SlideShare ist ein Scribd-Unternehmen logo

SIP Infrastructure Experts Workshop - AG Projects

Saúl Ibarra Corretgé
Saúl Ibarra Corretgé

Slides from a workshop which took place at ElastixWorld 2013.

Technologie
1 von 30
Downloaden Sie, um offline zu lesen
AG Projects SIP Infrastructure Experts Workshop Adrian Georgescu @agprojects Monday, October 21, 2013 Saúl Ibarra Corretgé @saghul
AG Projects SIP Infrastructure Experts Hello! • AG Projects, 10+ years of experience • Software development for SIP infrastructures • Blink (and many other projects!) • Open Source Monday, October 21, 2013
AG Projects SIP Infrastructure Experts Commercial Products • • MSP and SIP Thor - Turnkey SIP platforms Blink - SIP Client for OSX, Linux and Windows Self-organizing SIP Infrastructure DB DB Self-organizing Horizontally scalable Built-in disaster recovery No single point of failure Maintenance free Node 5 Node 1 DB Node 6 Multiple Roles SIP Proxy/Registrar RTP Media relay Presence Agent XCAP server Voicemail Provisioning DB Internet Node 2 DB Node 3 DB Node 4 RTP SIP User Agents User agents need only RFC3263 support (locating SIP services using DNS lookups) Monday, October 21, 2013 NAT SIP NAT
4 Monday, October 21, 2013
AG Projects SIP Infrastructure Experts We like questions, interrupt us! Monday, October 21, 2013
AG Projects SIP Infrastructure Experts What is OpenSIPS? • Open Source SIP Server • It does SIP, just SIP • Proxy, registrar, B2BUA, ... Monday, October 21, 2013
AG Projects SIP Infrastructure Experts Possible deployment scenarios • Load balancer • Edge proxy • Proxy / registrar • LCR gateway • Presence Agent Monday, October 21, 2013
AG Projects SIP Infrastructure Experts Monday, October 21, 2013
AG Projects SIP Infrastructure Experts Monday, October 21, 2013
AG Projects SIP Infrastructure Experts Monday, October 21, 2013
AG Projects SIP Infrastructure Experts Monday, October 21, 2013
12 Monday, October 21, 2013
AG Projects SIP Infrastructure Experts 1. Keep the core proxy as lean as possible • Edge proxy • Sanity checks • NAT traversal • Forward to core proxy Monday, October 21, 2013
AG Projects SIP Infrastructure Experts • Core proxy • Main routing logic • User lookup • Route request to destination Monday, October 21, 2013
AG Projects SIP Infrastructure Experts Using Path support • RFC 3327 • Keep the edge proxy always in the path • Always route requests through it (also outgoing) Monday, October 21, 2013
AG Projects SIP Infrastructure Experts Using Path support … loadmodule "rr.so" loadmodule "registrar.so" loadmodule "path.so" … modparam("path", "use_received", 1) … # On the edge proxy if (method == "REGISTER") { if (!add_path_received("edge-in")) sl_send_reply("503", "Internal Path Error"); ... } # On the core proxy if (method == "REGISTER") { … save("location", "p2v"); } Monday, October 21, 2013
AG Projects SIP Infrastructure Experts NAT traversal • Always apply NAT traversal techniques • Chances of not needing them are too low • But do not break ICE Monday, October 21, 2013
AG Projects SIP Infrastructure Experts Monday, October 21, 2013
AG Projects SIP Infrastructure Experts NAT traversal if (method != "REGISTER" && client_nat_test("3")) { fix_contact(); } Fix signaling if ((method=="REGISTER" || method=="SUBSCRIBE" || (method=="INVITE" && !has_totag())) && client_nat_test("3")) { nat_keepalive(); } if (method==INVITE && !has_totag()) { engage_media_proxy(); } Monday, October 21, 2013 Fix media
AG Projects SIP Infrastructure Experts 2. Keep your configuration tidy • Use a version control system such as git • Separate logical sections in different files • Use a template language to help you • Handle each method separately Monday, October 21, 2013
AG Projects SIP Infrastructure Experts Handle each SIP method separately ... if (method == "REGISTER") { ... } else if (method == "INVITE") { ... } else if (method == "SUBSCRIBE") { ... } else if (method == "PUBLISH") { ... ... Monday, October 21, 2013
AG Projects SIP Infrastructure Experts Using jcfg • https://github.com/saghul/jcfg • Uses Jinja templates for generating config files Monday, October 21, 2013
AG Projects SIP Infrastructure Experts Using jcfg # TCP {% if use_tcp %} disable_tcp=no {% for listener in tcp_listeners %} listen=tcp:{{ listener }} {% endfor %} disable_tcp=yes {% endif %} context = { # UDP 'udp_listeners': ['127.0.0.1:5060', '127.0.0.1:5080'], # TCP 'use_tcp': True, 'tcp_listeners': ['127.0.0.1:5060', '127.0.0.1:5080'] } jcfg --input opensips.tpl --output opensips.cfg --context settings.py Monday, October 21, 2013
AG Projects SIP Infrastructure Experts 3. Fraud is unavoidable, deal with it • Usage quotas per user, per day / month • Implement a quick way for switching off an account • Blacklist premium numbers • Nobody calls to Antarctica, really • Limit number of concurrent calls Monday, October 21, 2013
AG Projects SIP Infrastructure Experts 4. Apply common sense sec. measures • ‘1234’ is not a password, it’s a joke • Different credentials for SIP and for web configuration tools • Detect multiple authentication failures • Discard well known bad UAs • Monday, October 21, 2013 ‘friendly-scanner’ anyone?
AG Projects SIP Infrastructure Experts Mitigating signaling attacks if (has_totag()) { # in-dialog request if (!validate_dialog()) fix_route_dialog(); ... } Monday, October 21, 2013
AG Projects SIP Infrastructure Experts Call limit with CallControl if (method==INVITE && !has_totag()) { $avp(cc_call_limit) := 10; $avp(cc_call_token) := $RANDOM; call_control(); switch ($retcode) { case 2: # Call with no limit case 1: # Call has limit and is under callcontrol management break; case -1: # Not enough credit (prepaid call) sl_send_reply("402", "Not enough credit"); exit; case -2: # Locked by another call in progress (prepaid call) sl_send_reply("403", "Call locked by another call in progress"); exit; case -3: # Duplicated callid sl_send_reply("400", "Duplicated callid"); exit; case -4: # Call limit reached sl_send_reply("503", "Too many concurrent calls"); exit; default: # Internal error (message parsing, communication, ...) sl_send_reply("500", "Internal server error"); exit; } } Monday, October 21, 2013
AG Projects SIP Infrastructure Experts Using the new Event Interface … loadmodule("event_datagram") … # Subscribe to the E_PIKE_BLOCKED event # Raise your own events from the routing script $avp(s:attr) = "number"; $avp(s:val) = 0; $avp(s:attr) = "string"; $avp(s:val) = "dummy value"; raise_event("E_DUMMY", $avp(s:attr), $avp(s:val)); Monday, October 21, 2013
AG Projects SIP Infrastructure Experts BYE • Keep configuration simple • Apply Common Sense (TM) • Be prepared to deal with fraud and failure Monday, October 21, 2013
AG Projects SIP Infrastructure Experts Questions? @agprojects @saghul Monday, October 21, 2013

