Information HG 1500 V3.0 IP communication in medium-size companies



Similar documents

OpenScape Business V2

Information. HiPath 2000 V2. IP communication for small and medium-sized companies. Siemens Enterprise Communications:

#!) * & /! $* - 01 $& -$ 2 1 $& -# 32# $- - + $- -*!45 $-

Into the future with IP communication. HiPath

Voice over IP for small companies and offices. HiPath BizIP.

OpenScape Business V2

OpenScape Business V1

Information. Communication for the open minded. Siemens Enterprise Communications

Version Date Status Owner Released for HiPath OpenOffice ME V1 F. Kneissl / K.-W. Weigt

VPN. VPN For BIPAC 741/743GE

OpenScape Business V2

OpenScape Business V1

Documentation. HiPath TAPI 120 V2.0 Installation and Configuration. Communication for the open minded. Administrator Documentation

Chapter 5. Data Communication And Internet Technology

Remote Connectivity for mysap.com Solutions over the Internet Technical Specification

Objectives. Remote Connection Options. Teleworking. Connecting Teleworkers to the Corporate WAN. Providing Teleworker Services

Information. Siemens Enterprise Communications

Your Voice is Critical. OpenScape Enterprise voice solutions gives power to voice

Information. Communication for the open minded. Siemens Enterprise Communications

Commerzbank AG: Voice over IP in the branch of the future. Open Communication references.


IP communications for smaller companies. HiPath

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Your Voice is Critical. OpenScape Enterprise voice solutions gives power to voice

Information OpenScape UC Application OpenScape Personal Edition

Information. HiPath 3000 V7 HiPath 3000 the innovative communications solution for Internet telephony in small and medium enterprises

Documentation. OpenScape Business V1, TAPI 170 Installation and Configuration. Administrator Documentation P31003-P3010-M A9

1ISDN. August Software Reference ISDN 1

Release Notes. NCP Secure Entry Mac Client. 1. New Features and Enhancements. 2. Improvements / Problems Resolved. 3. Known Issues

R&S IP-GATE IP gateway for R&S MKS9680 encryption devices

Technical papers Virtual private networks

HiPath 3000 V6.0. High-Performance Modular Communications Platform for Small and Medium-Sized Enterprises

Other VPNs TLS/SSL, PPTP, L2TP. Advanced Computer Networks SS2005 Jürgen Häuselhofer

Overview. Unified Communications

Information HiPath OpenOffice ME IP communication for small and medium-sized companies

Whitepaper IPv6. OpenScape UC Suite IPv6 Transition Strategy

Application Note: Onsight Device VPN Configuration V1.1

L2F Case Study Overview

ZyWALL 5. Internet Security Appliance. Quick Start Guide Version 3.62 (XD.0) May 2004

Introduction. Technology background

Enterprise Edge Communications Manager. Data Capabilities

Multiprotocol router with X.21 and ISDN bintec R4300


Understand Wide Area Networks (WANs)

Contents. Features Major Functions. Detailed Specifications. c SAMSUNG Electronics Co.,Ltd.

VPN Solutions SECURITY SOFTWARE. Product Information

Cisco Which VPN Solution is Right for You?

CCNA Security 1.1 Instructional Resource

Common Remote Service Platform (crsp) Security Concept


VPN. Date: 4/15/2004 By: Heena Patel

Increased Productivity

Cisco Cisco 3845 X X X X X X X X X X X X X X X X X X

IP Office - Small Office Edition IP406 IP412 Office

Introduction to Security and PIX Firewall

Integrated Services Router with the "AIM-VPN/SSL" Module

Unify Certified Communication Program

4. H.323 Components. VOIP, Version 1.6e T.O.P. BusinessInteractive GmbH Page 1 of 19

DSL-2600U. User Manual V 1.0

Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003

Data Sheet. NCP Secure Enterprise Client Windows. Next Generation Network Access Technology

1 Which network type is a specifically designed configuration of computers and other devices located within a confined area? A Peer-to-peer network

APNIC elearning: IPSec Basics. Contact: esec03_v1.0

Sweex Wireless BroadBand Router + 4 port switch + print server

Release Notes. NCP Secure Entry Mac Client. Major Release 2.01 Build 47 May New Features and Enhancements. Tip of the Day

Case Study for Layer 3 Authentication and Encryption

Overview. Protocols. VPN and Firewalls

Information. HiPath 500 V7 The Professional Communications System for Small Businesses and Offices. Communication for the open minded

SIP Trunking with Microsoft Office Communication Server 2007 R2

IPsec VPN Security between Aruba Remote Access Points and Mobility Controllers

Failsafe WAN, VoIP, IVRS & LAN connectivity

Information. OpenScapeOfficeMX The Unified Communications solution for small and mediumsized

