|
Unleashing the Power of IP
 Ridgeway’s IPFreedom Client/Server software products enable a new and unprecedented level of ubiquitous IP-to-IP connectivity for any and all IP Voice (VoIP) and IP Video Communications, including videoconferencing over IP.
IPFreedom is the only product available on the market NOW exclusively focused on enabling IP Voice and IP Video by securely traversing the infinite number of NATs and firewalls inherent to IP Communications. Most importantly, IPFreedom does not compromise security—in fact, IPFreedom can enhance the security of your IP communications with our patent-pending encryption feature set. IPFreedom works every time and is transparent to end-users. Guaranteed.
IPFreedom works with any firewall, any NAT, and in any configuration. It enables connectivity even if there are multiple firewalls and NATs along the connection path. Since IPFreedom is fully standards compliant, it supports other equipment, such as gatekeepers and multipoint control units (MCUs).
IPFreedom requires no upgrade to existing firewalls and NATs, enabling easy and cost-effective deployment of realtime IP communications. The IPFreedom solution is unique in providing secure traversal of more than one boundary.
With IPFreedom, connect (the first time), seamlessly and securely—even with the following roadblocks:
- IP endpoints are currently incompatible
- IP endpoints are located inside and outside your private network, VPN or backbone
- IP protocols are inconsistent between endpoints; H.323, SIP, etc.
- Firewalls are deployed everywhere—different makes, models and types
- IP addresses are blocked for security purposes by NATS (Network Address Translation)
Multiple Boundaries – Multiple Firewalls and NATs
Firewalls and NATs are a critical and necessary component of every network infrastructure. Firewalls protect the security of the network, NATs protect the security of the desktop. Firewalls and NATs exist in just about every computer network. Firewalls cause multiple types of "no connect" symptoms as they block incoming calls. However, no "firewall messages" are received, resulting in a failed connection and a frustrated end-user.
IPFreedom Client-Server Model
IPFreedom is based on a patent-pending multi-boundary traversal technology and intelligent calling methodology. The multi-boundary traversal method uses a client-server scenario, providing secure connectivity between networks that would otherwise be unable to communicate. IPFreedom Servers support connections from IPFreedom Site Clients and IPFreedom Personal Clients. All Client-Server connections employ common Internet access methods, namely: outbound connections to two well-known ports, allowing network administrators to maintain the strictest of firewall rules for external communications.
Ridgeway IPFreedom Server
The Ridgeway IPFreedom Server is designed for deployment in service centers, demilitarized zones (DMZs), or POPs. The IPFreedom Server manages IP communications for the Client components of the solution: IPFreedom Site Clients and IPFreedom Personal Clients. The Server enables its Clients to establish a secure communication path out of a private network space, enabling voice, video, and data applications to communicate with applications outside that space. By supporting multiple Clients, a Server can provide secure communications paths between multiple private networks, as well as connections between the private networks and the public network and/or to other devices (including other IPFreedom Servers) in the service center, DMZ, or POP as required. The Server manages connections with intelligence that enable communications to traverse multiple, private and public network boundaries. The Server restricts all real-time IP communication traffic to Ridgeway's well-known boundary traversal ports (2776 and 2777), allowing firewalls to maintain the strictest of rules.
Furthermore, the Server uses our patent-pending multiboundary traversal method to ensure that its Clients initiate all connections that need to traverse network boundaries, such that site and SOHO firewalls can maintain a strict policy of allowing only outbound connections. The Ridgeway multiboundary traversal method does not require any open inbound ports. Traffic flows in both directions, but the connections are always created from the Clients outbound to the Server.
For additional security, the IPFreedom Server requires Client authentication so that service is provided only to known Clients. Thus, all real-time communication passes exclusively through authorized, outbound Client-Server connections using well-known ports through any number of intervening network boundaries.
IPFreedom Clients
Ridgeway provides two versions of the IPFreedom Client software:
- Site Client provides connectivity for multiple endpoints
- Personal Client provides connectivity for a single endpoint
IPFreedom Site Client—IP Anywhere, Everywhere
The Site Client software runs on industry-standard computers deployed within a private network, protected by existing security infrastructure policies. The Site Client provides connectivity for multiple endpoints within the same private network. It provides a private network with a single point of entry and exit for all real-time communication, and supports communication from desktop systems and room systems. It also supports communication for an H.323 gatekeeper within a private network, enabling networking with other gatekeepers and endpoints beyond the private network.
The Site Client directs external voice, video, and data communication to the well-known boundary traversal ports (2776 and 2777) of a Ridgeway IPFreedom Server. Without the Site Client and its connection to an IPFreedom Server, communication cannot traverse a private network boundary securely. The Site Client uses Ridgeway's multi-boundary traversal methodology to conduct both dynamic and secure external communication sessions for your communication endpoints across multiple network boundaries.
The site administrator controls which IPFreedom Server the Site Client should connect to, and connections are authenticated to ensure that service is available only to authorized sites. On connection, the IPFreedom Server requests the Site Client to deliver SIP or H.323 communication services to authorized endpoints in your site. All real-time communication passes exclusively through authorized, outbound Client-Server connections using well-known ports through any number of intervening network boundaries.
IPFreedom Personal Client—IP on the Move
The Personal Client is ideally suited to users who need to keep in touch while on the move – for SOHO deployments where Site Client might simply not be convenient. The IPFreedom Personal Client software runs on standard desktop PC or laptops, whether they be located within a private network, in home offices, or in hotel rooms or airport lounges.
Just like the Site Client, the Personal Client uses outbound connections to the well-known boundary traversal ports of the IPFreedom Server. Without the Personal Client and its connection to an IPFreedom Server, communications cannot traverse the intervening network boundaries securely. The desktop or laptop user controls which Server the Personal Client connects to, and connections are authenticated to ensure that service is available only to authorized users.
Without IPFreedom, the options of deploying a secure IP infrastructure are simply inadequate. They include (1) deploying parallel networks—a very expensive proposition or (2) placing the equipment within the insecure environment of the public internet (unacceptable). Without IPFreedom, end-to-end IP calls will fail once they hit a firewall or NAT.
|