Empfohlen

Kamailio - SIP Routing in Lua
Kamailio - SIP Routing in LuaKamailio - SIP Routing in Lua
Kamailio - SIP Routing in LuaDaniel-Constantin Mierla
 
Using Asterisk and Kamailio for Reliable, Scalable and Secure Communication S...
Using Asterisk and Kamailio for Reliable, Scalable and Secure Communication S...Using Asterisk and Kamailio for Reliable, Scalable and Secure Communication S...
Using Asterisk and Kamailio for Reliable, Scalable and Secure Communication S...Fred Posner
 
Expanding Asterisk with Kamailio
Expanding Asterisk with KamailioExpanding Asterisk with Kamailio
Expanding Asterisk with KamailioFred Posner
 
Introduction to Galera Cluster
Introduction to Galera ClusterIntroduction to Galera Cluster
Introduction to Galera ClusterCodership Oy - Creators of Galera Cluster
 
SIPREC RTPEngine Media Forking
SIPREC RTPEngine Media ForkingSIPREC RTPEngine Media Forking
SIPREC RTPEngine Media ForkingHossein Yavari
 
MariaDB Galera Cluster - Simple, Transparent, Highly Available
MariaDB Galera Cluster - Simple, Transparent, Highly AvailableMariaDB Galera Cluster - Simple, Transparent, Highly Available
MariaDB Galera Cluster - Simple, Transparent, Highly AvailableMariaDB Corporation
 
Best Practices of HA and Replication of PostgreSQL in Virtualized Environments
Best Practices of HA and Replication of PostgreSQL in Virtualized EnvironmentsBest Practices of HA and Replication of PostgreSQL in Virtualized Environments
Best Practices of HA and Replication of PostgreSQL in Virtualized EnvironmentsJignesh Shah
 
ProxySQL and the Tricks Up Its Sleeve - Percona Live 2022.pdf
ProxySQL and the Tricks Up Its Sleeve - Percona Live 2022.pdfProxySQL and the Tricks Up Its Sleeve - Percona Live 2022.pdf
ProxySQL and the Tricks Up Its Sleeve - Percona Live 2022.pdfJesmar Cannao'
 

Empfohlen

Kamailio - SIP Routing in Lua
Kamailio - SIP Routing in LuaKamailio - SIP Routing in Lua
Kamailio - SIP Routing in LuaDaniel-Constantin Mierla
 
Using Asterisk and Kamailio for Reliable, Scalable and Secure Communication S...
Using Asterisk and Kamailio for Reliable, Scalable and Secure Communication S...Using Asterisk and Kamailio for Reliable, Scalable and Secure Communication S...
Using Asterisk and Kamailio for Reliable, Scalable and Secure Communication S...Fred Posner
 
Expanding Asterisk with Kamailio
Expanding Asterisk with KamailioExpanding Asterisk with Kamailio
Expanding Asterisk with KamailioFred Posner
 
Introduction to Galera Cluster
Introduction to Galera ClusterIntroduction to Galera Cluster
Introduction to Galera ClusterCodership Oy - Creators of Galera Cluster
 
SIPREC RTPEngine Media Forking
SIPREC RTPEngine Media ForkingSIPREC RTPEngine Media Forking
SIPREC RTPEngine Media ForkingHossein Yavari
 
MariaDB Galera Cluster - Simple, Transparent, Highly Available
MariaDB Galera Cluster - Simple, Transparent, Highly AvailableMariaDB Galera Cluster - Simple, Transparent, Highly Available
MariaDB Galera Cluster - Simple, Transparent, Highly AvailableMariaDB Corporation
 
Best Practices of HA and Replication of PostgreSQL in Virtualized Environments
Best Practices of HA and Replication of PostgreSQL in Virtualized EnvironmentsBest Practices of HA and Replication of PostgreSQL in Virtualized Environments
Best Practices of HA and Replication of PostgreSQL in Virtualized EnvironmentsJignesh Shah
 
ProxySQL and the Tricks Up Its Sleeve - Percona Live 2022.pdf
ProxySQL and the Tricks Up Its Sleeve - Percona Live 2022.pdfProxySQL and the Tricks Up Its Sleeve - Percona Live 2022.pdf
ProxySQL and the Tricks Up Its Sleeve - Percona Live 2022.pdfJesmar Cannao'
 
Scaling Asterisk with Kamailio
Scaling Asterisk with KamailioScaling Asterisk with Kamailio
Scaling Asterisk with KamailioFred Posner
 
XXE: How to become a Jedi
XXE: How to become a JediXXE: How to become a Jedi
XXE: How to become a JediYaroslav Babin
 
Django Web Application Security
Django Web Application SecurityDjango Web Application Security
Django Web Application Securitylevigross
 
Astricon 10 (October 2013) - SIP over WebSocket on Kamailio
Astricon 10 (October 2013) - SIP over WebSocket on KamailioAstricon 10 (October 2013) - SIP over WebSocket on Kamailio
Astricon 10 (October 2013) - SIP over WebSocket on KamailioCrocodile WebRTC SDK and Cloud Signalling Network
 
What is new in MariaDB 10.6?
What is new in MariaDB 10.6?What is new in MariaDB 10.6?
What is new in MariaDB 10.6?Mydbops
 
Kamailio, FreeSWITCH, and the Half-Blood Prince
Kamailio, FreeSWITCH, and the Half-Blood PrinceKamailio, FreeSWITCH, and the Half-Blood Prince
Kamailio, FreeSWITCH, and the Half-Blood PrinceFred Posner
 
Kamailio - Secure Communication
Kamailio - Secure CommunicationKamailio - Secure Communication
Kamailio - Secure CommunicationDaniel-Constantin Mierla
 
SIP Attack Handling (Kamailio World 2021)
SIP Attack Handling (Kamailio World 2021)SIP Attack Handling (Kamailio World 2021)
SIP Attack Handling (Kamailio World 2021)Fred Posner
 
Cisco ASA Firewalls
Cisco ASA FirewallsCisco ASA Firewalls
Cisco ASA FirewallsBryley Systems Inc.
 