Compact PBX IP302. Mains adapter (primary: V, 50 Hz, secondary: 40V DC 375mA) or Power over LAN (IEEE 802.3af)

NAVAN CNX200 Office-in-a-Box Solution for Small Businesses

AP200 VoIP Gateway Series Design Features & Concept AddPac R&D Center

District of Columbia Courts Attachment 1 Video Conference Bridge Infrastructure Equipment Performance Specification

TK C -25 C 95% RH EMC TK701G TK701U TK704G TK704U TK704W. TK-Series Cellular Router

The BANDIT Products in Virtual Private Networks

How Virtual Private Networks Work

Connecting Remote Users to Your Network with Windows Server 2003

R&S IP-GATE IP gateway for ISDN encryption devices

ISG50 Application Note Version 1.0 June, 2011

Integrated Services Router with the "AIM-VPN/SSL" Module

The BANDIT Device in the Network

VPN VPN requirements Encryption VPN-Types Protocols VPN and Firewalls

HiPath The professional communications system for medium-sized enterprises.

SIP Trunking Configuration with

Contents Introduction Why Fax over IP? How Real-time Fax over IP works Implementation with MessagePlus/Open Summary. About this document

DATA SECURITY 1/12. Copyright Nokia Corporation All rights reserved. Ver. 1.0

Internet Broadband Router XRT-501. Quick Installation Guide

Configuration of Applied VoIP Sip Trunks with the Toshiba CIX40, 100, 200 and 670

The communications system for medium-sized enterprises. HiPath

Virtual Private Network and Remote Access Setup

300Mbps Wireless N VoIP VDSL/ADSL Modem Router

Cconducted at the Cisco facility and Miercom lab. Specific areas examined

Virtual Private Network and Remote Access

ICTTEN8195B Evaluate and apply network security

Transcription:

Information HG 1500 V3.0 IP communication in medium-size companies HG 1500 is the LAN and gateway board for the HiPath 3000 Real Time IP system for small and medium-size companies. HG 1500 permits you to directly connect Ethernet LANs (10/100 Mbit/s) and ITSPs (Internet Telephony Service Provider) to HiPath 3000 systems, thus allowing Voice over IP (VoIP) in public and corporate networks. Communication for the open minded Siemens Enterprise Communications www.siemens.com/open

HG 1500 includes an H.323 gateway SIP Registrar which supports standardized voice communication over IP networks (Voice-over-IP. HG 1500 V3.0 enables the encryption of voice and signaling data on the intranet and permits Virtual Private Networks (VPN) to be set up using fast and economical Internet connections. IPSec encryption and authentication mechanisms allow secure remote networks and secure access for teleworkers, while also enabling external partners to be included in the business communication flow. HG 1500 V3.0 connects the HiPath 3000 Real Time IP systems to the customer s Ethernet LAN. Features from the traditional telecommunication world and other applications are provided on the relevant terminals based on IP protocols. This enables communication solutions with multi-station capability to be implemented: Voice over IP (VoIP) in the public/corporate network Connection to Internet Telephony Service Providers (ITSP) via the SIP protocol Voice gateway between traditional telephone/voice networks and VoIP networks using H.323, CorNet IP und SIP protocols IP Networking and Virtual Private Networking (VPN) For economic and flexible connectivity between locations Encryption of voice and signaling data between users and on the network LAN-LAN coupling via ISDN Remote LAN access/teleworking Fax (T.30/T.38) / modem over IP in the network Internet access Computer Telephony Integration (CTI) Telematic services such as fax transmission and Eurofile Transfer Platform for 3 rd party applications such as IP accounting Standard based network management with SNMP, i.e. administration, alarm and performance management in a central management platform. Voice over IP clients opticlient 130 IP telephony at the user's PC OpenStage HFA The new IP telephone family for Real Time IP Systems (CorNet IP) optipoint 410/420 families (CorNet IP and SIP variants) Connection of standard SIP devices (opti- Point 150 S, for example) optipoint WL2 professional V1.0 Professional WLAN phone for the Voiceover-WLAN market opticlient Attendant V8.0 PC Attendant Console AP 1120 SIP Connection of analog devices via an IP network Certified H.323/SIP clients Internet access Dynamic IP addressing from an Internet service provider (ISP) Internet access using one Internet provider IP address and Network Address Translation (NAT/NAPT), i.e. cost-effective solution for all PCs in the network Internet access via ISDN Dynamic or static channel bundling (load-dependent B channel switching) The Internet Provider must also support these features. Internet access via xdsl lines or fixed Internet connections Access control ISDN call number checking Automatic callback without setting up an ISDN toll call IP address verification MAC firewall (checking the MAC/IP address combination in the internal LAN) Stateful packet filter IP address-based service release/block Protection against denial of service attacks

