111 - D-Link NetDefend DFL-210 User Manual

6.2.5. H.323
• MIME Checking - Mail attachment file content can be checked against its filetype. A list of all
filetypes checked can be found in Appendix C, Anti-Virus MIME filetypes.
• Anti-Virus Scanning - The NetDefendOS Anti-Virus module can scan email attachments
searching for malicious code.
• Verify Sender Email - This option specifies that the source address in the SMTP protocol header
and the SMTP data load header match.. Spamming programs can cause these to be different.
6.2.5. H.323
H.323 is a standard approved by the International Telecommunication Union to allow compatibility
in video conference transmissions over IP networks. It is used for real-time audio, video and data
communication over packet-based networks such as the internet. It specifies the components, proto-
cols and procedures for providing such multimedia communication, including Internet phone and
voice-over-IP (VoIP).
H.323 Components
H.323 consists of four main components:
Terminals
Gateways
Gatekeepers
Multipoint Control Units
H.323 Protocols
The different protocols used in implementing H.323 are:
H.225 RAS Signaling and Call
Control (Setup) Signaling
Devices used for audio and optionally video or data commu-
nication. eg. phones, conferencing units, or "software phones"
such as NetMeeting).
An H.323 gateway connects two dissimilar networks and
translates traffic between them. It provides connectivity
between H.323 networks and non-H.323 networks such as
public switched telephone networks (PSTN), translating pro-
tocols and converting media them. A gateway is not required
for communication between two H.323 terminals.
The Gatekeeper is a component in the H.323 system which is
used for addressing, authorization and authentication of ter-
minals and gateways. It can also take care of bandwidth man-
agement, accounting, billing and charging. The gatekeeper
may allow calls to be placed directly between endpoints, or it
may route the call signaling through itself to perform func-
tions such as follow-me/find-me, forward on busy, etc. It is
needed when there is more then one H.323 terminal behind a
NATing device with only one public IP.
MCUs provide support for conferences of three or more
H.323 terminals. All H.323 terminals participating in the con-
ference call have to establish a connection with the MCU.
The MCU then manages the calls, resources, video and audio
codecs used in the call.
Used for call signaling. It used to establish a connection
between two H.323 endpoints. This call signal channel is
opened between two H.323 endpoints or between a H.323 en-
dpoint and a gatekeeper. For communication between two
H.323 endpoints, TCP 1720 is used. When connecting to a
gatekeeper, UDP port 1719 (H.225 RAS messages) are used.

111

Chapter 6. Security Mechanisms