Presentation is loading. Please wait.

Presentation is loading. Please wait.

Media Description for IKE in SDP draft-saito-mmusic-sdp-ike-01 Makoto Saito Dan Wing

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Media Description for IKE in SDP draft-saito-mmusic-sdp-ike-01 Makoto Saito Dan Wing"— Presentation transcript:

1 Media Description for IKE in SDP draft-saito-mmusic-sdp-ike-01 Makoto Saito ma.saito@nttv6.jp Dan Wing dwing@cisco.com

2 Purpose Setting up IPsec (IKE) Using SIP –VPN to a home router (or NAT device), etc. SIP Proxy Remote Client Home Router Home Network (1)INVITE Transaction (2) IKE (Media Session) (4) Tunnel Mode IPsec (3) Validate Fingerprint of Certificate  Comedia-tls (RFC4572) for Self-Signed Certificate Auth ( a=fingerprint in SDP)

3 SIP or DNS? Static DNSDynamic DNSSIP Name Resolution to Floating IP Address -Support Authentication & Authorization -- Delegate to 3rd Party No Signed Cert No Whitelist UDP Hole Punching (ICE) for IKE & IPsec --Applicable Deployment-- Prompt Re-use of Provider’s Existing SIP Infrastructure

4 Functionally the same as Comedia-tls (RFC4572) –a=fingerprint which must match TLS/IKE certificate –Like IPsec, TLS can also create a tunnel (SSL VPN, WebVPN) SDP-IKE is...

5 Next Step Good idea to move forward in MMUSIC WG? (after the confirmation of Security ADs) Any Comments?

Download ppt "Media Description for IKE in SDP draft-saito-mmusic-sdp-ike-01 Makoto Saito Dan Wing"

Similar presentations

Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
6WINIT Project Meeting, BASEL K. Egede Nielsen/TED Research 1 WP6 Progress Report 6WINIT Project Meeting Basel 10.01.2002.

6WINIT Project Meeting, BASEL K. Egede Nielsen/TED Research 1 WP6 Progress Report 6WINIT Project Meeting Basel
NAT-PT Applicability Statement Design Team IETF #57, IETF V6OPS WG Vienna, Austria July 16, 2003.

NAT-PT Applicability Statement Design Team IETF #57, IETF V6OPS WG Vienna, Austria July 16, 2003.
SIP issues with S/MIME and CMS Rohan Mahy SIP, SIPPING co-chair.

SIP issues with S/MIME and CMS Rohan Mahy SIP, SIPPING co-chair.
Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206) 217-7048

Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206)
1 Kommunikatsiooniteenuste arendus IRT0080 Loeng 5 Avo Ots telekommunikatsiooni õppetool, TTÜ raadio- ja sidetehnika inst.

1 Kommunikatsiooniteenuste arendus IRT0080 Loeng 5 Avo Ots telekommunikatsiooni õppetool, TTÜ raadio- ja sidetehnika inst.
CounterPath Corporation William Khris Kendrick: – Director of Business Development and Channel Marketing – www.counterpath.com www.counterpath.com –

CounterPath Corporation William Khris Kendrick: – Director of Business Development and Channel Marketing – –
Citrix ® Secure Gateway Phil Montgomery Senior Product Manager Citrix Products and Services October 2001.

Citrix ® Secure Gateway Phil Montgomery Senior Product Manager Citrix Products and Services October 2001.
9,825,461,087,64 10,91 6,00 0,00 8,00 SIP Identity Usage in Enterprise Scenarios IETF #64 Vancouver, 11/2005 draft-fries-sipping-identity-enterprise-scenario-01.txt.

9,825,461,087,64 10,91 6,00 0,00 8,00 SIP Identity Usage in Enterprise Scenarios IETF #64 Vancouver, 11/2005 draft-fries-sipping-identity-enterprise-scenario-01.txt.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
SIP Security Matt Hsu.

SIP Security Matt Hsu.
Internet Protocol Security (IPSec)

Internet Protocol Security (IPSec)
1 © 2001, Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco Easy VPN Solutions Applications and Implementation with Cisco IOS.

1 © 2001, Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco Easy VPN Solutions Applications and Implementation with Cisco IOS.
PKI Network Authentication Dartmouth Applications Robert Brentrup Educause/Dartmouth PKI Summit July 27, 2005.

PKI Network Authentication Dartmouth Applications Robert Brentrup Educause/Dartmouth PKI Summit July 27, 2005.
© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 10 – Implementing the Cisco Adaptive Security.

© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 10 – Implementing the Cisco Adaptive Security.
© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod3_L7 1 Network Security 2 Module 6 – Configure Remote Access VPN.

© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod3_L7 1 Network Security 2 Module 6 – Configure Remote Access VPN.
Chapter 6 Configuring, Monitoring & Troubleshooting IPsec

Chapter 6 Configuring, Monitoring & Troubleshooting IPsec
Remote Access Chicca Kusumawardani Spring 2005. Introduction Company using a remote access Is it a good idea giving employees remote access? Is it expensive.

Remote Access Chicca Kusumawardani Spring Introduction Company using a remote access Is it a good idea giving employees remote access? Is it expensive.
Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security | Certified Ethical Hacker | |

Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security | Certified Ethical Hacker | |

Similar presentations

Ads by Google