deployment modes of the mivoice border … · mivoice border gateway in server-gateway mode astride...
TRANSCRIPT
1
DEPLOYMENT MODES OF THE MiVoice
Border Gateway
• There are four Network Profiles
• Choosing the correct Network Profile is key for a successful Mitel UC Deployment
• What is happening behind the scenes when you pick a Network Profile?
• What does Custom Configuration do?
2
COMMON SMB/SME DEPLOYMENT
TOPOLOGIES
SERVER-GATEWAY SERVER-GATEWAY
Carrier
Network
MBG/
Virtual MBG
Local
Users
MiVoice
Business/Virtual
MiVoice
Business
MiCollab/
Virtual
MiCollab
Remote
Users
Client
Network
Public
Internet
Carrier
Network
MBG/
Virtual MBG
2-port
Firewall
Local
Users
MiVoice
Business/Virtual
MiVoice
Business
MiCollab/
Virtual
MiCollab
Client
Network
Remote
Users
Public
Internet
3
COMMON ENTERPRISE
DEPLOYMENT TOPOLOGIES
SERVER-ONLY-DMZ-SRC SERVER-ONLY-DMZ
Carrier
Network
3-port
Firewall
Local
Users
MiVoice
Business/
Virtual MiVoice
Business
MiCollab/
Virtual
MiCollab
Remote
Users
Public
Internet
Client
Network
MBG/
Virtual MBG
DMZ
MBG/
Virtual MBG
W\SRC
Daisy-Chain
Carrier
Network
3-port
Firewall
Local
Users
MiVoice
Business/Virtual
MiVoice
Business
MiCollab/
Virtual
MiCollab
Remote
Users
Public
Internet
Client
Network
MBG/
Virtual MBG
DMZ
4
COMMON DEPLOYMENT TOPOLOGIES MiVOICE BORDER GATEWAY AS FIREWALL IN SERVER-GATEWAY MODE
• MiVoice Border Gateway is
deployed at the network edge
and serves as the enterprise
network firewall for all voice
and data connections
• MiVoice Border Gateway
supports Teleworker Sets, SIP
Trunk, Web Proxy and Secure
Recording Connector (SRC) for
TW sets.
• Can be co-resident with MAS
• Suitable for some SMB, used
when a client firewall does not
exist.
SERVER-GATEWAY
Carrier
Network
MBG/
Virtual MBG
Local
Users
MiVoice
Business/
Virtual MiVoice
Business
MiCollab/
Virtual
MiCollab
Remote
Users
Client
Network
Public
Internet
5
COMMON DEPLOYMENT TOPOLOGIES MiVOICE BORDER GATEWAY IN SERVER-GATEWAY MODE ASTRIDE THE
FIREWALL
• MiVoice Border Gateway is
deployed at the network edge and
alongside an existing firewall
• MiVoice Border Gateway supports
Teleworker Sets, SIP Trunk, Web
Proxy and Secure Recording
Connector (SRC) for remote sets.
• High degree of security through
Authentication and Encryption
• All “other” traffic allowed through
Corporate Network is handled by
the Corporate Firewall.
SERVER-GATEWAY
Carrier
Network
MBG/
Virtual MBG
2-port
Firewall
Local
Users
MiVoice
Business/
Virtual MiVoice
Business
MiCollab/
Virtual
MiCollab
Client
Network
Remote
Users
Public
Internet
6
COMMON DEPLOYMENT TOPOLOGIES MiVOICE BORDER GATEWAY IN DMZ WITH 3-PORT FIREWALL
• MiVoice Border Gateway is deployed
in the DMZ alongside a 3-port
firewall
• External Teleworker endpoints
connect via the firewall to MiVoice
Border Gateway, which then initiates
a connection to the LAN via the
same firewall
• MiVoice Border Gateway supports
Teleworker Sets, SIP Trunk, and Web
Proxy
• Highest degree of security.
• Recommended Deployment
SERVER-ONLY-DMZ
Carrier
Network
3-port
Firewall
Local
Users
MiVoice
Business/Virtual
MiVoice
Business
MiCollab/
Virtual
MiCollab
Remote
Users
Public
Internet
Client
Network
MBG/
Virtual MBG
DMZ
7
7
COMMON DEPLOYMENT TOPOLOGIES MiVOICE BORDER GATEWAY IN DMZ
CHAINED WITH MBG ON LAN
• MiVoice Border Gateway is deployed in the DMZ alongside a 3-port firewall
• Second MiVoice Border Gateway is deployed on the LAN with Secure Recording Connector (SRC)
• External “Recorded” endpoints connect via the firewall to MiVoice Border Gateway, which then proxies a connection to the LAN MiVoice Border Gateway w\SRC
• MiVoice Border Gateway supports Teleworker Sets, SIP Trunk, Web Proxy
• Can be used to record both LAN and WAN sets.
SERVER-ONLY-DMZ-SRC
Carrier
Network
3-port
Firewall
Local
Users
MiVoice
Business/
Virtual MiVoice
Business
MiCollab/
Virtual
MiCollab
Remote
Users
Public
Internet
Client
Network
MBG/
Virtual MBG
DMZ
MBG/
Virtual MBG
W\SRC
Daisy-Chain
8
COMMON DEPLOYMENT TOPOLOGIES DAISY-CHAIN FOR LOCAL STREAMING
• Downstream Gateway is “Chained” to Upstream Gateway
• Reduces WAN Bandwidth
• MiVoice Border Gateway can be deployed in either DMZ or Network Edge
• Local Streaming not compatible with SRC
DAISY CHAIN FOR LOCAL STREAMING
Carrier
Network
3-port
Firewall
Local
Users
MiVoice
Business/
Virtual MiVoice
Business
MiCollab/
Virtual
MiCollab
Remote
Users
Public
Internet
Client
Network
MBG/
Virtual MBG
DMZ
MBG/
Virtual MBG
W\SRC
Daisy-Chain
Downstream
MBG
Local
Streaming
Remote
Users