You are here:   Software > VoIP Tunnel
  |  Login
 VoIP tunneling and encryption -short description Minimize

    By using encrypted VoIP transport users will be able to communicate confidentially and your VoIP traffic cannot be sniffed and blocked by third party agencies or corporate firewalls.
    Mizu VoIP tunnel is a special VoIP software whose task is to encrypt all communication from/to the clients and to forward the calls to your server(s) using the common SIP protocol. The UDP level encryption will not add any overhead to your network traffic and can work completely transparent. If necessary then will automatically switch to TCP or HTTP. The server is based on a B2B VoIP softswitch unlike traditional VPN solutions which doesn't know anything about the transport they carry.
    Several ISPs, Telco’s and countries like UAE, Dubai or Oman are filtering VoIP or degrading the media in order to force a consumer to use their own VoIP or traditional PSTN services. Using Mizutech built-in encryption you can forget all about these issues. These solutions can work in VoIP networks provided by Mizutech or can be seamlessly integrated in your network without any configuration change in your existing servers.
    The encryption will allow VoIP usage in any countries bypassing VoIP filtering (unlike srtp encryption which can be easily detected by VoIP filters)
    The Mizu VoIP tunneling solution is suitable for ITSP, carriers, wholesalers, resellers and voip service providers.


    
 Included software and services Minimize


  • Tunneling server (including backup/failover server when needed)
  • Client service (can be used on a LAN to server all VoIP devices: ATA's, IP phones, etc)
  • Client tunnel (can be used with third-party softphones)
  • Branded Windows softphone with built-in encryption
  • Branded cross-platform webphone with built-in encryption
  • Branded Android softphone
  • White label or branded iPhone softphone
  • White label Symbian softphone
  • Server setup by our VoIP support team for no extra charge (our support team will ask for a remote desktop access for this)
  • Integration with your existing infrastructure (including balance and rating display on clients)
  • Free support; no recurring payments
  • 24/7 critical support
  • Free trial period (pay only if you are satisfied)

 


    
 Highlights Minimize

Risk free
Mizutech provide a trial period. Customers have to pay anything only after the successful test period

Efficient
Bypass all kind of voip filtering with no or minimal overhead

Architecture advantages
Easy to deploy, no need to modify your existing voip server configuration, quick to market

Performance, troughoutput and scalability
Up to 6000 simultaneous calls, easy to add more servers or implement load-balancing. One tunneling server can handle all your VoIP softswitches (in case if you have more than one)
With the Mizu tunneling server you can also offload a lot of load from your server (for example user to user calls can be handled entirely by the tunneling server)

Rich features
The Mizu tunneling solution is based on a full featured softswitch. All class 5 features are supported so you can add more features to your users even if your existing server doesn't have support for it (for example chat and presence). In addition the tunneling server comes with Mizutech voip clients which you can use to diversify your voip portfolio.

Flexible
The Mizu tunneling service automatically adapts to the user network circumstances and it is prepared for further enhancement to prevent the usage of new blocking technologies.

Comes with a variety of SIP clients
With the tunneling solution you will automatically have access to all of our VoIP clients including Windows dialer, Android client and cross-platform webphone

Full support
The Mizutech support team will handle all the installations and configuration tasks and once it is properly configured, there is no maintenance tasks involved


    
 Features Minimize
  • SIP core standards and a variety of drafts supported
  • Built-in registrar server, sip proxy, IM/presence server and b2b sip stack
  • Bypassing Narus, Verso and other platforms detection
  • 12 different transport method (using UDP, TCP or HTTP) to bypass all firewalls
  • Signaling and media in the same stream or using random ports for more obfuscation
  • IM (chat), SMS, Presence (SIP/SIMPLE) and video support
  • All class 5 and PBX features are supported: call hold, transfer, forward, conference, voicemail, speed dial etc
  • Transparent tunneling and encryption
  • Automatic transport protocol and NAT detection
  • Endpoint to provider security
  • Codecs: G.729, G.723, G.711 and many other
  • B2B routing, Transcoding B2BUA
  • SBC (Session Border Controller)
  • DTMF transcoding
  • Custom Routing Rules
  • Multi-Carrier Support
  • Load Balancing on available devices
  • Automatic call rerouting and failowering
  • Blacklist/White list filtering
  • DOS attack protection
  • Direct Inward Dialing (DID)
  • Centralized configuration and management
  • Client side load balancing (the most effective and robust load-balancing mechanism)
  • Server side load balancing and failowering
  • And more ...

