Encapsulation, compression, and encryption of PCM data
First Claim
Patent Images
1. A virtual private telephone network for providing encrypted transport of a call across a public switched telephone network (PSTN) from a first enterprise location to a second enterprise location, said virtual private telephone network being located between one or more end-user stations at the first enterprise location and one or more end-user stations at the second enterprise location, said virtual private telephone network comprising:
- at least one rule associated with the first enterprise location;
said at least one rule associated with the first enterprise location specifying at least one action associated with the first enterprise location to be performed based on at least one attribute of an incoming or outgoing call to/from the first enterprise location;
at least one rule associated with the second enterprise location;
said at least one rule associated with the second enterprise location specifying at least one action associated with the second enterprise location to be performed based on at least one attribute of the incoming or outgoing call to/from the second enterprise location;
at least one first telephony appliance associated with the first enterprise location;
said at least one first telephony appliance associated with the first enterprise location including means for determining said at least one attribute of the incoming or outgoing call to/from the first enterprise location;
said at least one attribute being from a group including;
the call direction,the call source number,the call destination number,the call type,said call type attribute being defined as one of voice, fax, or data transfer (modem),the call date,the call time,the call duration,the identifier for the extension or direct connect line carrying the call,the channel through which the call is processed,the start date of the call,the start time of the call,the end date of the call, andthe end time of the call;
said at least one first telephony appliance associated with the first enterprise location further including means for performing said at least one action associated with the first enterprise location specified in said at least one rule associated with the first enterprise location;
said at least one action being from a group including;
allowing the call,denying the call,conducting the call in encrypted mode,sending a tone,sending a message,logging the call,generating a report, andproviding an alert; and
at least one second telephony appliance associated with the second enterprise location;
said at least one second telephony appliance associated with the second enterprise location including means for determining said at least one attribute of the incoming or outgoing call to/from the second enterprise location;
said at least one attribute being from said group including;
the call direction,the call source number,the call destination number,the call type,said call type attribute being defined as one of voice, fax, or data transfer (modem),the call date,the call time,the call duration,the identifier for the extension or direct connect line carrying the call,the channel through which the call is processed, the start date of the call,the start time of the call,the end date of the call, andthe end time of the call;
said at least one second telephony appliance associated with the second enterprise location further including means for performing said at least one action associated with the second enterprise location specified in said at least one rule associated with the second enterprise location;
said at least one action being from said group including;
allowing the call,denying the call,conducting the call in encrypted mode,sending a tone,sending a message,logging the call,generating a report, andproviding an alert.
3 Assignments
0 Petitions
Accused Products
Abstract
A system and method to provide secure access across the untrusted public switched telephone network is described. The system and method can be initiated by a security policy defining actions to be taken based upon at least one attribute of the call.
78 Citations
51 Claims
-
1. A virtual private telephone network for providing encrypted transport of a call across a public switched telephone network (PSTN) from a first enterprise location to a second enterprise location, said virtual private telephone network being located between one or more end-user stations at the first enterprise location and one or more end-user stations at the second enterprise location, said virtual private telephone network comprising:
-
at least one rule associated with the first enterprise location; said at least one rule associated with the first enterprise location specifying at least one action associated with the first enterprise location to be performed based on at least one attribute of an incoming or outgoing call to/from the first enterprise location; at least one rule associated with the second enterprise location; said at least one rule associated with the second enterprise location specifying at least one action associated with the second enterprise location to be performed based on at least one attribute of the incoming or outgoing call to/from the second enterprise location; at least one first telephony appliance associated with the first enterprise location; said at least one first telephony appliance associated with the first enterprise location including means for determining said at least one attribute of the incoming or outgoing call to/from the first enterprise location; said at least one attribute being from a group including; the call direction, the call source number, the call destination number, the call type, said call type attribute being defined as one of voice, fax, or data transfer (modem), the call date, the call time, the call duration, the identifier for the extension or direct connect line carrying the call, the channel through which the call is processed, the start date of the call, the start time of the call, the end date of the call, and the end time of the call; said at least one first telephony appliance associated with the first enterprise location further including means for performing said at least one action associated with the first enterprise location specified in said at least one rule associated with the first enterprise location; said at least one action being from a group including; allowing the call, denying the call, conducting the call in encrypted mode, sending a tone, sending a message, logging the call, generating a report, and providing an alert; and at least one second telephony appliance associated with the second enterprise location; said at least one second telephony appliance associated with the second enterprise location including means for determining said at least one attribute of the incoming or outgoing call to/from the second enterprise location; said at least one attribute being from said group including; the call direction, the call source number, the call destination number, the call type, said call type attribute being defined as one of voice, fax, or data transfer (modem), the call date, the call time, the call duration, the identifier for the extension or direct connect line carrying the call, the channel through which the call is processed, the start date of the call, the start time of the call, the end date of the call, and the end time of the call; said at least one second telephony appliance associated with the second enterprise location further including means for performing said at least one action associated with the second enterprise location specified in said at least one rule associated with the second enterprise location; said at least one action being from said group including; allowing the call, denying the call, conducting the call in encrypted mode, sending a tone, sending a message, logging the call, generating a report, and providing an alert. