By using encrypted VoIP transport users will be able to communicate confidentially and your VoIP traffic cannot be sniffed and blocked by third party agencies or corporate firewalls. Mizu VoIP tunnel is a special VoIP software whose task is to encrypt all communication from/to the clients and to forward the calls to your server(s) using the common SIP protocol. The UDP level encryption will not add any overhead to your network traffic and can work completely transparent. If necessary then will automatically switch to TCP or HTTP. The server is based on a B2B VoIP softswitch unlike traditional VPN solutions which doesn't know anything about the transport they carry. Several ISPs, Telco’s and countries like UAE, Iran, Dubai or Oman (Gulf Countries and others) are filtering VoIP or degrading the media in order to force a consumer to use their own VoIP or traditional PSTN services. Using Mizutech built-in encryption you can forget all about these issues. These solutions can work in VoIP networks provided by Mizutech or can be seamlessly integrated in your network without any configuration change in your existing servers. The encryption will allow VoIP usage in any countries bypassing VoIP blockages (unlike srtp,zrtp or VPN encryption which can be easily detected by VoIP filters) The Mizu VoIP tunneling solution is suitable for ITSP, carriers, call termination, wholesalers, resellers and voip service providers. Using the SaaS service (tunnel service hosted by us), you just need to provide us your VoIP server(s) address and branding details. Then you will receive customized softphone for all platforms ready to be used by your customers. In case if you choose the lifetime license, then you will have to provide a server to host the tunneling service. This can be the same with your VoIP server or a separate box near it. There is no need to change any settings on your existing VoIP server(s) and no maintenance tasks associated. The tunnel is completely transparent for your users, they will just use a softphone or webphone as normally to make or receive VoIP calls. Our support team is working continuously to make this service hassle free by implementing the latest security standards and changing/adding more obfuscations if required.
Presentation (PDF) User guide (PDF) With third-party SIP devices (PDF) Third-party integration (wiki) Technical details (PDF) Internet censorship (wikipedia) VoIP blockage (wiki)
Pricing and order (order form) Contact us (email)
VoIP tunneling server refers to a service that interconnects VoIP endpoints with VoIP servers in a way to provide complete endpoint to provider security using different transport methods and bypassing VoIP specific traffic filtering.
More...
Any VoIP communication is subject to the same security vulnerabilities as any other form of data on a shared infrastructure. These security concerns were addressed in the National Institute of Standards and Technology's (NIST) paper Security Considerations for Voice over IP Systems
The Mizu tunneling solution has various built-in methods to encrypt both the media and the signaling and to bypass all kind of NAT's, firewalls and voip filtering including the usage in UAE or corporate firewalls.
-encrypted UDP (using a random UDP port. This is usually enough in voip blocked countries like UAE) -encrypted TCP tunneling (using the standard SSL port so it will bypass most of the firewalls) -encrypted HTTP tunneling (using the standard HTTP port so it will bypass all corporate proxy systems) The client might connect trough one of the remote proxies if you are using our distributed network (service included in the standard tunnel license). The UDP transport doesn’t have any network overhead compared to normal VoIP(SIP/RTP) and has the same quality. The TCP tunneling has even better quality, but it doesn’t tolerate too much packet loss so good than UDP does. The HTTP tunneling has between 5% and 35% overhead and needs more server side resources (but it is needed only from behind corporate firewalls when the only single route is via the local http proxy). It can bypass almost all HTTP proxy servers with streaming support. The client software will always choose the best performing method that works on the enduser network. The network discovery is done on the software startup and it takes around one second.
More technical details
For server to server tunneling the software includes an efficient UDP based module using encrypted short living random streams to bypass VoIP filters.
The tunneling module is also part of our VoIP softswitch. If you don't already have a VoIP server, then you should order the Softswitch (with the tunneling module selected) instead of the Tunnel service.
Risk free Mizutech provide a trial period. You have to pay only after the successful test period.
Sophisticated Multiple different encryption method and onion protocol encapsulation using random path and protocols allows you to bypass all kind of VoIP blockage including deep packet filter solutions.
