DOCSLIB.ORG

Security Management Fundamentals

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Security Management Fundamentals Nortel Communication Server 1000 Security Management Fundamentals NN43001-604 . Document status: Standard Document version: 01.46 Document date: 31 October 2007 Copyright © 2008, Nortel Networks All Rights Reserved. LEGAL NOTICE While the information in this document is believed to be accurate and reliable, except as otherwise expressly agreed to in writing NORTEL PROVIDES THIS DOCUMENT "AS IS" WITHOUT WARRANTY OR CONDITION OF ANY KIND, EITHER EXPRESS OR IMPLIED. The information and/or products described in this document are subject to change without notice. Sourced in Canada Nortel, the Nortel Logo, the Globemark, SL-1, Meridian 1, and Succession are trademarks of Nortel Networks. Entrust is a trademark of Entrust, Inc. Verisign and Thawte are trademarks of Verisign, Inc. VxWorks is a trademark of Wind River Systems, Inc. All other trademarks are the property of their respective owners. 3 Revision History October 2007 Standard 01.46 This document is up-issued to support Communication Server 1000 (CS 1000) Release 5.0, and to reflect changes in technical content related to password reset procedures. October 2007 Standard 01.42 This document is up-issued to support CS 1000 Release 5.0, and to reflect changes in technical content related to Intrasystem Signaling Security Solution (ISSS) configuration. September 2007 Standard 01.34 This document is up-issued to support CS 1000 Release 5.0, and to reflect changes in technical content related primarily to ISSS configuration. June 2007 Standard 01.13 This document is up-issued to support CS 1000 Release 5.0, and to reflect changes in technical content, including changes to information about SIP TLS and ISSS configuration. May 2007 Standard 01.06 This document is up-issued to support CS 1000 Release 5.0, and to reflect changes in technical content, including changes to information about SIP TLS configuration, and corrections to statements about password conversion. May 2007 Standard 01.03 This document is up-issued to support CS 1000 Release 5.0, and to reflect changes in technical content, including changes to information about Media Security configuration. May 2007 Standard 01.02 This document is up-issued to support CS 1000 Release 5.0, and to reflect changes in technical content, including changes to NKEY configuration ranges. Nortel Communication Server 1000 Security Management Fundamentals NN43001-604 01.46 Standard Release 5.0 31 October 2007 Copyright © 2008, Nortel Networks . 4 Revision History May 2007 Standard 01.01 This document is issued to support CS 1000 Release 5.0 This document contains information about security features that are new in CS 1000 Release 5.0, and about changes to existing security features. This document also contains information previously contained in the following legacy document, now retired: System Security Management (553-3001-302) Nortel Communication Server 1000 Security Management Fundamentals NN43001-604 01.46 Standard Release 5.0 31 October 2007 Copyright © 2008, Nortel Networks . 5 Contents New in this release 15 New security features in CS 1000 Release 5.0 15 Comprehensive security solution 16 Other changes 16 Document restructuring and renaming 17 How to get help 19 Getting help from the Nortel Web site 19 Getting help over the telephone from a Nortel Solutions Center 19 Getting help from a specialist by using an Express Routing Code 19 Getting help through a Nortel distributor or reseller 20 Introduction 21 Purpose 21 Navigation 21 Other security information 22 About this document 22 Subject 23 Intended audience 24 Terminology conventions 24 Recommended security practices 25 Recommendations for OAM security 25 Recommended password management practices 25 Upgrading user names from an earlier release 26 Recommendations to protect confidentiality 27 ISSS/IPsec recommendations 27 TLS security for SIP trunks recommendations 27 Media Security recommendations 27 Recommendations for security administration 27 Shell Access Control 28 Certificates 28 Single sign-on cookie domain 29 Certificate management 29 Upgrade from an earlier release 30 Recommendations to protect IP Phones 30 Nortel Communication Server 1000 Security Management Fundamentals NN43001-604 01.46 Standard Release 5.0 31 October 2007 Copyright © 2008, Nortel Networks . 