IP networking Using the HG 1500 it is possible to network HiPath 2000, HiPath 3000 and HiPath 4000 and HiPath 5000 systems with each other via IP. Up to 1,000 users and 32 nodes can exist in a HiPath network. Second LAN interface HG 1500 has a second LAN interface. This can be used for an ADSL line or to connect behind a 3 rd-party SDSL router in order to provide faster Internet access. Alternatively, the second LAN interface can be used for connecting two LAN segments (LAN-LAN). Remote LAN access By linking PCs that are installed outside the corporate LAN, an authorized external group of people can have access to central applications and information on the LAN. This means home workstation users can access the same LAN services as users of PCs connected to the corporate LAN (data, e- mail, PC programs). Virtual Private Networking Thanks to the integrated VPN gateway HG 1500 V3.0, HiPath 3000 offers a secure and flexible solution for networking locations and allows teleworker remote access via the cost effective infrastructure of the public Internet. An integrated Light Weight Certification Authority (LWCA) enables certificates to be generated for the purpose of secure authentication of VPN users. The VPN Client Software provides a secure connection from the teleworker's PC to the HG 1500 V3.0 VPN Gateway within the company. This means that central applications are available throughout the network. LAN-LAN coupling Through LAN-LAN coupling, Ethernet LANs at different locations are linked into a single corporate network using ISDN dialup lines. This makes it possible for outside locations to access central files or files at other locations, thereby meeting the requirement for interactively combining workflows in organizational units at different locations. Dynamic channel bundling In the case of LAN-LAN coupling via ISDN up to 16 B channels are bundled automatically depending on the transmission volume and the application packages implemented. The threshold values for dynamic channel bundling can be set. The number of B channels can be configured for each routing partner.

Encryption Together with the integrated IP gateway HG1500, HiPath 3000 offers a solution for tap-proof communication based on international security standards. The solution is based on international standards. The call data is encrypted between gateways using the Secure Realtime Transport Protocol (SRTP, RFC 3711), and the CorNet IP signaling protocol is encrypted using AES (Advanced Encryption Standard). The decisive advantage of this solution is that no additional software or hardware is needed for the encryption and decryption processes. Encryption and decryption are performed locally at the physical endpoints of the connection (at the terminal or gateway) and are already integrated in the system. The encryption can be activated on a subscriberby-subscriber basis. Administration In the case of HG 1500 V3.0, all the important functions can be configured via Web- Based Management (WBM) from the IP network. Microsoft Internet Explorer for administration Intuitive user interface Secure administration via SSL/TLS Administration, maintenance, and software upgrading on site or via remote Administration & Maintenance Own administration by the customer via LAN SNMP (Simple Network Management Protocol) for incorporation in a network management system. IP accounting The cost of Internet access can be tracked through IP accounting with TeleData Office V3.0: HG 1500 provides an internal interface by means of which TeleData Office V3.0 charge solutions can also collect and evaluate charge rates for pure data connections. Computer Telephony Integration (CTI) The Smartset 2000 for ISDN software is an application for computer-supported dialing using the LAN. This solution can be employed for analog and digital terminals. Telematic services Access to telematic services is provided via, for example, the Fritz!32 telematic software. This ensures the transmission of fax reports and files to/from any PC. Group 3 fax up to 14,400 bps Fax-on-Demand in receive direction ISDN file transfer Customer benefits Advantages for users Standard protocols and interfaces supported Flexible connection to a wide range to 3 rd party applications for CTI, Unified Messaging and telematic functions Strategic benefits Gradual or complete migration of voice communication to the IP network Investment protection: Existing technology can continue to be used Flexible design of the corporate network in terms of bandwidth, scalability and choice of access media Business processes protected by VPN Implementation of modern workstation models (tele/mobile workers) Increase efficiency for mobile workers due to secure access to business information when travelling Short to medium-term return on investment for your network solution Cost saving Use of cost effective, fast, broadband Internet access as an alternative to expensive IP or TDM dedicated lines Only one infrastructure used, reducing investment and administration costs Reduced administration effort for MACs (Moves, Adds, Changes) Saving on external routers and ISDN cards: Flexible use of HiPath 3000 ISDN trunk lines (depending on required bandwidth) Use of LCR intelligence of HiPath system for voice, fax and data communication Reduced call charges with short-hold function Basic package HG 1500 V3.0 incl. 2 B channels TAPI 120 V2.0 1 st party TAPI service provider for connecting up to 6 clients in smaller networks Windows driver for CAPI 2.0 interface Documentation Expansion options License for every further B channel Expansion Module PDM1 for 8 additional B channels. Hardware module to expand from 8 to max 16 B channels for HiPath 33x0 and HiPath 35x0; from 16 to a maximum of 32 B channels with HiPath 37x0 and HiPath 3800 ComScendo license for IP WorkPoints on HiPath 3000/5000 V7 VPN Client Light Weight Certification Authority (LW- CA) package TAPI 120 V2.0 1 st party TAPI service provider for connecting more than 6 clients. The supplied CSTA Message Dispatcher (CMD) should be installed. Available for delivery in different expansion packages. TAPI 170 V2.0 (TAPI driver for connecting TAPI-enabled 3 rd -party applications) 3 rd - party TAPI Service Provider. Available for delivery in various basic and expansion packages. Smartset 2000 for ISDN (CTI application for PC-supported telephony) Fritz!32 telematic software Routing application package DSL Routing application package Product software HG 1500 V3.0 for HiPath 3000 V7

