Securing telephony communications between remote and enterprise endpoints
First Claim
1. A system for securing telephony communications between an enterprise telephony endpoint and a remote telephony endpoint, comprising:
- an isolated packet-based network having a plurality of enterprise telephony endpoints;
an exposed packet-based network coupled to a public packet-based network and having a call management device operable to receive an unsecured session request from a remote telephony endpoint coupled to the public packet-based network, to determine that the unsecured session request identifies one of the enterprise telephony endpoints, and to establish a media link between the remote telephony endpoint and an isolation device; and
the isolation device coupled between the isolated packet-based network and the exposed packet-based network and operable to receive unsecured media associated with the media link, to translate the unsecured media to reduce the likelihood of harmful code communicated by the remote telephony endpoint from reaching the identified enterprise telephony endpoint, and to transmit the translated media to the isolated packet-based network.
1 Assignment
0 Petitions
Accused Products
Abstract
A system for securing telephony communications between an enterprise telephony endpoint and a remote telephony endpoint includes an isolated packet-based network, an exposed packet-based network, and an isolation device. The isolated packet-based network has a plurality of enterprise telephony endpoints. The exposed packet-based network is coupled to a public packet-based network and has a call management device that can receive an unsecured session request from a remote telephony endpoint coupled to the public packet-based network, determine that the unsecured session request identifies one of the enterprise telephony endpoints, and establish a media link between the remote telephony endpoint and the isolation device. The isolation device is coupled between the isolated packet-based network and the exposed packet-based network and can receive unsecured media associated with the media link, translate the unsecured media to reduce the likelihood of harmful code communicated by the remote telephony endpoint from reaching the identified enterprise telephony endpoint, and transmit the translated media to the isolated packet-based network.
-
Citations
36 Claims
-
1. A system for securing telephony communications between an enterprise telephony endpoint and a remote telephony endpoint, comprising:
-
an isolated packet-based network having a plurality of enterprise telephony endpoints;
an exposed packet-based network coupled to a public packet-based network and having a call management device operable to receive an unsecured session request from a remote telephony endpoint coupled to the public packet-based network, to determine that the unsecured session request identifies one of the enterprise telephony endpoints, and to establish a media link between the remote telephony endpoint and an isolation device; and
the isolation device coupled between the isolated packet-based network and the exposed packet-based network and operable to receive unsecured media associated with the media link, to translate the unsecured media to reduce the likelihood of harmful code communicated by the remote telephony endpoint from reaching the identified enterprise telephony endpoint, and to transmit the translated media to the isolated packet-based network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for securing telephony communications between an enterprise telephony endpoint and a remote telephony endpoint, comprising:
-
receiving at a call management device in an exposed packet-based network an unsecured session request from a remote telephony endpoint coupled to a public packet-based network;
determining that the unsecured session request identifies one of a plurality of enterprise telephony endpoints in an isolated packet-based network;
establishing a media link between the remote telephony endpoint and an isolation device coupled between the isolated packet-based network and the exposed packet-based network;
receiving unsecured media associated with the media link at the isolation device;
translating the unsecured media to reduce the likelihood of harmful code communicated by the remote telephony endpoint from reaching the identified enterprise telephony endpoint; and
transmitting the translated media from the isolation device to the isolated packet-based network. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. Logic for securing telephony communications between an enterprise telephony endpoint and a remote telephony endpoint, the logic encoded in media and operable when executed to:
-
receive at a call management device in an exposed packet-based network an unsecured session request from a remote telephony endpoint coupled to a public packet-based network;
determine that the unsecured session request identifies one of a plurality of enterprise telephony endpoints in an isolated packet-based network;
establish a media link between the remote telephony endpoint and an isolation device coupled between the isolated packet-based network and the exposed packet-based network;
receive unsecured media associated with the media link at the isolation device;
translate the unsecured media to reduce the likelihood of harmful code communicated by the remote telephony endpoint from reaching the identified enterprise telephony endpoint; and
transmit the translated media from the isolation device to the isolated packet-based network. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
-
-
28. A system for securing telephony communications between an enterprise telephony endpoint and a remote telephony endpoint, comprising:
-
means for receiving at a call management device in an exposed packet-based network an unsecured session request from a remote telephony endpoint coupled to a public packet-based network;
means for determining that the unsecured session request identifies one of a plurality of enterprise telephony endpoints in an isolated packet-based network;
means for establishing a media link between the remote telephony endpoint and an isolation device coupled between the isolated packet-based network and the exposed packet-based network;
means for receiving unsecured media associated with the media link at the isolation device;
means for translating the unsecured media to reduce the likelihood of harmful code communicated by the remote telephony endpoint from reaching the identified enterprise telephony endpoint; and
means for transmitting the translated media from the isolation device to the isolated packet-based network. - View Dependent Claims (29, 30, 31, 32, 33, 34, 35, 36)
-
Specification