6 Contents Prevent GARP spoof attacks 30 Enable layer 2 authentication for IP Phones 31 Security interactions 31 ISSS and Element Manager on VxWorks signaling server 31 ISSS and Element Manager on ECM 31 ISSS and Geographic Redundancy 32 ISSS and AML 33 ISSS and other protocols 33 Media Security and call forwarding 33 Media Security and SIP phones 33 Media Security Always and CallPilot mailboxes on systems without MGC daughterboards or MC32S 34 SIP TLS security policy interaction with Failsafe NRS 34 SIP TLS interaction with SMC 2450 35 Fundamentals of system security management 37 System security overview 39 Media and signaling security overview 40 Media Security concepts 40 Security icon 41 Dependencies and supported systems 41 TLS security for SIP trunks concepts 42 General signaling security concepts 42 ISSS/IPsec 42 Secure Multimedia Controller 43 Key management concepts 43 Public-key certificate concepts 45 NRS SIP Proxy 47 User and password management concepts 48 OAM overview 48 Access control management 50 System upgrade password conversion 51 Global password settings 51 Role management in ECM 52 Security administration concepts 52 SSH and secure remote access 52 Customizable logon banner 53 ISSS 55 About ISSS 55 ISSS configuration overview 56 First-time configuration and activation of ISSS 58 Recommended methods for first-time ISSS configuration 59 Add, remove, or replace a CS 1000 system element when ISSS is enabled and active 78 Nortel Communication Server 1000 Security Management Fundamentals NN43001-604 01.46 Standard Release 5.0 31 October 2007 Copyright © 2008, Nortel Networks . Contents 7 Recommended methods to add, remove, or replace a system element 79 Other ISSS configuration and maintenance procedures 108 ISSS configuration using Element Manager 108 ISSS configuration from the call server using overlays 116 Maintenance on Linux servers 128 Manual ISSS configuration on each device 131 Certificate Management 135 Prepare the system for certificate management 135 CA management 136 Private CA Configuration 136 Add a CA to an endpoint 141 Change the trust status of an endpoint 143 Delete a CA 144 Certificate creation and management 145 Certificate information 146 Create a certificate for Web SSL signed by the private CA 148 Create a certificate for Web SSL signed by a trusted third-party CA 153 Create a self-signed certificate for Web SSL 159 Create a certificate for SIP TLS signed by the private CA 164 Create a certificate for SIP TLS signed by a public CA 170 Create a request for a third-party CA certificate for SIP TLS when upgrading the system 176 Create a self-signed certificate for SIP TLS 183 Process a pending certificate response 187 Delete a pending certificate request 190 Create a certificate renew request for the current certificate 192 Export the current self-signed certificate 195 Export the current certificate and its private key 197 Import a certificate and its private key from a file 200 Assign an existing certificate 203 Replace the current certificate 205 Remove the current certificate 207 SIP security 211 About TLS security for SIP trunks 211 SIP TLS configuration overview 213 View SIP TLS configuration 216 Job aid: config.ini 216 TLS security for SIP trunks configuration using Element Manager 218 Configuring SIP TLS security policy 218 SIP TLS Certificate management 226 SIP TLS maintenance using CLI 226 Media Security 229 About Media Security 229 Nortel Communication Server 1000 Security Management Fundamentals NN43001-604 01.46 Standard Release 5.0 31 October 2007 Copyright © 2008, Nortel Networks . 8 Contents Key sharing 231 Protecting the media stream using SRTP PSK 231 Protecting the media stream using SRTP USK 231 Media Security configuration using Element Manager 231 System-wide Media Security configuration 231 VTRK Class of Service configuration 234 Media Security configuration using overlays 237 System-wide Media Security configuration 237 Class of Service configuration 239 VTRK Class of Service configuration 240 Media Security configuration information 241 Media Security configuration information available using overlays 241 Media Security information available using an IP Phone 244 SIP Route information available using overlays 245 User and password management 247 Account types and roles 247 Account synchronization 248 Customer passwords 248 User and password management using overlays 249 User management 249 Password management 260 Global password settings configuration 261 Password reset 263 Multi-user login configuration using overlays 267 History File configuration using overlays 268 Password management for stand-alone Signaling Server 269 User and password management using Element Manager 269 Add a user 269 Edit an existing user 274 Synchronize a changed password 276 Edit global password settings 277 Security administration 281 Control access to the system 281 System administration port security 281 Switchroom security 282 Network facilities security 282 Refresh system keys 283 Control access to system Application Processors 284 Configure remote access 285 Manage secure shell access from the call server using overlays 285 Manage insecure shell access from the call server using overlays 286 Manage insecure shell access on Signaling Server or Voice Gateway Media Card devices using CLI 287 Nortel Communication Server 1000 Security
