Hi,
I would consider a SSG device. ScreenOS contains an H.323 ALG. Using this ALG you can specify:
- the rate per second at which Remote Access Server (RAS) requests to the gatekeeper are processed
- how unidentified H.323 messages are handled by the security device depending on the session mode (route/nat)
- if the security device may accept calls from any port number
- the timeout value in seconds for entries in the NAT table
Besides you can use very nice ScreenOS features like traffic shaping, QOS, counting, session limiting etc., that are configurable on a per policy basis.
Kind regards,
Edouard