|
 |
 |
| Firewalls/Proxy Servers |
|
 IX66 AirSIP Wi-Fi Access Point
SIP capable firewall that protects your PC or LAN. Connects to your
PC or LAN via 10/100 mbps Ethernet or USB port. The router in the
IX66 connects your PC and other networked equipment to the Internet.
You get your own Local Area Network (LAN). |
 |
Functions
•Access Router
•2 Ethernet Ports
•USB port
•Keys and display
•Compact flash slot for wireless PRISM-based 802.11b card
•Packet Filtering Firewall with SPI
•Selectable firewall tightness
•SIP Support
Technical
Specification |
| General |
| Processor |
ARM9 |
| System Support |
OS Independent |
| Operating System |
VXWorks |
| Certifications |
CE, FCC, UL |
| Throughput |
10 Mbit/s |
| Remote Configuration |
Remote management and remote
firmware upgrading |
| Protocol |
RFC1483, PPPoE, PPPoA, IP, TCP,
UDP, ICMP, DHCP, HTTP, FTP, SIP, SNMP, POP3, CHAP, PAP |
| Management |
| Firmware Upgradeable |
Manual check for new release |
| Configuration |
Built-in web server, Telnet |
| DHCP |
Client and Server |
| Log |
System and security log. Logs can be sent to an external syslog server.
|
| Console |
| Physical Dimension |
180x130x25 mm |
| Weight |
0,3 kg |
| LED Indicators |
Air, USB, ET1, ET2, WAN, TXD,
RXD (Activity) |
| Display |
Three Digit LED for speed and
status information |
| Media Interfaces (Ports) |
USB: USB Specification 1.0 and
1.1 |
| |
ET1: 1 x 10/100 Base-T (RJ 45),
IEEE 802.3 and 802.3u Compliant |
| |
ET2: 1 x 10/100 Base-T (RJ 45),
IEEE 802.3 and 802.3u Compliant |
| Electronic Specifications |
Input Power 9V DC, 600 mA |
| Cabling Type |
10BaseT: UTP Category 3 or better
100BaseTX: UTP Category 5 or better
USB: USB CableEXP: Telephony
cabling |
| Security |
| Firewall |
General rule based packet filtering
Stateful inspection
Proxy
Port redirection
NAT+NAPT
DMZ Hosting |
| Application Support |
FTP, Ping (ICMP), SIP (see below) |
| Game Support |
Quake, Quake 3
Peer-to-peer (e.g.
Quake 2)
battle.net (e.g. Starcraft) |
| Password protection |
Blocks unauthorised users from
changing configuration settings |
| VPN Functionality |
VPN pass through
IPSec (ESP tunneling
mode, one client)
PPTP (one client)
SSH (multiple clients) |
| Wireless |
| Wireless |
IEEE 11 Mbps Direct Sequence
Spread Spectrum (DSSS) |
| Wireless Access Point Security |
WEP encryption 64 and 128 bits |
| Wireless CF Cards Supported |
802.11b cards using standard
intersil PRISM 2.0, 2.5, or 3.0 chipset. |
| Session
Initiation Protocol (SIP) |
| SIP Support |
IETF protocol for sessions over
Internet (e.g. IP Telephony), RFC2543 |
| Transport Protocol |
UDP, TCP |
| SIP Proxy |
Firewall awareness (controls
firewall)
Parallel Forking
Session Timer |
| SIP Registrar |
Up to 5 users, upgrades available
to allow for a larger number of registered users.
SIP clients are
automatically registered allowing the proxy to route the requests
correctly and to open/route the media streams to the correct user. |
Ingate
SIParators™
Your company is communications intensive and you want access to
the best in real time person-to-person IP communications. The Ingate
SIParator™ is a product that seamlessly works with your existing
firewall, allowing employees to utilize SIP-based applications.
Internet,
the LAN and Firewalls
Every business has a Local Area Network (LAN) with Internet access. To maintain
privacy and security on the LAN, it is protected and separated from the public
Internet by a firewall. Current firewalls are designed to allow communication
from computers on the LAN, behind the firewall, to servers on the Internet and
to allow sharing of one single public IP address. Today, there are more efficient
methods of Internet communications,
including presence, instant messaging (IM), conferencing and VoIP. However, these
applications require that SIP capabilities are added to the existing firewall.
