Zones, About zones, Neighbor zone – TANDBERG Security Camera User Manual
Page 81: Traversal client zone, Traversal server zone, About zones neighbor zone traversal client zone
81
D14049.03
MAY 2008
Grey Headline (continued)
TANDBERG
VIDEO COMMUNICATIONS SERVER
ADMINISTRATOR GUIDE
Zones
A zone is a collection of endpoints, either all registered to a
single system (e.g. VCS, gatekeeper or Border Controller), or of
a certain type such as ENUM or DNS. The use of zones enables
you to:
use links to determine whether calls can be made between
•
your local subzones and these other zones
manage the bandwidth of calls between your local subzones
•
and endpoints in other zones
easily search for aliases that are not registered locally
•
apply transforms to aliases before searching for them.
•
Your VCS allows you to configure up to 200 zones of 5 different
types. It also has a non-configurable Default Zone.
About Zones
In order to be able to traverse a firewall, the VCS must be
neighbored with a traversal server (for example a TANDBERG
VCS Expressway or a TANDBERG Border Controller).
In this situation your local VCS is a traversal client, so you
neighbor with the traversal server by creating a traversal client
zone on your local VCS. You then configure the client zone with
details of the corresponding zone on the traversal server. (The
traversal server must also be configured with details of the VCS
client zone.)
Once you have neighbored with the traversal server you can:
use the neighbor as a traversal server
•
query the traversal server about its endpoints
•
apply transforms to any queries before they are sent to the
•
traversal server
control the bandwidth used for calls between your local VCS
•
and the traversal server.
A VCS Expressway is able to act as a traversal server, providing
firewall traversal on behalf of traversal clients (for example, VCS
Controls or gatekeepers).
In order to act as a traversal server, the VCS Expressway must
have a special type of two-way neighbor relationship with each
traversal client. To do this, you create a traversal server zone
on your local VCS Expressway and configure it with the details of
the corresponding zone on the traversal client. (The client must
also be configured with details of the VCS Expressway.)
Once you have neighbored with the traversal client you can:
provide firewall traversal services to the traversal client
•
query the traversal client about its endpoints
•
apply transforms to any queries before they are sent to the
•
traversal client
control the bandwidth used for calls between your local VCS
•
and the traversal client.
Traversal client-server zone relationships are two-way; in order for firewall traversal to work, the traversal server and the
traversal client must each be configured with the other’s details. (See
Quick Guide to VCS Traversal Client - Server
for more information.) The client and server will then be able to query each other.
A Neighbor zone could be a collection of endpoints registered
to another system (e.g. VCS, gatekeeper, or Border Controller),
or it could be a SIP device. The other system or SIP device is
referred to as a neighbor. Neighbors can be part of your own
enterprise network, part of a separate network, or even stand-
alone systems.
You create a neighbor relationship with the other system by
adding it as a neighbor zone on your local VCS. Once you have
added it, you can:
query the neighbor about its endpoints
•
apply transforms to any requests before they are sent to the
•
neighbor
control the bandwidth used for calls between your local VCS
•
and the neighbor zone.
Traversal Client Zone
Traversal Server Zone
Neighbor Zone
Neighbor zone relationships are one-way; adding another
system to your VCS as a neighbor does not mean that
your VCS will also be a neighbor of that other system. In
such a situation, your VCS will know about and be able to query
the other system, but the other system will not know about or be
able to query your VCS. However, inbound calls will be identified
as coming from that neighbor if the source IP address matches.