1. Field of the Invention
This invention relates to network communication. In particular, the invention relates to firewalls.
2. Description of Related Art
Currently, firewalls do not admit traffic which is not recognized. Most voice over Internet protocol (VoIP) traffic is not allowed across a firewall boundary because VoIP traffic contains no indication that the packet is VoIP and no indication of the originating and destination parties in the call. This limits VoIP service to service within a firewall-protected domain and does not allow users within the domain to call outside the domain and vice versa
One existing technique is to add intelligence to firewall protocol so that the firewall can understand call signaling protocol (e.g., H.323) and can determine what Internet protocol (IP) address pair and UDP port pair to admit for a particular call. This technique has a number of drawbacks. First, the firewall is required to have significantly greater processing power and demands, resulting in high costs and integration efforts. Second, the firewall is required to be updated frequently as call signaling protocols change or are introduced, resulting in high maintenance and downtime costs. Third, the signaling is required to be processed by the firewall on every call, adding set-up delays and slowing down traffic.
Therefore, there is a need in the technology to provide an efficient technique for media communication via firewalls.