Load more

Recommended publications
  • Avaya Session Border Controller for Enterprise Overview and Specification
    Avaya Session Border Controller for Enterprise Overview and Specification Release 7.2.2.2 Issue 8 April 2019 © 2017-2019, Avaya Inc. YOU DO NOT WISH TO ACCEPT THESE TERMS OF USE, YOU All Rights Reserved. MUST NOT ACCESS OR USE THE HOSTED SERVICE OR AUTHORIZE ANYONE TO ACCESS OR USE THE HOSTED Notice SERVICE. While reasonable efforts have been made to ensure that the Licenses information in this document is complete and accurate at the time of printing, Avaya assumes no liability for any errors. Avaya reserves THE SOFTWARE LICENSE TERMS AVAILABLE ON THE AVAYA the right to make changes and corrections to the information in this WEBSITE, HTTPS://SUPPORT.AVAYA.COM/LICENSEINFO, document without the obligation to notify any person or organization UNDER THE LINK “AVAYA SOFTWARE LICENSE TERMS (Avaya of such changes. Products)” OR SUCH SUCCESSOR SITE AS DESIGNATED BY AVAYA, ARE APPLICABLE TO ANYONE WHO DOWNLOADS, Documentation disclaimer USES AND/OR INSTALLS AVAYA SOFTWARE, PURCHASED “Documentation” means information published in varying mediums FROM AVAYA INC., ANY AVAYA AFFILIATE, OR AN AVAYA which may include product information, operating instructions and CHANNEL PARTNER (AS APPLICABLE) UNDER A COMMERCIAL performance specifications that are generally made available to users AGREEMENT WITH AVAYA OR AN AVAYA CHANNEL PARTNER. of products. Documentation does not include marketing materials. UNLESS OTHERWISE AGREED TO BY AVAYA IN WRITING, Avaya shall not be responsible for any modifications, additions, or AVAYA DOES NOT EXTEND THIS LICENSE IF THE SOFTWARE deletions to the original published version of Documentation unless WAS OBTAINED FROM ANYONE OTHER THAN AVAYA, AN AVAYA such modifications, additions, or deletions were performed by or on AFFILIATE OR AN AVAYA CHANNEL PARTNER; AVAYA the express behalf of Avaya.
    [Show full text]
  • Security Management Fundamentals Release: 6.0 Document Revision: 03.08
    Nortel Communication Server 1000 Security Management Fundamentals Release: 6.0 Document Revision: 03.08 www.nortel.com .NN43001-604 Nortel Communication Server 1000 Release: 6.0 Publication: NN43001-604 Document release date: 14 April 2010 Copyright © 2008-2010 Nortel Networks. All Rights Reserved. While the information in this document is believed to be accurate and reliable, except as otherwise expressly agreed to in writing NORTEL PROVIDES THIS DOCUMENT "AS IS" WITHOUT WARRANTY OR CONDITION OF ANY KIND, EITHER EXPRESS OR IMPLIED. The information and/or products described in this document are subject to change without notice. Nortel, Nortel Networks, the Nortel logo, and the Globemark are trademarks of Nortel Networks. All other trademarks are the property of their respective owners. 3 . Contents New in this release 11 Other changes 11 Revision history 11 How to get help 15 Getting help from the Nortel Web site 15 Getting help over the telephone from a Nortel Solutions Center 15 Getting help from a specialist by using an Express Routing Code 16 Getting help through a Nortel distributor or reseller 16 Introduction 17 Purpose 17 Navigation 18 Other security information 18 About this document 19 Subject 19 Intended audience 20 Terminology conventions 20 Fundamentals of system security management 21 System security overview 23 General signaling security overview 23 Key management concepts 23 Public-key certificate concepts 25 Platform security overview 28 Unified Communications Management security services 28 Unified Communications Management security server roles 29 Security Domain Manager concepts 30 Linux security hardening 31 Internal communications security overview 36 ISSS/IPsec 36 Secure File Transfer Protocol concepts 38 Port access restrictions concepts 40 Linux Master Firewall Control 41 Media and signaling security overview 42 Nortel Communication Server 1000 Security Management Fundamentals NN43001-604 03.08 14 April 2010 Copyright © 2008-2010 Nortel Networks.