The Ingate SIParator™ is the only product of its kind and allows you
to add SIP transparency to your network. The SIParator™ is designed to
support a full range of capacity requirements and is compatible with all commercially
available firewalls.
The Ingate SIParator™ performs all SIP proxy and registrar functions.
The registrar holds the private IP addresses of the users inside your network,
allowing the SIParator™ to relay SIP signalling. Once the session has
been initiated, the agreed UDP or TCP ports are opened and the SIParator™ relays
the media streams. This functionality enables SIP communications also to and
from NATed networks. Ingate® offers SIParators™ for small, medium
and large enterprises. The SIParator™ can be configured as a part of
the DMZ or in a standalone mode. In both cases, the benefits of SIP-based communications
can be added to the network simply and easily.
SIP
transparency
Existing commercially available firewalls prevent delivery of realtime SIP-based
communications. Some existing firewalls will allow SIP messages through port
5060, but media stream is not supported. Using Ingate’s SIP technology,
this problem is solved. The Ingate SIP proxy negotiates between the two end points
and dynamically opens the media ports in the SIParator™ necessary to allow
the traffic to flow. Enterprises that want the time and cost saving benefits
of interoperable, universal realtime communications without replacing their existing
firewall can purchase a one-box solution: the Ingate SIParator™.
All Ingate SIParators™ are cost-effective and scalable, designed to
meet the needs of today’s dynamic enterprises. For more information,
please visit their website at www.ingate.com
Configuration
1: DMZ
The Ingate SIParator™ connects to the existing firewall through the DMZ
interface. All traffic will pass through the existing firewall. The configuration
requires that a static range of UDP and TCP ports are opened between the Internet
and the SIParator™ and between the SIParator™ and the LAN. SIP clients
on the LAN need to have the SIParator™ defined as their outgoing proxy
or be referred to it via DNS. The firewall continues to control security, but
SIP traffic is routed to the LAN only via the SIParator™.
Configuration
2: DMZ/LAN
The Ingate SIParator™ connects to the DMZ of the existing firewall and
to the LAN. This means that SIP traffic and media streams only have to pass through
the existing firewall once (or not at all for calls inside the office). A static
range of UDP and TCP ports need to be opened in the firewall between the Internet
and the SIParator™. SIP clients on the LAN need to have the SIParator™ defined
as their outgoing proxy or be referred to it via DNS.
Configuration
3: Standalone
The Ingate SIParator™ connects to both the LAN and the Internet, operating
entirely in parallel with the existing firewall. The SIParator™ will only
handle SIP signalling and media streams; everything else will pass through the
existing firewall. This setup has no requirements for the existing firewall and
requires no configuration changes. SIP clients on the LAN need to have the SIParator™ defined
as their outgoing proxy or be referred to it via DNS.
Technical
Specifications Ingate SIParators™
| Feature |
Ingate
SIParator
20 |
Ingate
SIParator
40 |
Ingate
SIParator
80 |
Ingate
SIParator
88 |
| Processor |
VIA C3, 533 |
Celeron 566 |
Athlon XP 1800+ |
Athlon MP 1800+ |
| Interfaces (10/100 Mbit/s) |
2 |
2 |
2 |
2 |
| Interfaces (1Gbit/s) |
No |
No |
Yes |
Yes |
| Redundant Power Supply |
No |
No |
No |
Yes |
Dimensions
WxDxH - mm |
220x254x44 |
482.6x254x44 |
482.6x450x177 |
482.6x450x177 |
Dimensions
WxDxH - inch |
8.66"x10"x1.75" |
19"x10"x1.75" |
19"x18"x7" |
19"x18"x7" |
| Certifications |
CE, FCC, UL |
CE, FCC, UL |
CE, FCC, UL |
CE, FCC, UL |
| Management |
|
|
|
|
| Automatic check for new release |
Yes |
Yes |
Yes |
Yes |
| Web GUI |
Yes |
Yes |
Yes |
Yes |
| DHCP Client |
Yes |
Yes |
Yes |
Yes |
| SNMP |
Yes |
Yes |
Yes |
Yes |
| Internal log to HD |
Yes |
Yes |
Yes |
Yes |
| Syslog |
Yes |
Yes |
Yes |
Yes |
| E-mail events |
Yes |
Yes |
Yes |
Yes |
| Free software upgrades |
Yes |
Yes |
Yes |
Yes |
| SIP Functionality |
|
|
|
|
