“SIP用例”的版本间的差异

来自最权威最新完整开源SIP,语音通信,融合通信中文技术文档资料,提供详细的Asterisk Freepbx, FreeSBC, 免费会话边界控制器,网关,语音板卡,IPPBX,SBC配置资料-asterisk,freepbx,freesbc 用户手册 界面配置,呼叫路由,IVR, 网关对接,拨号规则,SIP 分机呼叫,pjsip, IVR, 录音, CDR, 队列呼叫,振铃组,CLI 命令中文资料手册
跳转至: 导航搜索
(创建页面,内容为“'''SBC usecase overview''' * [ Why SBC] ** [ Real Time IP Communications are Complex] ** [ Security and Fraud] ** [ Standard Firewalls are not enough] * [ Ent...”)
 
第1行: 第1行:
'''SBC usecase overview'''
+
'''SBC 用例介绍'''
  
* [ Why SBC]
+
Sangoma SBC 作为一个介于两个网络之间的接口:
** [ Real Time IP Communications are Complex]
+
** [ Security and Fraud]
+
** [ Standard Firewalls are not enough]
+
* [ Enterprise Security Threats]
+
** [ Denial of Services]
+
** [ Theft of service / Fraud]
+
** [ BYOD]
+
* [ Firewall is not enough]
+
  
 
+
* 解决防火墙和NAT问题
 +
* 规范和修复SIP消息
 +
* 通过运营商使用SIP中继注册
 +
* 网络拓扑隐藏
 +
* 提供对SIP和Voice(TLS,SRTP)安全保护
 +
* 编码转换
 +
http://wiki.freepbx.org/download/attachments/49578352/sbc-overview%5B1%5D.png
  
  
 +
'''为什么使用SBC'''
  
 
+
'''实时IP通信越来越复杂'''
  
Sangoma SBC acts as the interface between 2 SIP networks:
+
* SIP会话从内网或者外网发起,可能有NAT问题。
 
+
* QOS 是非常必要的
* Solve firewall and NAT issues
+
* 厂家之间的兼容性问题需要解决
* Normalize and fix SIP messaging
+
* Register with SIPtrunking provider
+
* Hide Network Topology
+
* Secure SIP and Voice (TLS, SRTP)
+
* Codec Conversion (Transcoding)
+
 
+
 
+
 
+
'''Why SBC'''
+
 
+
'''Real Time IP Communications are Complex'''
+
 
+
* Sessions initiated from inside or outside firewalls – NAT
+
* QOS is needed to provide voice quality over internet
+
* Interoperability problem between vendors
+
  
 
'''Security and Fraud'''
 
'''Security and Fraud'''

2015年11月11日 (三) 21:57的版本

SBC 用例介绍

Sangoma SBC 作为一个介于两个网络之间的接口:

  • 解决防火墙和NAT问题
  • 规范和修复SIP消息
  • 通过运营商使用SIP中继注册
  • 网络拓扑隐藏
  • 提供对SIP和Voice(TLS,SRTP)安全保护
  • 编码转换

sbc-overview%5B1%5D.png


为什么使用SBC

实时IP通信越来越复杂

  • SIP会话从内网或者外网发起,可能有NAT问题。
  • QOS 是非常必要的
  • 厂家之间的兼容性问题需要解决

Security and Fraud

  • State full session security
  • Media security and encryption
  • Session Limits: call per second, max calls per user
  • Intrusion detection and prevention

Standard Firewalls are not enough

  • Unlike firewalls SBC maintains session state
  • SBC opens pin holes for ports associated with the session
  • The firewall will close and reopen different port numbers breaking the session
  • SBC inspects, controls and manipulates all network layers: 2 to 7
  • The firewall only works on layer: 2 to 4 (IP/TCP)

Enterprise Security Threats

Denial of Services

  • Call/registrationoverlaod
  • Malformed messages (fuzzing)
  • Configuration errors
  • Mis-configured devices
  • Operator and applicatoin errors

 

Theft of service / Fraud

  • Unauthorized users
  • Unauthorized media types

BYOD

  • Smartphones running unauthorized apps
  • Viruses and Malware  attacks your VoIP network

Firewall is not enough

Traditional firewalls cannot:

  • Prevent SIP-specific overload / SIP DOS
  • Open/Close RTP media ports in sync with SIP signaling
  • Track session state and provide uninterrupted service
  • Perform inter-networking  or security on encrypted sessions
  • Solve multi-vendor SIP interoperability
  • Topology Hiding

 

SBC do all of the above.

 

 

取自“http://freepbx.org.cn/wiki/index.php?title=SIP用例&oldid=599