Technical data at a glance System requirements HiPath 3000 V7 At least one Euro-ISDN basic access (connection to the network or another HiPath system) At least one free slot in the basic system Maximum number of HG 1500 Gateways that can be used in the system HiPath 3300/3350: 1 gateway HiPath 3500/3550: 3 gateways HiPath 3800: 4 gateways per box 8 gateways per system Interfaces S 0 -Basic Rate Interface (BRI) with DSS1 protocol system interface multidevice interface S 2M -Primary Rate Interface (PRI) with DSS1 protocol Ethernet interfaces: 10/100 Mbit/s 10/100 Mbit/s (DSL with PPPoE/PPTP) PC / LAN Microsoft Windows 2000/XP/Vista Microsoft Internet Explorer 5.5/6.0 Network protocol TCP/IP System environment Switched LAN 10/100 BaseT Client/Server and peer-to-peer-networks with TCP/IP protocol Network topology HG 1500 supports Ethernet LANs and is configured for twisted pair port (RJ45) as standard. Protocols Voice over IP: H.323 acording to ITU CorNet IP SIP QV2 SIP according to RFC STUN Voice coding: G.711 G.723.1 G.729A/AB Fax over IP T.30 (Fax over G.711) T.38 G.168 compliant echo compensation Point-to-point protocols and features: PPPoE PPTP PPP compression MPPC/STAC PPP/PPP multilink Static and dynamic bandwidth management Voice over PPP Remote access: Analog V.34 Analog V.90 GSM V.110 bit rate adaptation ISDN CAPI 2.0 interface TAPI 2.2/3.0 interface Quality of Service Quality of Service Layer 2 IEEE 802.1p Quality of Service Layer 3 Type of Service (ToS)/IP Precedence DiffServ Access control/firewall/other security functions/miscellaneous Callback for registered station numbers (RAS) PAP CHAP NAT/NAPT MAC address filtering IP address filtering Stateful Packet Filter Denial of service protection Encryption SRTP (Secure Real Time Protocol) for encryption of voice data Signaling encryption H.235 Authentication and integrity IP mapping Secure administration Web-based management via SSL/TLS Bandwidth control Reservation of bandwidth for voice and data Dynamic control of jitter buffer SNTP server LDAP v2 interface VPN protocols IPSec protocols Encapsulating Security Payload (ESP) Tunnel mode encapsulation Key management Internet Key Exchange (IKE) Diffie-Hellman algorithms Oakley groups 1, 2 and 5 Main mode/aggressive mode Perfect Forward Secrecy (PFS) Export/import in PKCS#12 format Symmetric encryption algorithms DES 3DES AES Hash algorithms HMAC-MD5 HMAC-SHA1 Public Key algorithms Rivest, Shamir, Adleman (RSA) Digital Signature Algorithm (DSA) Authentication Preshared Keys X.509v3 certificates PKI (Public Key Infrastructure) Certification Authority Integrated Light Weight CA (LWCA) Private or public PKI

Copyright Siemens Enterprise Communications GmbH & Co. KG Siemens Enterprise Communications GmbH & Co. KG is a Trademark Licensee of Siemens AG Hofmannstr. 51, D-80200 Munich; 03/2009 Reference No.: A31002-G2500-A180-8-7629 Communication for the open minded Siemens Enterprise Communications www.siemens.com/open The information provided in this brochure contains merely general descriptions or characteristics of performance which in case of actual use do not always apply as described or which may change as a result of further development of the products. An obligation to provide the respective characteristics shall only exist if expressly agreed in the terms of contract. Availability and technical specifications are subject to change without notice. OpenScape, OpenStage and HiPath are registered trademarks of Siemens Enterprise Communications GmbH & Co. KG. All other company, brand, product and service names are trademarks or registered trademarks of their respective holders. Printed in Germany