Specifications

Network Configuration Concepts

225

Firewalls and NAT

Firewalls restrict unauthorized access to a network. Given the number of IP phones that may

be active at the same time, it is necessary to open up a number of ports on a firewall in order

to facilitate access. In such scenarios, the firewall is much less effective against network

intrusion.

Network Address Translation (NAT) reduces the number of addresses seen by the Internet

from a particular business. However, such devices need to understand the underlying protocol

to work effectively. If a MiVoice IP Phone is used on the Internet through NAT, there is a high

possibility that the voice streaming will not work. Users who use MiVoice IP Phones over the

Internet should use the Teleworker Solution.

Note:

• Seven channels are needed for internal traffic and ten are needed for external traffic, but

together the total is only 13. The reason is that a number of channels have shared use: in this

case, it is 4 (10+7-13). The higher G.711 rate is used to ensure adequate bandwidth at all

times.

• This data rate is close to a T1 rate. Options are to increase the available link rate by upgrading

to an E1 link or to multiple T1 links, or to accept a lower quantity of IP trunk calls (a slight

reduction in inter-node traffic).

• The bandwidth calculations should also include signalling and link utilization factors.

• With IP networking, it is possible to restrict the number of conversations on a connection, so

although calculations suggest 13 channels, the link settings could be set to only 10 channels

to reduce bandwidth usage. ARS will then come into play when this number is exceeded,

resulting in the call being routed elsewhere, e.g. TDM, if possible, or presentation of

re-order/busy tone to the user.