Transparent The Mizu Tunnel server act as a transparent gateway between your softswitch and the VoIP clients. No any settings changes are required to be made on your server/softswitch/PBX for this to work.
Efficient Bypass all kind of VoIP filtering with no or minimal overhead using low-delay UDP streaming whenever possible (auto failover to TCP or HTTP if needed)
Architecture advantages Easy to deploy, no need to modify your existing voip server configuration, quick to market.
Performance, troughoutput and scalability Up to 6000 simultaneous calls, easy to add more servers or implement load-balancing. One tunneling server can handle all your VoIP softswitches (in case if you have more than one) With the Mizu tunneling server you can also offload a lot of load from your server (for example user to user calls can be handled entirely by the tunneling server).
Rich features The Mizu tunneling solution is based on a full featured softswitch. All class 5 features are supported so you can add more features to your users even if your existing server doesn't have support for it (for example chat and presence). In addition the tunneling server comes with Mizutech voip clients which you can use to diversify your voip portfolio.
Client to server tunneling Distribute our customized softphone or create your own using the SDK.
Server to server tunneling High performance encrypted and obfuscated tunneling between SIP servers using multiple asymmetric short living UDP streams to bypass any VoIP blockade.
Flexible The Mizu tunneling service automatically adapts to the user network circumstances and it is prepared for further enhancement to prevent the usage of new blocking technologies.
Comes with a variety of SIP clients With the tunneling solution you will automatically have access to all of our VoIP clients including Windows dialer, Android client and cross-platform webphone.
Support The Mizutech support team can handle all the installations and configuration tasks and once it is properly configured, there is no maintenance tasks involved.
Advantage over VoIP VPN, SSH and IPSec
Traditional tunneling layers doesn't know anything about the tunneled protocol, thus you will completely loose the control over it (no VoIP QoS, no port management, best codec selection). Protocol overhead caused by the encapsulation of VoIP protocol within IPsec dramatically increases the bandwidth requirements for VoIP calls, thus making the VoIP over VPN protocols too fat to be used over for the most majority of enduser internet connections. Another disadvantage of traditional VoIP VPN is the increased server overhead (processing time, network utilization). There are several companies on the market offering "VoIP VPN" by just providing an usual open source (sometimes customized) VPN client and using a standard VPN server, but the service quality is usually disappointing for VoIP and easily blocked by firewalls.
Advantages over standard protocols (TLS/SRTP/ZRTP)
SSL, TLS, SRTP and ZRTP can be easily filtered by firewall and are unusable in voip blocked countries. These protocol also known to have many intercompatibility issues. While the Mizu solution might use also standard encryption protocols, the network headers don't match with the standard implementations to avoid firewall packet header inspections. The packets are decrypted on the server side and forwarded as clean SIP/RTP to your existing servers thus avoiding all incompatibility issues. Note that the mizutech solution might also include a standard encryption (TLS/SRTP) if set tom but this is used only for encryption (an external obfuscation layer can be applied).
Advantages over SSL based solutions SSL network and CPU overhead is huge and can be easily blocked by just watching for the standard SSL handshakes. Advantages over Tor Even if used with obfuscation, VoIP patter can be easily discovered in Tor traffic and blocked by the ISP. Tor is also well known about low quality links (while they are good in protecting user identity and data with encryption and anonymous routing, the bandwidth and Qos is not adequate for VoIP traffic).
Advantages over hardware based solutions Hardware costs are much higher while the performance is the same or even less. Their software/firmware can be more difficult to adopt to challenge with the new blocking technologies.
Advantages over other proprietary protocols
Unlike proprietary solutions, the Mizu tunnel has no network overhead, no special hardware requirement and doesn't require any modification in your existing infrastructure.
On your order a trial access is automatically generated for you (No need for any payments. You will have to pay only later if you wish to go ahead in production). On request we can also install the service on your own server. In this case the followings will be needed:
Try it now Contact Us