NATPass™ solution


Voip NAT Traversal

NATPass™ is a VoIP NAT Traversal solution - Session Border Controller that allows voip sessions succeed when one or both voip endpoint devices connecting such as phone adapters, gateways or IP phones, are in a Natted network.

NATPass™ will perform Media Path Optimization (MPO) and will make media stream flow directly between endpoints.

NATPass™ Firewall Controller is designed to be a cost effective and simple solution for ITSP and VOIP service providers to deploy their network with a minimum of support and intervention on the customer premises side and totally automates the NAT traversal process.

NATPass™ is compatible with any SIP compliant endpoint and server and can traverse Full cone NAT, restricted cone NAT, port restricted cone NAT and symmetric NAT. In addition to nat traversal, security is another important issue addressed by NATPass™. DOS, DDOS, fast and slow attacks can be controlled. NATPass™ protect the Proxy and Registrar server from malformed SIP packets and Avalanche Restart effect as described in RFC5390.

By design, NATPass™ is not a multi-protocol solution but is built and optimized for SIP to increase its overall performance, reliability and ease of maintenance.

NATPass™ is designed to work as an intermediary between endpoint devices such as SIP devices (Hard, Softphones, ATAs) and SIP Proxies also known as Registrars. NATPass™ provides great scalability at the lowest cost.

VoIP NAT Problem Resolved!

Most residential and SOHO users have NAT based routers/firewalls that make the roll-out of an IP based network of IP phones or residential phone adapters a challenge. The fact that VoIP protocols encapsulate original device’s IP address in the session layer packet and that firewalls won’t allow any session originated from the public Internet to traverse to internal-protected network bring all sort of problems like no audio or one way audio to VoIP implementations. Some attempts to resolve this issue such as STUN or reconfiguring end-users routers or firewalls not always work and become a support nightmare when facing different types of NAT.

ITSPs or VoIP service providers need to add a VoIP Session Border Controller and RTP bridge server to their networks in order to support IP devices behind NAT but most of the cases it relays media stream adding unnecessary latency and delays affecting end-users audio quality perception. Having to relay media stream for hundreds or thousands of connections certainly compromises the ITSPs own bandwidth and requires much more processing power from the servers.

VoIP DOS attack Problem Resolved!

The rapid adoption of Voip and SIP by enterprises and SOHOs has made SIP a target for  hackers. SIP trunk and hosted PBX providers have to have a public IP to offer service to their customers and are exposed to Denial of Service attacks.

The most common thread is a brute force attack against SIP passwords in which the Voip servers are inundated with registration requests to well known ports. The main purpose is to guess a subscriber's SIP password and gain access to the account to use it to make long distance or automated phishing calls to random people. The side effect of this is that the brute force attack creates huge load on the SIP servers that tries to validate authentication of each single request. Most of the time the SIP server becomes unresponsive or crashes affecting legitimate users.

Denial of Service attacks is, nowadays, a main concern to most of ITSPs. Distributed Denial of Service attack ( DDOS ) is even more difficult to fight against and only few expensive commercial solutions are available to coupe with this thread.



Contact us

Humans click here please

We are eager to hear from you.
Please feel free to contact us by calling, emailing or filling out the contact form with any questions or suggestions you may have.

Telephone: +1 972 831 1600