[cisco-voip] CUBE Network Design
Jason Aarons (AM)
jason.aarons at dimensiondata.com
Tue Apr 21 13:38:38 EDT 2015
Would you open almost all your UDP RTP ports from CUBE in DMZ to inside phones?
From: cisco-voip [mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of harbor235
Sent: Tuesday, April 21, 2015 1:35 PM
To: Cisco VOIP
Subject: [cisco-voip] CUBE Network Design
I have infrastructure setup to provide VOIP services as well as other services to a multi-tenacy environment. I want to segregate those services as much as possible for security reasons.
My question, customer resources are behind a edge router and a firewall, I want my cube positioned as close to the edge as possible for performance reasons. Cisco design docs have suggested that for larger sites terminating SIP traffic on a CUBE that best practice is to position the CUBE inside of the firewall. My thoughts are a DMZ like structure that connects to the firewall via two interfaces, inside and outside. This provides several controlled interfaces for policy enforcement.
I wanted thoughts from the community on real world network design best practices when aggregating multiple tenancy environments providing VOIP with CUBE services.
thanks in advance,
Mike
itevomcid
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20150421/0721bc94/attachment.html>
More information about the cisco-voip
mailing list