By Cassimir Medford

What good is Internet voice if your calls can’t get past your own firewall or the firewall of the person you are calling?

Eyeball Networks, an Internet voice call completion startup, said Monday that it has successfully completed testing of its AnyFirewall software with Japanese telecommunications giant Nippon Telegraph and Telephone (NTT).

The West Vancouver, Canada-based company offers the means whereby companies that market voice and video over IP can get past firewalls and other network protections that can frustrate IP communications.

AnyFirewall provides the ability to traverse firewalls and the trickier network technology, Network Address Translation (NAT), an IP address-masquerading scheme that plays havoc with VoIP and IP video chat.

NAT was originally developed as a router technique for conserving scarce and valuable IP addresses. Using NAT, multiple PC users can connect to the Internet using a single IP address.

That’s great for the IP administrator, but it is confusing when a VoIP call is made to a person behind that router. If 10 users share a single IP address, then completing the call can be difficult or impossible.

“Anytime you have IP-based communication, firewall traversal and NAT traversal are very big issues,” said Paul Gossen, Eyeball’s vice president of sales and marketing.

New Market

The firewall and NAT traversal market barely existed a few years ago, but the emergence of VoIP has spurred the development of the technology and the creation of an industry standard called STUN, TURN and ICE.

Eyeball has built AnyFirewall and its other related products on the standard, which is still in draft phase.

To date the market for firewall and NAT traversal software is made up of a handful of independent operators such as Eyeball and a market of roll-your-own products.

The problem for Eyeball is convincing IP communications companies such as cell phone makers and service providers that they should buy firewall and NAT traversal software from an outside source.

The various ways in which NAT is implemented make roll-your-own products impractical for broad-based, real-world IP communications, according to Mr. Gossen.

“We’ve discovered that something will work wonderfully in the lab, but there are so many variables of NAT in the real world that it does not work as well when deployed,” said Mr. Gossen.

For instance a user behind a NAT router that employs some little-used, exotic scheme may find it impossible to make VoIP calls anywhere because he or she is marooned behind a tough-to-traverse NAT scheme.

“Vonage, for instance, is in a classic firewall and NAT traversal scenario,” Mr. Gossen said.

“Vonage had a customer retention problem of about 20 percent because at least 5 percent of its customers find their VoIP phones don’t work at all,” he added.

Eyeball’s AnyFirewall is embedded in the user’s VoIP phone. It interoperates with a server that will work with the user’s phone to develop a strategy for getting beyond the uncooperative NAT scheme.

“It will try to make a peer-to-peer call or, failing that, it may attempt a tunneling strategy to get past the firewall,” Mr. Gossen said. “The call failure rate of VoIP is 310 times that of circuit-switched phone service.”