[cisco-voip] CUBE Network Design
Anthony Holloway
avholloway+cisco-voip at gmail.com
Tue Apr 21 15:57:57 EDT 2015
Yes, over the internet is becoming increasingly more popular.
Check this out. It's actually quite good, and they do/will have a private
MPLS offering soon.
https://www.twilio.com/sip-trunking
Also, with Cisco pushing Expressway (MRA, Jabber Guest, and B2B), that's
all done over the internet.
On Tue, Apr 21, 2015 at 2:47 PM Derek Andrew <Derek.Andrew at usask.ca> wrote:
> So the CUBE connects to a provider on the Internet? Hmmm. Interesting.
>
> Around here, the CUBE is on our network on one side, and the other is on a
> a dedicated, private network to the provider. No traffic on the Internet
> and no firewall.
>
> The CUBE should not be an IP router.
>
> Of course, this is just me talking.
>
> d
>
>
>
> On Tue, Apr 21, 2015 at 11:59 AM, Brian Meade <bmeade90 at vt.edu> wrote:
>
>> Ideally you can rely on SIP inspection on the FW to handle opening the
>> RTP pinholes.
>>
> On Tue, Apr 21, 2015 at 1:38 PM, Jason Aarons (AM) <
>> jason.aarons at dimensiondata.com> wrote:
>>
> Would you open almost all your UDP RTP ports from CUBE in DMZ to inside
>>> phones?
>>>
>>>
>>>
>>> *From:* cisco-voip [mailto:cisco-voip-bounces at puck.nether.net] *On
>>> Behalf Of *harbor235
>>> *Sent:* Tuesday, April 21, 2015 1:35 PM
>>> *To:* Cisco VOIP
>>> *Subject:* [cisco-voip] CUBE Network Design
>>>
>>>
>>>
>>>
>>>
>>> I have infrastructure setup to provide VOIP services as well as other
>>> services to a multi-tenacy environment. I want to segregate those services
>>> as much as possible for security reasons.
>>>
>>> My question, customer resources are behind a edge router and a firewall,
>>> I want my cube positioned as close to the edge as possible for performance
>>> reasons. Cisco design docs have suggested that for larger sites terminating
>>> SIP traffic on a CUBE that best practice is to position the CUBE inside of
>>> the firewall. My thoughts are a DMZ like structure that connects to the
>>> firewall via two interfaces, inside and outside. This provides several
>>> controlled interfaces for policy enforcement.
>>>
>>> I wanted thoughts from the community on real world network design best
>>> practices when aggregating multiple tenancy environments providing VOIP
>>> with CUBE services.
>>>
>>> thanks in advance,
>>>
>>>
>>>
>>> Mike
>>>
>>>
>>>
>>> itevomcid
>>>
>>> _______________________________________________
>>> cisco-voip mailing list
>>> cisco-voip at puck.nether.net
>>> https://puck.nether.net/mailman/listinfo/cisco-voip
>>>
>>>
>
>
> --
> Copyright 2015 Derek Andrew (excluding quotations)
>
> +1 306 966 4808
> University of Saskatchewan
> Peterson 120; 54 Innovation Boulevard
> Saskatoon,Saskatchewan,Canada. S7N 2V3
> Timezone GMT-6
>
> Typed but not read.
>
>
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20150421/48a185ce/attachment.html>
More information about the cisco-voip
mailing list