Sipwise rtpengine
Sipwise rtpengineSipwise rtpengine
Sipwise rtpengineAndreas Granig
 
Kamailio - Load Balancing Load Balancers
Kamailio - Load Balancing Load BalancersKamailio - Load Balancing Load Balancers
Kamailio - Load Balancing Load BalancersDaniel-Constantin Mierla
 
XSS Attacks Exploiting XSS Filter by Masato Kinugawa - CODE BLUE 2015
XSS Attacks Exploiting XSS Filter by Masato Kinugawa - CODE BLUE 2015XSS Attacks Exploiting XSS Filter by Masato Kinugawa - CODE BLUE 2015
XSS Attacks Exploiting XSS Filter by Masato Kinugawa - CODE BLUE 2015CODE BLUE
 
Kamailio :: A Quick Introduction
Kamailio :: A Quick IntroductionKamailio :: A Quick Introduction
Kamailio :: A Quick IntroductionOlle E Johansson
 
MariaDB Galera Cluster presentation
MariaDB Galera Cluster presentationMariaDB Galera Cluster presentation
MariaDB Galera Cluster presentationFrancisco Gonçalves
 
Palo alto networks product overview
Palo alto networks product overviewPalo alto networks product overview
Palo alto networks product overviewBelsoft
 
Using galera replication to create geo distributed clusters on the wan
Using galera replication to create geo distributed clusters on the wanUsing galera replication to create geo distributed clusters on the wan
Using galera replication to create geo distributed clusters on the wanSakari Keskitalo
 
FreeIPA - Attacking the Active Directory of Linux
FreeIPA - Attacking the Active Directory of LinuxFreeIPA - Attacking the Active Directory of Linux
FreeIPA - Attacking the Active Directory of LinuxJulian Catrambone
 
Aruba VIA 2.0 User Guide
Aruba VIA 2.0 User GuideAruba VIA 2.0 User Guide
Aruba VIA 2.0 User GuideAruba, a Hewlett Packard Enterprise company
 
My sql failover test using orchestrator
My sql failover test using orchestratorMy sql failover test using orchestrator
My sql failover test using orchestratorYoungHeon (Roy) Kim
 
Case Study of Django: Web Frameworks that are Secure by Default
Case Study of Django: Web Frameworks that are Secure by DefaultCase Study of Django: Web Frameworks that are Secure by Default
Case Study of Django: Web Frameworks that are Secure by DefaultMohammed ALDOUB
 
SIP2SIP: SIP gratis para las masas
SIP2SIP: SIP gratis para las masasSIP2SIP: SIP gratis para las masas
SIP2SIP: SIP gratis para las masasSaúl Ibarra Corretgé
 
Proyecto Open Pi Phone
Proyecto Open Pi PhoneProyecto Open Pi Phone
Proyecto Open Pi PhoneSaúl Ibarra Corretgé
 

Weitere ähnliche Inhalte

Was ist angesagt?

Scaling Asterisk with Kamailio
Scaling Asterisk with KamailioScaling Asterisk with Kamailio
Scaling Asterisk with KamailioFred Posner
 
XXE: How to become a Jedi
XXE: How to become a JediXXE: How to become a Jedi
XXE: How to become a JediYaroslav Babin
 
Django Web Application Security
Django Web Application SecurityDjango Web Application Security
Django Web Application Securitylevigross
 
What is new in MariaDB 10.6?
What is new in MariaDB 10.6?What is new in MariaDB 10.6?
What is new in MariaDB 10.6?Mydbops
 
Kamailio, FreeSWITCH, and the Half-Blood Prince
Kamailio, FreeSWITCH, and the Half-Blood PrinceKamailio, FreeSWITCH, and the Half-Blood Prince
Kamailio, FreeSWITCH, and the Half-Blood PrinceFred Posner
 
SIP Attack Handling (Kamailio World 2021)
SIP Attack Handling (Kamailio World 2021)SIP Attack Handling (Kamailio World 2021)
SIP Attack Handling (Kamailio World 2021)Fred Posner
 
XSS Attacks Exploiting XSS Filter by Masato Kinugawa - CODE BLUE 2015
XSS Attacks Exploiting XSS Filter by Masato Kinugawa - CODE BLUE 2015XSS Attacks Exploiting XSS Filter by Masato Kinugawa - CODE BLUE 2015
XSS Attacks Exploiting XSS Filter by Masato Kinugawa - CODE BLUE 2015CODE BLUE
 
Kamailio :: A Quick Introduction
Kamailio :: A Quick IntroductionKamailio :: A Quick Introduction
Kamailio :: A Quick IntroductionOlle E Johansson
 
MariaDB Galera Cluster presentation
MariaDB Galera Cluster presentationMariaDB Galera Cluster presentation
MariaDB Galera Cluster presentationFrancisco Gonçalves
 
Palo alto networks product overview
Palo alto networks product overviewPalo alto networks product overview
Palo alto networks product overviewBelsoft
 
Using galera replication to create geo distributed clusters on the wan
Using galera replication to create geo distributed clusters on the wanUsing galera replication to create geo distributed clusters on the wan
Using galera replication to create geo distributed clusters on the wanSakari Keskitalo
 
FreeIPA - Attacking the Active Directory of Linux
FreeIPA - Attacking the Active Directory of LinuxFreeIPA - Attacking the Active Directory of Linux
FreeIPA - Attacking the Active Directory of LinuxJulian Catrambone
 
My sql failover test using orchestrator
My sql failover test using orchestratorMy sql failover test using orchestrator
My sql failover test using orchestratorYoungHeon (Roy) Kim
 
Case Study of Django: Web Frameworks that are Secure by Default
Case Study of Django: Web Frameworks that are Secure by DefaultCase Study of Django: Web Frameworks that are Secure by Default
Case Study of Django: Web Frameworks that are Secure by DefaultMohammed ALDOUB
 

Was ist angesagt? (20)

Scaling Asterisk with Kamailio
Scaling Asterisk with KamailioScaling Asterisk with Kamailio
Scaling Asterisk with Kamailio
 
XXE: How to become a Jedi
XXE: How to become a JediXXE: How to become a Jedi
XXE: How to become a Jedi
 
Django Web Application Security
Django Web Application SecurityDjango Web Application Security
Django Web Application Security
 
Astricon 10 (October 2013) - SIP over WebSocket on Kamailio
Astricon 10 (October 2013) - SIP over WebSocket on KamailioAstricon 10 (October 2013) - SIP over WebSocket on Kamailio
Astricon 10 (October 2013) - SIP over WebSocket on Kamailio
 
What is new in MariaDB 10.6?
What is new in MariaDB 10.6?What is new in MariaDB 10.6?
What is new in MariaDB 10.6?
 
