Document Sample
SOLUTION PAPER Powered By Docstoc

An introduction to secure VoIP
Take advantage of VoIP without the risks

administrator will have only one system to administer with increased security and lower cost as a result. The AppGate system can also give remote users access to the internal VoIP server. It protects the call while being transmitted over the Internet against eavesdropping and modification. The AppGate system is built for mobility to support everyday use in an efficient way: • Automatic reconnects restores the connection with the network if it is dropped. It is not necessary for the user to log in to the system again after a lost connection. • Roaming functionality makes it possible to switch between networks without user intervention. For example when a device switches from one network to another. • Different access rights depending on type of device. For example, the use of VoIP can be granted to all corporate employees regardless of location and device being used, whereas access to other services such as email or file shares on the corporate network can be limited to certain users or systems. Many other solutions can only offer full access or no access, which may not be a good option. • Support for a large number of authentication systems. The system may, for example, allow VoIP calls using a plain username/password authentication whereas other data access would require a token device. The system owner has full freedom to define access rules and conditions for each service being offered. • The AppGate system can even make sure that user PCs are secured with the integrated Personal Firewall. It can check the configuration of the devices through the built-in “client check” capability before granting access. AppGate for total secure access We have introduced a new way to administer security in the network. Through the concept of Single Point of Power, it is possible to control all accesses to all applications from one place. The system has many other benefits that are very appreciated by system administrators: • Works with any authentication system. Many systems can even be in use at the • same time. Active Directory, LDAP and RADIUS are of course supported. • Powerful rules sets. It is possible to specify in detail how and under what circumstances every service should be available.

The Voice over IP (VoIP) technology provides organisations an opportunity for cost savings and increased control over internal telephony. It provides many advantages over the “old world” technology. It is now possible to go almost anywhere and still be reachable through the office phone number. For both internal and external callers, the mobile user will still be available through the regular extension number. The use of soft phones is also a new possibility and allows users to use virtually any mobile device to place the calls and many implementations also offer the possibility to attach documents to the phone call. Cost savings is an obvious benefit especially when international calls are involved. All the users need is a network connection. Voice over IP and security But no new technology without some problems. Since VoIP traffic is sent over normal networks such as the Internet, it faces the same security problems as all other traffic. Encryption and secure authentication must be an integral part of the system. Unauthorised external users should not be able to use the internal phone system and “local calls” between corporate employees should be private regardless of the callers’ locations. Due to the nature of VoIP, the security solution must have special features. First, VoIP normally uses the UDP protocol which is not commonly supported by VPN systems. The system must also support reverse connections, i.e. that the server contacts the clients through the VPN system. In addition, the delays through the system must be low to make it possible to offer good quality of the phone service. For ease of use, administration and cost reasons, the security solution should be easy to deploy and ideally also be the same as the security solution used for all other data traffic. Finally, to be able to use different devices for VoIP, the security solution must also have wide client platform support. The AppGate solution The AppGate solution supports secure connections regardless of device, transmission type (wired or wireless) or application. It makes it possible to access all important business information whenever it is needed, through one security system. Consequently the system

• Detailed logging system that makes it possible to have complete control of the security system and all activities. • Firewall friendly protocol. It is easy for users to connect to the security system through almost all types of network devices. • Cluster technology makes it easy to build highly reliable and high-performance server solutions.

For more information please visit us at or send us an email at

The use of “soft phones” makes it possible to use almost any mobile device to connect to the corporate phone system in a secure way.

Partner or! customer!

Application data!

AppGate ! Security ! Server! Application server!

Mac! Application server! PC!

Mobile client!