    [Show full text]
  • Configuring 9600 Series SIP Telephones with Avaya Auratm Session Manager Release 6.0 and Avaya Auratm Communication Manager Evolution Server Release 6.0 – Issue 1.0
    Avaya Solution Interoperability Test Lab Configuring 9600 Series SIP Telephones with Avaya AuraTM Session Manager Release 6.0 and Avaya AuraTM Communication Manager Evolution Server Release 6.0 – Issue 1.0 Abstract These Application Notes describe the configuration of 9600 Series SIP Telephones with Avaya AuraTM Session Manager Release 6.0 supported by Avaya AuraTM Communication Manager Evolution Server Release 6.0. Avaya AuraTM Session Manager provides SIP proxy/routing functionality, routing SIP sessions across a TCP/IP network with centralized routing policies and registrations for SIP endpoints. Avaya AuraTM Communication Manager Evolution Server serves as an Evolution Server within the Avaya Aura™ Session Manager architecture and supports the SIP endpoints registered to Avaya AuraTM Session Manager. These Application Notes provide information for the setup, configuration, and verification of the call flows tested on this solution. DJH Reviewed: Solution Interoperability Lab Application Notes 1 of 51 SPOC 10/1/2010 ©2010 Avaya Inc. All Rights Reserved. SM6_CM-ES_R6 Table of Contents: 1. Introduction ............................................................................................................. 4 2. Equipment and Software Validated......................................................................... 5 3. Configure Avaya AuraTM Communication Manager ................................................ 6 3.1. Verify System Capacities and Licensing ................................................................. 6 3.1.1.
    [Show full text]
  • NICC ND 1035 V2.1.1 (2016-02) NICC Document
    NICC ND 1035 V2.1.1 (2016-02) NICC Document SIP Network to Network Interface Signalling NICC Standards Limited Michael Faraday House, Six Hills Way, Stevenage SG1 2AY Tel.: +44(0) 20 7036 3636 Registered in England and Wales under number 6613589 2 NICC ND 1035 V2.1.1 (2016 -02) NOTICE OF COPYRIGHT AND LIABILITY © 2016 NICC Standards Limited The present document may be made available in more than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF). In case of dispute, the reference shall be that printing on NICC printers of the PDF version kept on a specific network drive within the NICC. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other NICC documents is available at: http://www.niccstandards.org.uk/publications/ If you find errors in the present document, please send your comments to: mailto:[email protected] Copyright All right, title and interest in this document are owned by NICC Standards Limited (“NICC”) and/or the contributors to the document (unless otherwise indicated that copyright is owned or shared with a third party). Such title and interest is protected by United Kingdom copyright laws and international treaty provisions. The contents of the document are believed to be accurate at the time of publishing, but no representation or warranty is given as to their accuracy, completeness or correctness.
