Secure SIP Trunking
SIP trunking between an enterprise IP PBX and carriers
The most common solution for enterprises with a local IP-PBX to connect to the PSTN is via a local PSTN gateway. However, today more and more service providers offer one single connection for both data and voice between the carrier and the enterprise. This is commonly called a SIP trunk. For the enterprise this means that they no longer need either the local PSTN gateway or costly PRI/BRI’s as the local IP-PBX can be connected to the service provider’s PSTN gateways over the Internet.
The SIP Trunking software module, working in conjunction with an Ingate Firewall or SIParator, solves the Network Address Translation (NAT) traversal issues that are faced by businesses using a SIP trunk. Together, they control both incoming and outgoing communications and route the communication to the intended users. All voice traffic (as well as data traffic) must traverse the enterprise firewall/NAT. However, SIP traffic cannot traverse traditional enterprise firewalls and NAT devices. As a result, the firewall/NAT device blocks all SIP traffic, which includes VoIP. Ingate resolves this issue, enabling enterprises to utilize SIP trunks and enjoy the benefits of SIP trunking while maintaining the security and integrity of their network.
A cost-efficient solution, the SIP trunk reduces monthly expenses for the enterprise as they:
- Only need one connection for both data and voice
- No longer need PRI/BRI connections
- Don’t have to buy or maintain a local PSTN-gateway
Firewalls and Benefits of Proxy-Based Solutions -- Technical details
The Ingate Firewall® or Ingate SIParator® solves the basic problem of firewall and NAT traversal using a SIP proxy-based implementation. The SIP proxy is a complete solution to the firewall and NAT traversal issues introduced by the enterprise firewall. A proxy is designed to briefly stop the signaling packets so that each one can be inspected before the header information is rewritten. The SIP proxy also makes sure the packets are delivered to the appropriate endpoints. This provides the enterprise with a flexible, controlled implementation of SIP-based communications that also maintains voice/video quality. Ingate Firewalls and SIParators offer a number of advantages:
- Near-end NAT traversal for connecting SIP communications between an enterprise and a carrier
- Dynamically open and close the media ports to admit voice or video on both UDP and TCP ports
- Encryption for communication privacy and prevention of eavesdropping. Include termination, transcoding and passthrough of TLS and SRTP
- Authentication and registration at the carrier side
- Give priority of voice traffic using the Ingate Quality of Service features
- ENUM look-up to route the call IP-IP all the way if possible
- Least cost routing of international calls
Ingate has confirmed interoperability several of the leading IP-PBX vendors and ITSPs. See the full list here.
Startup Tool for SIP Trunking
The Startup Tool is an installation tool for Ingate Firewall® and Ingate SIParator® products using the Ingate SIP Trunking software module, which facilitates the setup of complete SIP trunking solutions. The tool will automatically configure a user’s Ingate Firewall or SIParator to work with the IP-PBX or SIP trunking service provider of their choice. With the push of a button, the configuration tool will automatically create a SIP trunk connection designed to the user’s individual setup.
For additional information on Ingate SIP trunking solution please contact firstname.lastname@example.org.