Kamailio, FreeSWITCH, and the Half-Blood Prince
Kamailio, FreeSWITCH, and the Half-Blood PrinceKamailio, FreeSWITCH, and the Half-Blood Prince
Kamailio, FreeSWITCH, and the Half-Blood Prince
 
Kamailio - Secure Communication
Kamailio - Secure CommunicationKamailio - Secure Communication
Kamailio - Secure Communication
 
SIP Attack Handling (Kamailio World 2021)
SIP Attack Handling (Kamailio World 2021)SIP Attack Handling (Kamailio World 2021)
SIP Attack Handling (Kamailio World 2021)
 
Cisco ASA Firewalls
Cisco ASA FirewallsCisco ASA Firewalls
Cisco ASA Firewalls
 
Sipwise rtpengine
Sipwise rtpengineSipwise rtpengine
Sipwise rtpengine
 
Kamailio - Load Balancing Load Balancers
Kamailio - Load Balancing Load BalancersKamailio - Load Balancing Load Balancers
Kamailio - Load Balancing Load Balancers
 
XSS Attacks Exploiting XSS Filter by Masato Kinugawa - CODE BLUE 2015
XSS Attacks Exploiting XSS Filter by Masato Kinugawa - CODE BLUE 2015XSS Attacks Exploiting XSS Filter by Masato Kinugawa - CODE BLUE 2015
XSS Attacks Exploiting XSS Filter by Masato Kinugawa - CODE BLUE 2015
 
Kamailio :: A Quick Introduction
Kamailio :: A Quick IntroductionKamailio :: A Quick Introduction
Kamailio :: A Quick Introduction
 
MariaDB Galera Cluster presentation
MariaDB Galera Cluster presentationMariaDB Galera Cluster presentation
MariaDB Galera Cluster presentation
 
Palo alto networks product overview
Palo alto networks product overviewPalo alto networks product overview
Palo alto networks product overview
 
Using galera replication to create geo distributed clusters on the wan
Using galera replication to create geo distributed clusters on the wanUsing galera replication to create geo distributed clusters on the wan
Using galera replication to create geo distributed clusters on the wan
 
FreeIPA - Attacking the Active Directory of Linux
FreeIPA - Attacking the Active Directory of LinuxFreeIPA - Attacking the Active Directory of Linux
FreeIPA - Attacking the Active Directory of Linux
 
Aruba VIA 2.0 User Guide
Aruba VIA 2.0 User GuideAruba VIA 2.0 User Guide
Aruba VIA 2.0 User Guide
 
My sql failover test using orchestrator
My sql failover test using orchestratorMy sql failover test using orchestrator
My sql failover test using orchestrator
 
Case Study of Django: Web Frameworks that are Secure by Default
Case Study of Django: Web Frameworks that are Secure by DefaultCase Study of Django: Web Frameworks that are Secure by Default
Case Study of Django: Web Frameworks that are Secure by Default
 

Andere mochten auch

Videoconferencias: el santo grial de WebRTC
Videoconferencias: el santo grial de WebRTCVideoconferencias: el santo grial de WebRTC
Videoconferencias: el santo grial de WebRTCSaúl Ibarra Corretgé
 
ICE: The ultimate way of beating NAT in SIP
ICE: The ultimate way of beating NAT in SIPICE: The ultimate way of beating NAT in SIP
ICE: The ultimate way of beating NAT in SIPSaúl Ibarra Corretgé
 
Presente y futuro de las comunicaciones VoIP
Presente y futuro de las comunicaciones VoIPPresente y futuro de las comunicaciones VoIP
Presente y futuro de las comunicaciones VoIPSaúl Ibarra Corretgé
 
Presentacion Hardware Elastix 2015 - Colombia
Presentacion Hardware Elastix 2015 - Colombia Presentacion Hardware Elastix 2015 - Colombia
Presentacion Hardware Elastix 2015 - Colombia PaloSanto Solutions
 

Andere mochten auch (20)

SIP2SIP: SIP gratis para las masas
SIP2SIP: SIP gratis para las masasSIP2SIP: SIP gratis para las masas
SIP2SIP: SIP gratis para las masas
 
Proyecto Open Pi Phone
Proyecto Open Pi PhoneProyecto Open Pi Phone
Proyecto Open Pi Phone
 
De SIP a WebRTC y vice versa
De SIP a WebRTC y vice versaDe SIP a WebRTC y vice versa
De SIP a WebRTC y vice versa
 
Proyecto OP^2: Open Pi Phone
Proyecto OP^2: Open Pi PhoneProyecto OP^2: Open Pi Phone
Proyecto OP^2: Open Pi Phone
 
Extendiendo SIP con WebRTC
Extendiendo SIP con WebRTCExtendiendo SIP con WebRTC
Extendiendo SIP con WebRTC
 
De SIP a XMPP y vice versa
De SIP a XMPP y vice versaDe SIP a XMPP y vice versa
De SIP a XMPP y vice versa
 
Videoconferencias: el santo grial de WebRTC
Videoconferencias: el santo grial de WebRTCVideoconferencias: el santo grial de WebRTC
Videoconferencias: el santo grial de WebRTC
 
SIP is hard, let's go shopping!
SIP is hard, let's go shopping!SIP is hard, let's go shopping!
SIP is hard, let's go shopping!
 