    [Show full text]
  • NBAR2 Standard Protocol Pack 1.0
    NBAR2 Standard Protocol Pack 1.0 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 © 2013 Cisco Systems, Inc. All rights reserved. CONTENTS CHAPTER 1 Release Notes for NBAR2 Standard Protocol Pack 1.0 1 CHAPTER 2 BGP 3 BITTORRENT 6 CITRIX 7 DHCP 8 DIRECTCONNECT 9 DNS 10 EDONKEY 11 EGP 12 EIGRP 13 EXCHANGE 14 FASTTRACK 15 FINGER 16 FTP 17 GNUTELLA 18 GOPHER 19 GRE 20 H323 21 HTTP 22 ICMP 23 IMAP 24 IPINIP 25 IPV6-ICMP 26 IRC 27 KAZAA2 28 KERBEROS 29 L2TP 30 NBAR2 Standard Protocol Pack 1.0 iii Contents LDAP 31 MGCP 32 NETBIOS 33 NETSHOW 34 NFS 35 NNTP 36 NOTES 37 NTP 38 OSPF 39 POP3 40 PPTP 41 PRINTER 42 RIP 43 RTCP 44 RTP 45 RTSP 46 SAP 47 SECURE-FTP 48 SECURE-HTTP 49 SECURE-IMAP 50 SECURE-IRC 51 SECURE-LDAP 52 SECURE-NNTP 53 SECURE-POP3 54 SECURE-TELNET 55 SIP 56 SKINNY 57 SKYPE 58 SMTP 59 SNMP 60 SOCKS 61 SQLNET 62 SQLSERVER 63 SSH 64 STREAMWORK 65 NBAR2 Standard Protocol Pack 1.0 iv Contents SUNRPC 66 SYSLOG 67 TELNET 68 TFTP 69 VDOLIVE 70 WINMX 71 NBAR2 Standard Protocol Pack 1.0 v Contents NBAR2 Standard Protocol Pack 1.0 vi CHAPTER 1 Release Notes for NBAR2 Standard Protocol Pack 1.0 NBAR2 Standard Protocol Pack Overview The Network Based Application Recognition (NBAR2) Standard Protocol Pack 1.0 is provided as the base protocol pack with an unlicensed Cisco image on a device.
    [Show full text]
  • HT801/HT802 Analog Telephone Adaptors Administration Guide
    Grandstream Networks, Inc. HT801/HT802 Analog Telephone Adaptors Administration Guide COPYRIGHT ©2021 Grandstream Networks, Inc. http://www.grandstream.com All rights reserved. Information in this document is subject to change without notice. Reproduction or transmittal of the entire or any part, in any form or by any means, electronic or print, for any purpose without the express written permission of Grandstream Networks, Inc. is not permitted. The latest electronic version of this user manual is available for download here: http://www.grandstream.com/support Grandstream is a registered trademark and Grandstream logo is trademark of Grandstream Networks, Inc. in the United States, Europe and other countries. CAUTION Changes or modifications to this product not expressly approved by Grandstream, or operation of this product in any way other than as detailed by this User Manual, could void your manufacturer warranty. WARNING Please do not use a different power adaptor with your devices as it may cause damage to the products and -void the manufacturer warranty. P a g e | 1 HT801/HT802 Administration Guide Version 1.0.29.8 GNU GPL INFORMATION HT801/HT802 firmware contains third-party software licensed under the GNU General Public License (GPL). Grandstream uses software under the specific terms of the GPL. Please see the GNU General Public License (GPL) for the exact terms and conditions of the license. Grandstream GNU GPL related source code can be downloaded from Grandstream web site from: http://www.grandstream.com/support/faq/gnu-general-public-license/gnu-gpl-information-download P a g e | 2 HT801/HT802 Administration Guide Version 1.0.29.8 Table of Content DOCUMENT PURPOSE ................................................................................................
    [Show full text]
  • Ts 103 389 V1.2.1 (2013-09)
    ETSI TS 103 389 V1.2.1 (2013-09) Technical Specification Railway Telecommunications (RT); Global System for Mobile communications (GSM); Usage of Session Initiation Protocol (SIP) on the Network Switching Subsystem (NSS) to Fixed Terminal Subsystem (FTS) interface for GSM Operation on Railways 2 ETSI TS 103 389 V1.2.1 (2013-09) Reference RTS/RT-00021 Keywords FTS, SIP, GSM-R, NSS, railways ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N° 348 623 562 00017 - NAF 742 C Association à but non lucratif enregistrée à la Sous-Préfecture de Grasse (06) N° 7803/88 Important notice Individual copies of the present document can be downloaded from: http://www.etsi.org The present document may be made available in more than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF). In case of dispute, the reference shall be the printing on ETSI printers of the PDF version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at http://portal.etsi.org/tb/status/status.asp If you find errors in the present document, please send your comment to one of the following services: http://portal.etsi.org/chaircor/ETSI_support.asp Copyright Notification No part may be reproduced except as authorized by written permission.
