Message Image

Skip main navigation (Press Enter).

Screen OS

last person joined: 8 months ago

This is a legacy community with limited Juniper monitoring.

Back to discussions

Expand all | Collapse all

H.323 compliant Firewall

Jump to Best Answer

Erdem10-14-2010 03:05

Hi, I have to install a firewall between my enterprise network and a video conference equipment. I've ...

Erdem10-15-2010 03:37Best Answer

Hi, I would consider a SSG device. ScreenOS contains an H.323 ALG. Using this ALG you can specify: ...

1. H.323 compliant Firewall

0 Recommend
Erdem
Posted 10-14-2010 03:05
Hi,
I have to install a firewall between my enterprise network and a video conference equipment.
I've been told that there are H.323 compliant firewalls that make it easier and safer to allow video conference stream to pass through the firewall (one doesn't have to open all the ports used by the video conferencing equipment (H.323 uses dynamic ports).
is there Juniper product that does this ?
Thanks in advance.
2. RE: H.323 compliant Firewall
Best Answer

0 Recommend
Erdem
Posted 10-15-2010 03:37
Hi,

I would consider a SSG device. ScreenOS contains an H.323 ALG. Using this ALG you can specify:

- the rate per second at which Remote Access Server (RAS) requests to the gatekeeper are processed
- how unidentified H.323 messages are handled by the security device depending on the session mode (route/nat)
- if the security device may accept calls from any port number
- the timeout value in seconds for entries in the NAT table

Besides you can use very nice ScreenOS features like traffic shaping, QOS, counting, session limiting etc., that are configurable on a per policy basis.

Kind regards,
Edouard

Powered by Higher Logic