Firewall

• SIP trunks use IP infrastructure• IP networks are ‘protected domains’ connected by untrusted

‘public’ connections.• Reliable method is required that allows communication

between domains protected by Firewalls

FirewallOuch! Ouch!

Firewalls block the prime function of a trunk – Allow

systems from different enterprises connect


Call-ID: X

PSTN Gwy

Service Provider

PSTN

The SIP Normalization situation

IP 168.203.30.11

603-883-6569 972-678-0464

ALG

John

603-883-6580

Jane

Bob

Call-ID: X

Hi John !May I speakwith Jane ?

Sure! I will transfer you to Jane

?

REFER?603-883-6580@

shoretel.comWhat's that?

(Jane)

ShoreTel

‘REFER’ to Jane


ShoreTel & Ingate : delivering a solution that Works !

• Solve SIP firewall and NAT traversal issues with a consistent solution

– NAT traversal problems are the source of 90% initial setup issues • Ensure customers can keep total ownership of network security

when SIP is introduced• Provide SIP normalization if/when required

• Provide partners and customers validated ‘end to end’ multi-vendor solutions in the SIP ‘plug and pray’ era


603-883-6569

INGATE Siparator addressing the NAT issue

Firewall

PSTN Gwy

Service Provider

PSTN

IP 10.200.10.16

IP 168.203.30.11

972-678-0464

ShoreTel

IP 168.105.45.19

To:972-678-0464@ IP 168.105.45.19From: 603-883-6569 @10.200.10.16

To/URI:972-678-0464@ IP 168.105.45.19

From: 603-883-6569 @10.200.10.16

IP 168.203.30.11

[email protected]

For calls to route successfully internal IP addresses have to bere-written

The SBC handles the Network Address Translation (NAT)

Address re-write


972-678-0464

ITSPs can’t reach the IPBX in the LAN

Firewall

PSTN Gwy

Service Provider

PSTN

IP 10.200.10.16

IP 168.203.30.11

603-883-6569

ShoreTel

IP 168.105.45.19

From:972-678-0464@ IP 168.203.30.11To:[email protected]

Address re-write

To/URI:[email protected] 10.200.10.16

For calls to route successfully IP addresses have to be re-written

The SBC again handles the Network Address Translation (NAT)

Service Provider can only address the known public IP-address of the Enterprise


No Need to Replace the Existing Firewall!

Siparator

How does the Siparator help?

DMZ

SIP-enables any firewall

It works with existing firewallsDynamically manages ports need for SIP: -SIP Signaling port 5060 -Range of UDP/TCP ports

Provides a B2BUA & SIP Proxy

Normal Firewalls

SIP


B2BUA handles the “REFER” SIP method locally and a new media stream is set up to Jane

Call-ID: X

PSTN Gwy

Service Provider

PSTN

The ITSP SIP transfer problem

SBC with B2BUA

IP 168.203.30.11DMZ

603-883-6569 972-678-0464

ALG

John

603-883-6580

Jane

Bob

Call-ID: X

Hi John !May I speakwith Jane ?

Sure! I will transfer you to Jane

*) The REFER SIP method

?

ShoreTel

Re-INVITE

Call-ID: Y

ITSP sees a RE-INVITE with the same Call ID

REFER to Jane


ShoreTel’s philosophy on integration

• Provide partners and customers with validated ‘end to end’ multi-vendor solutions in the SIP ‘plug and pray’ era

– Making it all work together can be as complex as solving a third order differential equation

– Allow partners to work with ‘known entities’

• Solve SIP firewall and NAT traversal issues with a consistent solution

– Allow support to be clear on the components of the solution and isolate problems easily


Summary

• SIP trunking works

• The ‘solution’ is about more than just connectivity

• There are many flavors of SIP out there

– Be sure you only use those validated as working together


Backup


15

SIP Trunks Misconceptions

• They must be the same as it says ‘trunk’• They are IP so they require less HW • They are cheaper – really? – Depends on what your counting• You can just connect directly – Security? – What’s that?

Company A

Carrier SIP Trunk Cloud

SIP Trunk

Call 408 348 8545


16

Template page

• Single image system with best in class

Carrier SIPTrunk Cloud

Company A

Company B


• Each device has its own private IP address.

Company A

Client B

Client A

Client X

Client Y

IP 192.168.1.55

IP 192.168.1.56

IP 192.168.1.57

IP 192.168.1.1



Public IP 65.73.1.33From: 64.72.1.31:2000

To: 65.73.1.33:80

Documents

Lower recurring costs from the carrier