    
 Benefits Minimize
  • Simple, robust and effective architecture
  • Transparent - No need for router upgrades or infrastructure change
  • Low-latency - Does not add jitter or delay to your VoIP communication
  • Quick to install and easy to manage - Will not disrupt network or application performance
  • No network or firewall modification is required
  • Excellent voice quality without any latency and performance compromise
  • Maximum call completion rate and maximum voice service duration
  • Proven solution: used by well-known telecom companies with success suppressing any VPN, VoIP Tunnel (VPS) or Voice guard solution
  • Works with your existing VoIP servers. The tunneling server is using the standard SIP protocol (all major RFC's and drafts) and has proven compatibility with all existing devices on the market
  • Work with any ITSP and service provider
  • Full integration with any VoIP server, (Voipswitch, PortaBilling, Asterisx, Trixbox, Cisco, etc)
  • Credit and balance display on the clients + direct links to your website (new user registration, tariff listing, etc)
  • Fast startup: start using encrypted VoIP in a few hours after contacting us. No changes are needed in your existing infrastructure.
  • Communication in all scenarios, i.e. for making and receiving calls from blocked areas e.g. Dubai in UAE or Oman
  • Reliability: Mizutech tunneling servers are used on enterprise environments where high uptime is a must
  • No quality loss: by using UDP transport level encryption, all the negative impacts of traditional VPN solutions are bypassed
  • Secured communications between clients with maximum call completion rate and maximum voice service duration
  • Very difficult ISP detection, Strict call path protection and security up to termination
  • Both the signaling and the media is encrypted (and can be tunneled in a single or separate streams)
  • High throughput: up to 6000 simultaneous call using one server instance
  • No network overhead. Excellent voice quality without any latency and performance compromise. Unlike other TCP based VoIP tunneling solutions, our server can encrypt UDP packets transparently
  • High speed encryption/decryption: fast proprietary encryption or standard based (tls, srtp)
  • Multiple proprietary encryptions: RSA key exchange, fast encryption with symmetric keys or using blowfish cipher + packet compression
  • The tunneling server can offload a huge traffic from your server(s) by handling all the communications between the clients (voice, video, presence, chat, etc) and forwarding only billed traffic to your server
  • Easy-to-use, easy to integrate and cost-effective with zero configuration and maintenance. No network or firewall modification is required. All authentication requests and billed calls (e.g. calls to PSTN) can be forwarded to your server like they were before.
  • Load balancing and failowering:  the Mizu tunnel can send the traffic to multiple server using different routing algorithms
  • VoIP over HTTP: perfect solution to bypass firewalls in corporate networks (both signaling and media tunneled as a HTTP stream)
  • Automatic failowering from the fast UDP protocol to a bit slower HTTP tunneling which is almost impossible to be blocked (this is especially useful from behind corporate firewalls where all UDP communication can be blocked)
  • No need for any hardware: The Mizu VoIP tunneling are based on software solution and runs on traditional legacy hardware (x86 or x64 pc's and servers). The throughput and robustness is comparable with costly hardware solutions. Windows server is required (preferable Windows server 2003 or 2008)
  • Perfect NAT solution: Among the voip encryption, the Mizu VoIP tunneling comes with another advantage: it can bypass any NAT thus solving all the well-known NAT issues in traditional VoIP. And all this is done without any network bandwidth utilization overhead
  • You will improve your VoIP offer not only with tunneling but also with Mizutech VoIP clients (softphone, webphone and mizudroid)
  • Custom features if needed

VoIP Tunnel


    
 Advantages Minimize

Advantage over VoIP VPN

Traditional VPN doesn't know anything about the tunneled protocol, thus you will completely loose the control over it (no VoIP QoS, no port management, best codec selection). Protocol overhead caused by the encapsulation of VoIP protocol within IPsec dramatically increases the bandwidth requirements for VoIP calls, thus making the VoIP over VPN protocols too fat to be used over for the most majority of enduser internet connections. Another disadvantage of traditional VoIP VPN is the increased server overhead (processing time, network utilization).

Advantages over standard protocols (TLS/SRTP/ZRTP)

SSL, TLS, SRTP and ZRTP can be easily filtered by firewall and are unusable in voip blocked countries.
These protocol also known to have many intercompatibility issues. While the Mizu solution might use also standard encryption protocols, the network headers don't match with the standard implementations to avoid firewall packet header inspections. The packets are decrypted on the server side and forwarded as clean SIP/RTP to your existing servers thus avoiding all incompatibility issues.

Advantages over SSL based solutions

SSL network and CPU overhead is huge and can be easily blocked by just watching for the standard SSL handshakes.

Advantages over hardware based solutions

Hardware costs are much higher while the performance is the same or even less. Their software/firmware can be more difficult to adopt to challenge with the new blocking technologies.

Advantages over other proprietary protocols

Unlike proprietary solutions, the Mizu tunnel has no network overhead, no special hardware requirement and doesn't require any modification in your existing infrastructure.


    
 How it works? Minimize

Any VoIP communication is subject to the same security vulnerabilities as any other form of data on a shared infrastructure. These security concerns were addressed in the National Institute of Standards and Technology's (NIST) paper Security Considerations for Voice over IP Systems

The Mizu tunneling solution has various built-in methods to encrypt both the media and the signaling and to bypass all kind of NAT's, firewalls and voip filtering including the usage in UAE or corporate firewalls.

-encrypted UDP (using a random UDP port. This is usually enough in voip blocked countries like UAE)
-encrypted TCP tunneling (using the standard SSL port so it will bypass most of the firewalls)
-encrypted HTTP tunneling (using the standard HTTP port so it will bypass all corporate proxy systems)

The UDP transport doesn’t have any network overhead compared to normal voip (SIP/RTP) and has the same quality.
The TCP tunneling has even better quality, but it doesn’t tolerate too much packet loss so good than UDP does.
The HTTP tunneling has a 35% overhead and needs more server side resources (but it is needed only from behind corporate firewalls when the only single route is via the local http proxy). It can bypass almost all HTTP proxy servers with streaming support.

The client software will always choose the best performing method that works on the enduser network. The network discovery is done on the software startup and it takes between 20 (best case) and 2000 milliseconds (worst case).

More technical details


    
 Try before to buy Minimize

Contact our support for a free trial. The followings will be needed:

  • Remote desktop access to your (test) server running Windows OS (Windows server 2003 or 2008 is recommended. Web or Standard edition -both 32 and 64 bit versions are supported. This can be the same server where your softswitch is running. Optionally the server can be hosted by Mizutech
  • The address of your existing softswitch. If you don't already have a softswitch, then our softswitch will be used
  • A test SIP account valid on your existing softswitch
  • Client software branding details (your company name, your web url, brand name, logo, icon, other customizations on your needs)

    
 FAQ Minimize

What is a voip tunneling server?

VoIP tunneling server refers to a service that interconnects VoIP endpoints with VoIP servers in a way to provide complete endpoint to provider security using different transport methods and bypassing VoIP specific traffic filtering.

More...