SIP y XMPP: amigos para siempre
SIP y XMPP: amigos para siempreSIP y XMPP: amigos para siempre
SIP y XMPP: amigos para siempre
 
[VoIP2Day 2012] World Wide SIP
[VoIP2Day 2012] World Wide SIP[VoIP2Day 2012] World Wide SIP
[VoIP2Day 2012] World Wide SIP
 
ICE: The ultimate way of beating NAT in SIP
ICE: The ultimate way of beating NAT in SIPICE: The ultimate way of beating NAT in SIP
ICE: The ultimate way of beating NAT in SIP
 
Blink: SIP beyond VoIP
Blink: SIP beyond VoIPBlink: SIP beyond VoIP
Blink: SIP beyond VoIP
 
Rethinking the PBX
Rethinking the PBXRethinking the PBX
Rethinking the PBX
 
Blink: voice is not enough
Blink: voice is not enoughBlink: voice is not enough
Blink: voice is not enough
 
SIP Conferencing Reloaded
SIP Conferencing ReloadedSIP Conferencing Reloaded
SIP Conferencing Reloaded
 
Presente y futuro de las comunicaciones VoIP
Presente y futuro de las comunicaciones VoIPPresente y futuro de las comunicaciones VoIP
Presente y futuro de las comunicaciones VoIP
 
SIP Beyond VoIP
SIP Beyond VoIPSIP Beyond VoIP
SIP Beyond VoIP
 
Asterisk, IM and Presence: how?
Asterisk, IM and Presence: how?Asterisk, IM and Presence: how?
Asterisk, IM and Presence: how?
 
Presentacion Hardware Elastix 2015 - Colombia
Presentacion Hardware Elastix 2015 - Colombia Presentacion Hardware Elastix 2015 - Colombia
Presentacion Hardware Elastix 2015 - Colombia
 
Janus @ DevDay Napoli
Janus @ DevDay NapoliJanus @ DevDay Napoli
Janus @ DevDay Napoli
 

Ähnlich wie SIP Infrastructure Experts Workshop - AG Projects

Router hardening project.slide
Router hardening project.slideRouter hardening project.slide
Router hardening project.slideAlya Al Saadi
 
V2 d2013 saúl ibarra - sip2sip
V2 d2013 saúl ibarra - sip2sipV2 d2013 saúl ibarra - sip2sip
V2 d2013 saúl ibarra - sip2sipVOIP2DAY
 
Visual Studio for IoT Solutions
Visual Studio for IoT SolutionsVisual Studio for IoT Solutions
Visual Studio for IoT SolutionsAlessio Biasiutti
 
CDRTool: CDR mediation and rating engine for OpenSIPS
CDRTool: CDR mediation and rating engine for OpenSIPSCDRTool: CDR mediation and rating engine for OpenSIPS
CDRTool: CDR mediation and rating engine for OpenSIPSSaúl Ibarra Corretgé
 
Cassandra Meetup: Real-time Analytics using Cassandra, Spark and Shark at Ooyala
Cassandra Meetup: Real-time Analytics using Cassandra, Spark and Shark at OoyalaCassandra Meetup: Real-time Analytics using Cassandra, Spark and Shark at Ooyala
Cassandra Meetup: Real-time Analytics using Cassandra, Spark and Shark at OoyalaDataStax Academy
 
Integrating Application Security into a Software Development Process
Integrating Application Security into a Software Development ProcessIntegrating Application Security into a Software Development Process
Integrating Application Security into a Software Development ProcessAchim D. Brucker
 
Enable GoldenGate Monitoring with OEM 12c/JAgent
Enable GoldenGate Monitoring with OEM 12c/JAgentEnable GoldenGate Monitoring with OEM 12c/JAgent
Enable GoldenGate Monitoring with OEM 12c/JAgentBobby Curtis
 
Open Source Monitoring for Java with JMX and Graphite (GeeCON 2013)
Open Source Monitoring for Java with JMX and Graphite (GeeCON 2013)Open Source Monitoring for Java with JMX and Graphite (GeeCON 2013)
Open Source Monitoring for Java with JMX and Graphite (GeeCON 2013)Cyrille Le Clerc
 
CI/CD and TDD in deploying kamailio
CI/CD and TDD in deploying kamailioCI/CD and TDD in deploying kamailio
CI/CD and TDD in deploying kamailioAleksandar Sosic
 
Active Directory Recon 101
Active Directory Recon 101Active Directory Recon 101
Active Directory Recon 101prashant3535
 
How Trend Micro Build their Enterprise Security Offering on AWS (SEC307) | AW...
How Trend Micro Build their Enterprise Security Offering on AWS (SEC307) | AW...How Trend Micro Build their Enterprise Security Offering on AWS (SEC307) | AW...
How Trend Micro Build their Enterprise Security Offering on AWS (SEC307) | AW...Amazon Web Services
 
Schema management with Scalameta
Schema management with ScalametaSchema management with Scalameta
Schema management with ScalametaLars Albertsson
 
Node.js Web Apps @ ebay scale
Node.js Web Apps @ ebay scaleNode.js Web Apps @ ebay scale
Node.js Web Apps @ ebay scaleDmytro Semenov
 
Juraj vysvader - Python developer's CV
Juraj vysvader - Python developer's CVJuraj vysvader - Python developer's CV
Juraj vysvader - Python developer's CVJuraj Vysvader
 
Automating Enterprise Wireless Deployments
Automating Enterprise Wireless DeploymentsAutomating Enterprise Wireless Deployments
Automating Enterprise Wireless DeploymentsZack Smith
 
Cloud-Native .Net des applications containerisées .Net sur Linux, Windows e...
Cloud-Native .Net des applications containerisées .Net sur Linux, Windows e... Cloud-Native .Net des applications containerisées .Net sur Linux, Windows e...
Cloud-Native .Net des applications containerisées .Net sur Linux, Windows e...VMware Tanzu
 
JBoss Architect Meetup - December 2013 - JBoss Fuse in Vodafone’s Global Inte...
JBoss Architect Meetup - December 2013 - JBoss Fuse in Vodafone’s Global Inte...JBoss Architect Meetup - December 2013 - JBoss Fuse in Vodafone’s Global Inte...
JBoss Architect Meetup - December 2013 - JBoss Fuse in Vodafone’s Global Inte...JBossArchitectForum
 
When it all GOes right
When it all GOes rightWhen it all GOes right
When it all GOes rightPavlo Golub
 
Hardware Accelerated Machine Learning Solution for Detecting Fraud and Money ...
Hardware Accelerated Machine Learning Solution for Detecting Fraud and Money ...Hardware Accelerated Machine Learning Solution for Detecting Fraud and Money ...
Hardware Accelerated Machine Learning Solution for Detecting Fraud and Money ...TigerGraph
 