    [Show full text]
  • Voice-Over-IP Security – State-Of-The-Art, Risks, and Concepts
    Voice-over-IP Security – State-of-the-art, risks, and concepts Prof. Dr. -Ing. Evren Eren University of Applied Sciences Dortmund, Emil-Figge-Str. 42 44227 Dortmund, Germany and Dr. -Ing. Kai-Oliver Detken DECOIT GmbH, Fahrenheitstraße 9 28359 Bremen, Germany ABSTRACT • Campus VoIP: Campus VoIP uses an IP PBX (Private Branch eXchange), which is most common, or IP- These days most companies and organizations with a distributed enabled PBX. IP phones and/or softphones are structure Voice-over-IP (VoIP) is a useful technology. connected to the IP PBX. Calls initiated from these However, most of them do not sufficiently reflect upon security phones are routed through a gateway to the PSTN. issues or merely know about the risks. Therefore, networks, Thus, this topology is not prone to attacks since the systems and applications are at risk. The rapid growth of the VoIP network does not extend to the Internet or any VoIP market and effortless adoption to enterprise IT- other non-trusted network. Potential attacks must infrastructures implicate an increasing need for long-term originate from within the intranet. sustainable security concepts and solutions. This paper • IP Centrex/Hosted IP: This type requires the addresses the issues described by involvement of a VoIP service provider hosting the IP • analyzing security risks and possible attacks and their PBX and providing VoIP services from this network. implications on the overall security, The enterprise only needs IP phones, no other VoIP • assessing risks, customer premises equipment is necessary. In this case • presenting security mechanisms and standards, and – as with Campus VoIP – internal attacks exist; • presenting security concepts and recommendations.
    [Show full text]
  • RFC Editor Genband Response
    Network Working Group M. Handley Request for Comments: 2543 ACIRI Category: Standards Track H. Schulzrinne Columbia U. E. Schooler Cal Tech J. Rosenberg Bell Labs March 1999 SIP: Session Initiation Protocol Status of this Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (1999). All Rights Reserved. IESG Note The IESG intends to charter, in the near future, one or more working groups to produce standards for "name lookup", where such names would include electronic mail addresses and telephone numbers, and the result of such a lookup would be a list of attributes and characteristics of the user or terminal associated with the name. Groups which are in need of a "name lookup" protocol should follow the development of these new working groups rather than using SIP for this function. In addition it is anticipated that SIP will migrate towards using such protocols, and SIP implementors are advised to monitor these efforts. Abstract The Session Initiation Protocol (SIP) is an application-layer control (signaling) protocol for creating, modifying and terminating sessions with one or more participants. These sessions include Internet multimedia conferences, Internet telephone calls and multimedia distribution. Members in a session can communicate via multicast or via a mesh of unicast relations, or a combination of these. Handley, et al. Standards Track [Page 1] RFC 2543 SIP: Session Initiation Protocol March 1999 SIP invitations used to create sessions carry session descriptions which allow participants to agree on a set of compatible media types.
    [Show full text]
  • UNIVERSIT`A DEGLI STUDI DI MILANO a Middleware-Independent and Secure Peer-To-Peer SIP Architecture (MISE-P2PSIP)
    UNIVERSITA` DEGLI STUDI DI MILANO FACOLTA DI SCIENZE MATEMATICHE, FISICHE E NATURALI DIPARTIMENTO DI TECNOLOGIE DELL'INFORMAZIONE DOTTORATO DI RICERCA IN INFORMATICA (INF/01 INFORMATICA) SCUOLA DI DOTTORATO IN INFORMATICA, XXIII CICLO A Middleware-Independent and SEcure Peer-to-Peer SIP architecture (MISE-P2PSIP) TESI DI DOTTORATO DI RICERCA DI: HOUNGUE YENUKUNME PELAGIE ELYSE Matr. R07911 RELATORE Prof. Ernesto Damiani Universit`adegli Studi di Milano, Italy CORRELATORE Prof. Roch Glitho Concordia University, Canada DIRETTORE DELLA SCUOLA DI DOTTORATO Prof. Ernesto Damiani Anno Accademico 2010 − 2011 To my parents who have supported me all the way since the beginning of my studies. Abstract A Middleware-Independent and SEcure Peer-to-Peer SIP architec- ture (MISE-P2PSIP) The Session Initiation Protocol (SIP) is the de facto standard for multimedia multiparty sessions signaling in Next Generation Networks (NGN). It is at the basis of a wide range of IP multimedia services. SIP specification and current usage relies on centralized servers. However, research has recently started on the integration of Peer-to-Peer (P2P) principles into SIP for harnessing the benefits of decentralization. The contribution of this thesis is fourfold. Firstly, this thesis contributes to this research by proposing a novel architecture for P2P SIP. Our architecture is an overlay composed of a set of self-organized proxies and distributed registrars. Unlike other architectures proposed so far, our proposal does not require an extension to SIP messages and is P2P middleware- independent. This eases implementation, interoperability with legacy, and ensures portability. Secondly, the thesis discusses the routing issues related to such environment. Indeed, introducing proxies in a P2P SIP overlay raises two important issues namely the proxy topology building and proxy-level routing.
