Videocentric - Tandberg Border Controller

Firewall's, a word synonymous with the Internet and as such, the applications we try to use over it, particularly communications. With connections to the Internet increasing every day, the world’s largest network is getting bigger and bigger.

Firewall's provide two important functions to the user: firstly, they prevent access from the public Internet to your private PC or network. Secondly, many Firewall's offer a feature called NAT (Network Address Translation) that allows you to have only one IP address on the public Internet whilst having as many as you wish on your own private intranet.

Firewall's are therefore the heart of your network security policy, and changing the policies used on these systems to allow certain ‘extra’ capabilities is often a dangerous occupation for the uninitiated, and most circumstances will result in a strong word or two from the network managers.

With the proliferation of video and voice over IP however, Firewall's have become a major obstacle. If you bypass it, using some form of proxy, then you leave yourself with a possible vulnerability to the outside world. If you try to alter the rules of operation of the firewall to allow video and audio traffic, once again, you increase your exposure to the outside.

Additionally, of course, with a NAT firewall, incoming calls can only address the public IP trying to find the private IP behind the firewall is difficult and if you provision things to allow this, such as opening “pin-holes” in the firewall, are likely to create yet another vulnerability.

Appliance-based architecture allows for easy deployment and high reliability
Designed to work with any H.323 device
Designed to work with any firewall
Full multi vendor support
Secure and reliable
1U rack mountable
Easy setup and installation
Automatic registration of Expressway TM-enabled H.323 devices
Traverse any number of Firewall's
Uses only solid state memory for high reliability
Supports up to 100 registered devices and 20 concurrent calls
Allows URI dialling for massive scalability
HTTPS, SSH, and SCP for secure management

Architecture
Secure appliance based architecture
Flash memory (diskless and no hard drive)
ITU-T H.323 v5 compliant
ITU-T H.225 v4 compliant
TANDBERG Expressway Technology
H.323 v5 Annex O (for DNS dialling support)
H.460.18/.19 compliant
H.460.18 client proxy support
Supports H.460.19 multiplexed media

Reliability
Registrations survive system restart
Fast start-up time
Border Controller process recycling within seconds
H.225 Alternate Gatekeeper Support

Security
Secure Management with HTTPS, SSH, and SCP
- Secure File Transfer
- Inactivity Timeout
Can lock-down IP services
Authentication required on HTTP(S), Telnet, SSH, SCP, and serial port
Compatible with H.235 v2 and v3 enabled H.323 devices
H.235 Authentication support

Management
Supports industry standards such as RS-232, Telnet, HTTP(S), XML, SNMP, SCP, and SSH
Embedded setup wizard on serial port for initial configuration
Management support through TANDBERG Management Suite 9.5 or newer
Advanced management support and configuration with
TANDBERG Management Suite 11.0 or newer
Call logging and diagnostics
Support for logging to a syslog server
Local time zone aware

Call Control and Registrations
Supports manual registration of Expressway enabled endpoints and API call control
Supports H.225/Q.931, H.245 call control routed mode
Registration of H.323 ID, E.164 aliases and services
Supports Unicode (UTF-8) registration for global implementation
Initiate, disconnect and transfer H.323 calls from the Border Controller API interface
URI Dialling
Up to 100 traversal calls
Up to 100 services for a single device
Up to 500 registered Expressway Devices
Direct call signaling between neighboured border controllers and gatekeepers
Call Policy Management (RFC 3880)

Zone Control
Supports Remote Zone monitoring
Supports Remote Zone redundancy
Supports up to 100 neighbouring Border Controllers and gatekeepers
Up to 50 traversal zones
Supports sub-zone area definition for bandwidth management
Flexible zone configuration with named zones and default zone
Supports forwarding of requests to neighbouring border controllers and gatekeepers
Can disable automatic discovery and forwarding of LRQ’s
Registration Control (open, specifically allow, specifically deny)

Bandwidth Management
Inter zone - definable call by call
Max bandwidth per call
Max aggregate bandwidth for all neighbouring zones
Intrazone - definable call by call
Max bandwidth per call
Max aggregate bandwidth
Auto downspeeding if call exceeds per-call maximum
Gateway load balancing (requires TANDBERG Gateway running software version G3.0 or later)

Interfaces
3x LAN/Ethernet (RJ-45), 10/100 Base-TX port
2X RS232 DB-9 (front + rear)
1x USB (rear)

Power
Auto-sensing 250W (Max) power supply
90–264V AC full range @ 47–63Hz

Cooling System
Two 40mm fans for system cooling

System Control and Indications
1x Power LED
1x Power on/off switch (rear)
3x Act/Link/10/100 LEDs on RJ-45
3x Act/Link/10/100 LEDs on RJ-45

Network
Supports DNS Addressing
Supports IPv4 and IPv6 simultaneously
Provides IPv4/v6 Translation Services

Approvals
Directive 73/23/EEC (Low Voltage Directive)
Standard EN 60950
Directive 89/336/EEC (EMC Directive)
Standard EN 55022, Class A
Standard EN 55024
Standard EN 61000-3-2/-3-3
Approved according to UL 60950 and CAN/CSA C22.2 No. 60950
Complies with FCC15B Class A

Dimensions
426(W) x 228.6(D) x 43.5(H) mm (16.8" x 9" x 1.72")
1U rack-mount chassis

Environment
Operating temperatures: 0° C to 40° C (32° F to 104° F)
Storage temperatures: -20° C to 80° C (-4° F to 140° F)
Relative humidity: 10% to 90% (Non-condensing)

Certification
LVD 73/23/EC
EMC 89/366/ECC

Datasheet