Ähnlich wie SIP Infrastructure Experts Workshop - AG Projects (20)

Router hardening project.slide
Router hardening project.slideRouter hardening project.slide
Router hardening project.slide
 
V2 d2013 saúl ibarra - sip2sip
V2 d2013 saúl ibarra - sip2sipV2 d2013 saúl ibarra - sip2sip
V2 d2013 saúl ibarra - sip2sip
 
Visual Studio for IoT Solutions
Visual Studio for IoT SolutionsVisual Studio for IoT Solutions
Visual Studio for IoT Solutions
 
CDRTool: CDR mediation and rating engine for OpenSIPS
CDRTool: CDR mediation and rating engine for OpenSIPSCDRTool: CDR mediation and rating engine for OpenSIPS
CDRTool: CDR mediation and rating engine for OpenSIPS
 
Cassandra Meetup: Real-time Analytics using Cassandra, Spark and Shark at Ooyala
Cassandra Meetup: Real-time Analytics using Cassandra, Spark and Shark at OoyalaCassandra Meetup: Real-time Analytics using Cassandra, Spark and Shark at Ooyala
Cassandra Meetup: Real-time Analytics using Cassandra, Spark and Shark at Ooyala
 
Video Analysis in Hadoop
Video Analysis in HadoopVideo Analysis in Hadoop
Video Analysis in Hadoop
 
Integrating Application Security into a Software Development Process
Integrating Application Security into a Software Development ProcessIntegrating Application Security into a Software Development Process
Integrating Application Security into a Software Development Process
 
Enable GoldenGate Monitoring with OEM 12c/JAgent
Enable GoldenGate Monitoring with OEM 12c/JAgentEnable GoldenGate Monitoring with OEM 12c/JAgent
Enable GoldenGate Monitoring with OEM 12c/JAgent
 
Open Source Monitoring for Java with JMX and Graphite (GeeCON 2013)
Open Source Monitoring for Java with JMX and Graphite (GeeCON 2013)Open Source Monitoring for Java with JMX and Graphite (GeeCON 2013)
Open Source Monitoring for Java with JMX and Graphite (GeeCON 2013)
 
CI/CD and TDD in deploying kamailio
CI/CD and TDD in deploying kamailioCI/CD and TDD in deploying kamailio
CI/CD and TDD in deploying kamailio
 
Active Directory Recon 101
Active Directory Recon 101Active Directory Recon 101
Active Directory Recon 101
 
How Trend Micro Build their Enterprise Security Offering on AWS (SEC307) | AW...
How Trend Micro Build their Enterprise Security Offering on AWS (SEC307) | AW...How Trend Micro Build their Enterprise Security Offering on AWS (SEC307) | AW...
How Trend Micro Build their Enterprise Security Offering on AWS (SEC307) | AW...
 
Schema management with Scalameta
Schema management with ScalametaSchema management with Scalameta
Schema management with Scalameta
 
Node.js Web Apps @ ebay scale
Node.js Web Apps @ ebay scaleNode.js Web Apps @ ebay scale
Node.js Web Apps @ ebay scale
 
Juraj vysvader - Python developer's CV
Juraj vysvader - Python developer's CVJuraj vysvader - Python developer's CV
Juraj vysvader - Python developer's CV
 
Automating Enterprise Wireless Deployments
Automating Enterprise Wireless DeploymentsAutomating Enterprise Wireless Deployments
Automating Enterprise Wireless Deployments
 
Cloud-Native .Net des applications containerisées .Net sur Linux, Windows e...
Cloud-Native .Net des applications containerisées .Net sur Linux, Windows e... Cloud-Native .Net des applications containerisées .Net sur Linux, Windows e...
Cloud-Native .Net des applications containerisées .Net sur Linux, Windows e...
 
JBoss Architect Meetup - December 2013 - JBoss Fuse in Vodafone’s Global Inte...
JBoss Architect Meetup - December 2013 - JBoss Fuse in Vodafone’s Global Inte...JBoss Architect Meetup - December 2013 - JBoss Fuse in Vodafone’s Global Inte...
JBoss Architect Meetup - December 2013 - JBoss Fuse in Vodafone’s Global Inte...
 
When it all GOes right
When it all GOes rightWhen it all GOes right
When it all GOes right
 
Hardware Accelerated Machine Learning Solution for Detecting Fraud and Money ...
Hardware Accelerated Machine Learning Solution for Detecting Fraud and Money ...Hardware Accelerated Machine Learning Solution for Detecting Fraud and Money ...
Hardware Accelerated Machine Learning Solution for Detecting Fraud and Money ...
 

Mehr von Saúl Ibarra Corretgé

Challenges running Jitsi Meet at scale during the pandemic
Challenges running Jitsi Meet at scale during the pandemicChallenges running Jitsi Meet at scale during the pandemic
Challenges running Jitsi Meet at scale during the pandemicSaúl Ibarra Corretgé
 
The Road to End-to-End Encryption in Jitsi Meet
The Road to End-to-End Encryption in Jitsi MeetThe Road to End-to-End Encryption in Jitsi Meet
The Road to End-to-End Encryption in Jitsi MeetSaúl Ibarra Corretgé
 
Jitsi Meet: our tale of blood, sweat, tears and love
Jitsi Meet: our tale of blood, sweat, tears and loveJitsi Meet: our tale of blood, sweat, tears and love
Jitsi Meet: our tale of blood, sweat, tears and loveSaúl Ibarra Corretgé
 
Jitsi Meet: Video conferencing for the privacy minded
Jitsi Meet: Video conferencing for the privacy mindedJitsi Meet: Video conferencing for the privacy minded
Jitsi Meet: Video conferencing for the privacy mindedSaúl Ibarra Corretgé
 
Get a room! Spot: the ultimate physical meeting room experience
Get a room! Spot: the ultimate physical meeting room experienceGet a room! Spot: the ultimate physical meeting room experience
Get a room! Spot: the ultimate physical meeting room experienceSaúl Ibarra Corretgé
 
Going Mobile with React Native and WebRTC
Going Mobile with React Native and WebRTCGoing Mobile with React Native and WebRTC
Going Mobile with React Native and WebRTCSaúl Ibarra Corretgé
 