| SIP Proxy |
Yes |
Yes |
Yes |
Yes |
| SIP Registrar |
Yes |
Yes |
Yes |
Yes |
| SIP traffic out & in without extra proxy |
Yes |
Yes |
Yes |
Yes |
| SIP traffic private IP addresses (MAT/PAT) |
Yes |
Yes |
Yes |
Yes |
| ILS encryption |
Yes |
Yes |
Yes |
Yes |
| SIP connectioin set up (SIP+RTP) |
0.15% |
0.15% |
<0.15% |
<0.15% |
| RTP - data delay (10mbps/100mbps network) |
0.19/0.08 ms |
0.19/0.08 ms |
0.19/0.08 ms |
0.19/0.08 ms |
| Number of concurrent RTP sessions |
50 |
180 |
400 |
800 |
| Registred SIP users included |
10 |
50 |
50 |
50 |
| Max recommended registred SIP users |
400 |
1000 |
4000 |
8000 |
SIParator
with Remote SIP Capabilities
For businesses looking to connect with home office workers and road warriors,
Ingate® Systems (www.ingate.com),
which produces and sells the world’s only fully Session Initiation Protocol (SIP)-capable enterprise firewalls, offers Remote SIP Connectivity, an applications suite that enables far-flung users to leverage the benefits of SIP-based communications already integrated into the company’s
network.
Remote SIP Connectivity gives businesses a low-cost alternative to providing SIP-capabilities to all their employees. It is the only product available today that delivers far-end NAT traversal within the firewall itself, eliminating the need for costly session border controllers in the corporate environment.
Remote SIP Connectivity is being launched in conjunction with a new software
release version 4.1.0 for all Ingate Firewall® and Ingate SIParator® products.
Ingate Remote SIP Connectivity -Ingate’s award-winning products have
long included support for near-end NAT traversal. When connecting users to
a SIP-based VoIP network, NATs may be situated in remote locations not controlled
by the enterprise trying to implement the communications service, effectively
disrupting the VoIP connection. Far-end NAT traversal resolves this disruption
by managing the traversal of the remote NAT from a central location. Remote
SIP
Connectivity allows displaced users to traverse a majority of NAT devices for
simple call scenarios and connect with others on the global network.
Remote SIP Connectivity – which also includes a STUN server – provides
one of the most comprehensive SIP-based remote connectivity offerings on the
market.
Ideal for situations where it is not practical or economically feasible to
replace existing equipment with SIP-capable firewalls, Ingate Remote SIP Connectivity
addresses a wide range of business needs: •VoIP-enable
single users working from home offices/telecommuters and even hotel rooms – without
buying new equipment.
•For companies with staff who travel frequently,
Ingate’s solution lets
employees traverse most basic hotel NATs so they can continue to use realtime
communications while they’re away.
•Revitalize Internet-based support services
with the immediacy of “click
to talk” features.
Ingate Secure and SIP-Enabled - Ingate’s commitment to security
is evident with Remote SIP Connectivity. All Ingate products support authentication
and encrypted signalling. This prevents
unauthorized contact, and does allow financial service organizations, ISPs
and corporations to link with the remote site without risking eavesdropping.
Inspection
of the SIP signalling remains in place, preventing unwanted network intrusions.
Remote SIP Connectivity is available for all Ingate Firewalls and SIParators New
Software Release Version 4.1.0 - Ingate’s new software boasts
several new features, including:
•Support for authentication of SIP users from an external RADIUS server.
•More flexible NAT configurations, including
the ability to choose which public IP addresses should be the sender when using
NAT.
•VPN improvements including renegotiation
of VPN tunnels and a VPN status page. Version 4.1.0 also allows for VPN between
dynamic IP addresses.
•A DHCP-server, assigning IP addresses to
clients on the LAN.
•Support for multiple redundant DNS-servers
has also been incorporated.
•Improvements when handling certificates.
•The user interface has been enhanced, with
particular emphasis on the SIP section.
•Improved logging of IP-packets and IPsec
negotiations. |
| TOP |
|
BPO/Contact
Center Solutions