    [Show full text]
  • HT812/HT814 Analog Telephone Adaptors Administration Guide
    Grandstream Networks, Inc. HT812/HT814 Analog Telephone Adaptors Administration Guide COPYRIGHT ©2021 Grandstream Networks, Inc. http://www.grandstream.com All rights reserved. Information in this document is subject to change without notice. Reproduction or transmittal of the entire or any part, in any form or by any means, electronic or print, for any purpose without the express written permission of Grandstream Networks, Inc. is not permitted. The latest electronic version of this user manual is available for download here: http://www.grandstream.com/support Grandstream is a registered trademark and Grandstream logo is trademark of Grandstream Networks, Inc. in the United States, Europe and other countries. CAUTION Changes or modifications to this product not expressly approved by Grandstream, or operation of this product in any way other than as detailed by this User Manual, could void your manufacturer warranty. WARNING Please do not use a different power adaptor with your devices as it may cause damage to the products and void the manufacturer warranty. P a g e | 1 HT812/HT814 Administration Guide Version 1.0.29.8 GNU GPL INFORMATION The firmware for the HT812/HT814 contains third-party software licensed under the GNU General Public License (GPL). Grandstream uses software under the specific terms of the GPL. Please see the GNU General Public License (GPL) for the exact terms and conditions of the license. Grandstream GNU GPL related source code can be downloaded from Grandstream web site from: http://www.grandstream.com/support/faq/gnu-general-public-license/gnu-gpl-information-download P a g e | 2 HT812/HT814 Administration Guide Version 1.0.29.8 Table of Content DOCUMENT PURPOSE ................................................................................................
    [Show full text]
  • SIP: Understanding the Session Initiation Protocol, Third Edition
    SIP: Understanding the Session Initiation Protocol Third Edition For a complete listing of titles in the Artech House Telecommunications Series, turn to the back of this book. SIP: Understanding the Session Initiation Protocol Third Edition Alan B. Johnston Library of Congress Cataloging-in-Publication Data A catalog record for this book is available from the U.S. Library of Congress. British Library Cataloguing in Publication Data A catalogue record for this book is available from the British Library. Cover design by Yekaterina Ratner Cover art by Lisa Johnston ISBN 13: 978-1-60783-995-8 © 2009 ARTECH HOUSE 685 Canton Street Norwood, MA 02062 All rights reserved. Printed and bound in the United States of America. No part of this book may be reproduced or utilized in any form or by any means, electronic or mechanical, including pho- tocopying, recording, or by any information storage and retrieval system, without permission in writing from the publisher. All terms mentioned in this book that are known to be trademarks or service marks have been appropriately capitalized. Artech House cannot attest to the accuracy of this information. Use of a term in this book should not be regarded as affecting the validity of any trademark or service mark. 10 9 8 7 6 5 4 3 2 1 For Lisa Contents Foreword to the First Edition xxi Preface to the Third Edition xxiii Preface to the Second Edition xxv Preface to the First Edition xxvii 1 SIP and the Internet 1 1.1 Signaling Protocols 1 1.2 Internet Multimedia Protocol Stack 2 1.2.1 Physical Layer 2 1.2.2
    [Show full text]