Going Mobile with React Native and WebRTC
Going Mobile with React Native and WebRTCGoing Mobile with React Native and WebRTC
Going Mobile with React Native and WebRTCSaúl Ibarra Corretgé
 
Jitsi: state-of-the-art video conferencing you can self-host
Jitsi: state-of-the-art video conferencing you can self-hostJitsi: state-of-the-art video conferencing you can self-host
Jitsi: state-of-the-art video conferencing you can self-hostSaúl Ibarra Corretgé
 
WebRTC: El epicentro de la videoconferencia y IoT
WebRTC: El epicentro de la videoconferencia y IoTWebRTC: El epicentro de la videoconferencia y IoT
WebRTC: El epicentro de la videoconferencia y IoTSaúl Ibarra Corretgé
 
libuv: cross platform asynchronous i/o
libuv: cross platform asynchronous i/olibuv: cross platform asynchronous i/o
libuv: cross platform asynchronous i/oSaúl Ibarra Corretgé
 
SylkServer: State of the art RTC application server
SylkServer: State of the art RTC application serverSylkServer: State of the art RTC application server
SylkServer: State of the art RTC application serverSaúl Ibarra Corretgé
 
Escalabilidad horizontal desde las trincheras
Escalabilidad horizontal desde las trincherasEscalabilidad horizontal desde las trincheras
Escalabilidad horizontal desde las trincherasSaúl Ibarra Corretgé
 
libuv, NodeJS and everything in between
libuv, NodeJS and everything in betweenlibuv, NodeJS and everything in between
libuv, NodeJS and everything in betweenSaúl Ibarra Corretgé
 

Mehr von Saúl Ibarra Corretgé (20)

Challenges running Jitsi Meet at scale during the pandemic
Challenges running Jitsi Meet at scale during the pandemicChallenges running Jitsi Meet at scale during the pandemic
Challenges running Jitsi Meet at scale during the pandemic
 
The Road to End-to-End Encryption in Jitsi Meet
The Road to End-to-End Encryption in Jitsi MeetThe Road to End-to-End Encryption in Jitsi Meet
The Road to End-to-End Encryption in Jitsi Meet
 
Jitsi: State of the Union 2020
Jitsi: State of the Union 2020Jitsi: State of the Union 2020
Jitsi: State of the Union 2020
 
Jitsi Meet: our tale of blood, sweat, tears and love
Jitsi Meet: our tale of blood, sweat, tears and loveJitsi Meet: our tale of blood, sweat, tears and love
Jitsi Meet: our tale of blood, sweat, tears and love
 
Jitsi Meet: Video conferencing for the privacy minded
Jitsi Meet: Video conferencing for the privacy mindedJitsi Meet: Video conferencing for the privacy minded
Jitsi Meet: Video conferencing for the privacy minded
 
Jitsi - Estado de la unión 2019
Jitsi - Estado de la unión 2019Jitsi - Estado de la unión 2019
Jitsi - Estado de la unión 2019
 
Get a room! Spot: the ultimate physical meeting room experience
Get a room! Spot: the ultimate physical meeting room experienceGet a room! Spot: the ultimate physical meeting room experience
Get a room! Spot: the ultimate physical meeting room experience
 
Going Mobile with React Native and WebRTC
Going Mobile with React Native and WebRTCGoing Mobile with React Native and WebRTC
Going Mobile with React Native and WebRTC
 
Going Mobile with React Native and WebRTC
Going Mobile with React Native and WebRTCGoing Mobile with React Native and WebRTC
Going Mobile with React Native and WebRTC
 
Jitsi: Estado de la Unión (2018)
Jitsi: Estado de la Unión (2018)Jitsi: Estado de la Unión (2018)
Jitsi: Estado de la Unión (2018)
 
Jitsi: state-of-the-art video conferencing you can self-host
Jitsi: state-of-the-art video conferencing you can self-hostJitsi: state-of-the-art video conferencing you can self-host
Jitsi: state-of-the-art video conferencing you can self-host
 
WebRTC: El epicentro de la videoconferencia y IoT
WebRTC: El epicentro de la videoconferencia y IoTWebRTC: El epicentro de la videoconferencia y IoT
WebRTC: El epicentro de la videoconferencia y IoT
 
Jitsi: Open Source Video Conferencing
Jitsi: Open Source Video ConferencingJitsi: Open Source Video Conferencing
Jitsi: Open Source Video Conferencing
 
Jitsi: State of the Union
Jitsi: State of the UnionJitsi: State of the Union
Jitsi: State of the Union
 
libuv: cross platform asynchronous i/o
libuv: cross platform asynchronous i/olibuv: cross platform asynchronous i/o
libuv: cross platform asynchronous i/o
 
SylkServer: State of the art RTC application server
SylkServer: State of the art RTC application serverSylkServer: State of the art RTC application server
SylkServer: State of the art RTC application server
 
Escalabilidad horizontal desde las trincheras
Escalabilidad horizontal desde las trincherasEscalabilidad horizontal desde las trincheras
Escalabilidad horizontal desde las trincheras
 
A deep dive into libuv
A deep dive into libuvA deep dive into libuv
A deep dive into libuv
 
Planning libuv v2
Planning libuv v2Planning libuv v2
Planning libuv v2
 
libuv, NodeJS and everything in between
libuv, NodeJS and everything in betweenlibuv, NodeJS and everything in between
libuv, NodeJS and everything in between
 

Kürzlich hochgeladen

What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????blackmambaettijean
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 

Kürzlich hochgeladen (20)

What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 

SIP Infrastructure Experts Workshop - AG Projects

  • 1. AG Projects SIP Infrastructure Experts Workshop Adrian Georgescu @agprojects Monday, October 21, 2013 Saúl Ibarra Corretgé @saghul
  • 2. AG Projects SIP Infrastructure Experts Hello! • AG Projects, 10+ years of experience • Software development for SIP infrastructures • Blink (and many other projects!) • Open Source Monday, October 21, 2013
  • 3. AG Projects SIP Infrastructure Experts Commercial Products • • MSP and SIP Thor - Turnkey SIP platforms Blink - SIP Client for OSX, Linux and Windows Self-organizing SIP Infrastructure DB DB Self-organizing Horizontally scalable Built-in disaster recovery No single point of failure Maintenance free Node 5 Node 1 DB Node 6 Multiple Roles SIP Proxy/Registrar RTP Media relay Presence Agent XCAP server Voicemail Provisioning DB Internet Node 2 DB Node 3 DB Node 4 RTP SIP User Agents User agents need only RFC3263 support (locating SIP services using DNS lookups) Monday, October 21, 2013 NAT SIP NAT
  • 5. AG Projects SIP Infrastructure Experts We like questions, interrupt us! Monday, October 21, 2013
  • 6. AG Projects SIP Infrastructure Experts What is OpenSIPS? • Open Source SIP Server • It does SIP, just SIP • Proxy, registrar, B2BUA, ... Monday, October 21, 2013
  • 7. AG Projects SIP Infrastructure Experts Possible deployment scenarios • Load balancer • Edge proxy • Proxy / registrar • LCR gateway • Presence Agent Monday, October 21, 2013
  • 8. AG Projects SIP Infrastructure Experts Monday, October 21, 2013
  • 9. AG Projects SIP Infrastructure Experts Monday, October 21, 2013
  • 10. AG Projects SIP Infrastructure Experts Monday, October 21, 2013
  • 11. AG Projects SIP Infrastructure Experts Monday, October 21, 2013
  • 13. AG Projects SIP Infrastructure Experts 1. Keep the core proxy as lean as possible • Edge proxy • Sanity checks • NAT traversal • Forward to core proxy Monday, October 21, 2013
  • 14. AG Projects SIP Infrastructure Experts • Core proxy • Main routing logic • User lookup • Route request to destination Monday, October 21, 2013
  • 15. AG Projects SIP Infrastructure Experts Using Path support • RFC 3327 • Keep the edge proxy always in the path • Always route requests through it (also outgoing) Monday, October 21, 2013
  • 16. AG Projects SIP Infrastructure Experts Using Path support … loadmodule "rr.so" loadmodule "registrar.so" loadmodule "path.so" … modparam("path", "use_received", 1) … # On the edge proxy if (method == "REGISTER") { if (!add_path_received("edge-in")) sl_send_reply("503", "Internal Path Error"); ... } # On the core proxy if (method == "REGISTER") { … save("location", "p2v"); } Monday, October 21, 2013
  • 17. AG Projects SIP Infrastructure Experts NAT traversal • Always apply NAT traversal techniques • Chances of not needing them are too low • But do not break ICE Monday, October 21, 2013
  • 18. AG Projects SIP Infrastructure Experts Monday, October 21, 2013
  • 19. AG Projects SIP Infrastructure Experts NAT traversal if (method != "REGISTER" && client_nat_test("3")) { fix_contact(); } Fix signaling if ((method=="REGISTER" || method=="SUBSCRIBE" || (method=="INVITE" && !has_totag())) && client_nat_test("3")) { nat_keepalive(); } if (method==INVITE && !has_totag()) { engage_media_proxy(); } Monday, October 21, 2013 Fix media
  • 20. AG Projects SIP Infrastructure Experts 2. Keep your configuration tidy • Use a version control system such as git • Separate logical sections in different files • Use a template language to help you • Handle each method separately Monday, October 21, 2013
  • 21. AG Projects SIP Infrastructure Experts Handle each SIP method separately ... if (method == "REGISTER") { ... } else if (method == "INVITE") { ... } else if (method == "SUBSCRIBE") { ... } else if (method == "PUBLISH") { ... ... Monday, October 21, 2013
  • 22. AG Projects SIP Infrastructure Experts Using jcfg • https://github.com/saghul/jcfg • Uses Jinja templates for generating config files Monday, October 21, 2013
  • 23. AG Projects SIP Infrastructure Experts Using jcfg # TCP {% if use_tcp %} disable_tcp=no {% for listener in tcp_listeners %} listen=tcp:{{ listener }} {% endfor %} disable_tcp=yes {% endif %} context = { # UDP 'udp_listeners': ['127.0.0.1:5060', '127.0.0.1:5080'], # TCP 'use_tcp': True, 'tcp_listeners': ['127.0.0.1:5060', '127.0.0.1:5080'] } jcfg --input opensips.tpl --output opensips.cfg --context settings.py Monday, October 21, 2013
  • 24. AG Projects SIP Infrastructure Experts 3. Fraud is unavoidable, deal with it • Usage quotas per user, per day / month • Implement a quick way for switching off an account • Blacklist premium numbers • Nobody calls to Antarctica, really • Limit number of concurrent calls Monday, October 21, 2013
  • 25. AG Projects SIP Infrastructure Experts 4. Apply common sense sec. measures • ‘1234’ is not a password, it’s a joke • Different credentials for SIP and for web configuration tools • Detect multiple authentication failures • Discard well known bad UAs • Monday, October 21, 2013 ‘friendly-scanner’ anyone?
  • 26. AG Projects SIP Infrastructure Experts Mitigating signaling attacks if (has_totag()) { # in-dialog request if (!validate_dialog()) fix_route_dialog(); ... } Monday, October 21, 2013
  • 27. AG Projects SIP Infrastructure Experts Call limit with CallControl if (method==INVITE && !has_totag()) { $avp(cc_call_limit) := 10; $avp(cc_call_token) := $RANDOM; call_control(); switch ($retcode) { case 2: # Call with no limit case 1: # Call has limit and is under callcontrol management break; case -1: # Not enough credit (prepaid call) sl_send_reply("402", "Not enough credit"); exit; case -2: # Locked by another call in progress (prepaid call) sl_send_reply("403", "Call locked by another call in progress"); exit; case -3: # Duplicated callid sl_send_reply("400", "Duplicated callid"); exit; case -4: # Call limit reached sl_send_reply("503", "Too many concurrent calls"); exit; default: # Internal error (message parsing, communication, ...) sl_send_reply("500", "Internal server error"); exit; } } Monday, October 21, 2013
  • 28. AG Projects SIP Infrastructure Experts Using the new Event Interface … loadmodule("event_datagram") … # Subscribe to the E_PIKE_BLOCKED event # Raise your own events from the routing script $avp(s:attr) = "number"; $avp(s:val) = 0; $avp(s:attr) = "string"; $avp(s:val) = "dummy value"; raise_event("E_DUMMY", $avp(s:attr), $avp(s:val)); Monday, October 21, 2013
  • 29. AG Projects SIP Infrastructure Experts BYE • Keep configuration simple • Apply Common Sense (TM) • Be prepared to deal with fraud and failure Monday, October 21, 2013
  • 30. AG Projects SIP Infrastructure Experts Questions? @agprojects @saghul Monday, October 21, 2013