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A method for providing encrypted transport of a call across a public switched telephone network (PSTN) from a first enterprise location to a second enterprise location, said method being implemented between one or more end-user stations located at the first enterprise location and one or more end-user stations located at the second enterprise location, said method comprising the steps of:
-
defining at least one rule associated with the one or more end-user stations located at the first enterprise location; said at least one rule associated with the one or more end-user stations located at the first enterprise location specifying at least one action associated with the first enterprise location to be performed based on at least one attribute of an incoming or outgoing call to/from the first enterprise location; defining at least one rule associated with the one or more end-user stations located at the second enterprise location; said at least one rule associated with the one or more end-user stations located at the second enterprise location specifying at least one action associated with the second enterprise location to be performed based on at least one attribute of the incoming or outgoing call to/from the second enterprise location; determining said at least one attribute of the incoming or outgoing call to/from the first enterprise location; said at least one attribute being from a group including; the call direction, the call source number, the call destination number, the call type, said call type attribute being defined as one of voice, fax, or data transfer (modem), the call date, the call time, the call duration, the identifier for the extension or direct connect line carrying the call, the channel through which the call is processed, the start date of the call, the start time of the call, the end date of the call, and the end time of the call; determining said at least one attribute of the incoming or outgoing call to/from the second enterprise location; said at least one attribute being from a group including; the call direction, the call source number, the call destination number, the call type, said call type attribute being defined as one of voice, fax, or data transfer (modem), the call date, the call time, the call duration, the identifier for the extension or direct connect line carrying the call, the channel through which the call is processed, the start date of the call, the start time of the call, the end date of the call, and the end time of the call; performing said at least one action associated with the first enterprise location and specified in said at least one rule associated with the one or more end-user stations located at the first enterprise location; said at least one action being from a group including; allowing the call, denying the call, conducting the call in encrypted mode, sending a tone, sending a message, logging the call, generating a report, and providing an alert; and performing said at least one action associated with the second enterprise location and specified in said at least one rule associated with the one or more end-user stations located at the second enterprise location; said at least one action being from a group including; allowing the call, denying the call, conducting the call in encrypted mode, sending a tone, sending a message, logging the call, generating a report, and providing an alert. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
-
-
35. A method of providing encrypted transport of a call from a first geographically separate location, across a public switched telephone network (PSTN), to a second geographically separate location, said method comprising the steps of:
-
defining one or more rules associated with an incoming or outgoing call to/from one or more end-user stations located at the first geographically separate location; said at least one rule associated with the incoming or outgoing call to/from one or more end-user stations located at the first geographically separate location specifying one or more actions associated with the first geographically separate location to be performed based upon one or more attributes of the incoming or outgoing call to/from the first geographically separate location; said one or more attributes being from a group including; the call direction, the call source number, the call destination number, the call type, said call type attribute being defined as one of voice, fax, or data transfer (modem), the call date, the call time, the call duration, the identifier for the extension or direct connect line carrying the call, the channel through which the call is processed, the start date of the call, the start time of the call, the end date of the call, and the end time of the call; and said one or more actions being from a group including; allowing the call, denying the call, conducting the call in encrypted mode, sending a tone, sending a message, logging the call, generating a report, and providing an alert; defining one or more rules associated with the incoming or outgoing call to/from one or more end-user stations located at the second geographically separate location; said at least one rule associated with the incoming or outgoing call to/from one or more end-user stations located at the second geographically separate location specifying one or more actions associated with the second geographically separate location to be performed based upon one or more attributes of the incoming or outgoing call to/from the second geographically separate location; said one or more attributes being from a group including; the call direction, the call source number, the call destination number, the call type, said call type attribute being defined as one of a voice, fax, or data transfer (modem), the call date, the call time, the call duration, the identifier for the extension or direct connect line carrying the call, the channel through which the call is processed, the start date of the call, the start time of the call, the end date of the call, and the end time of the call; and said one or more actions being from a group including; allowing the call, denying the call, conducting the call in encrypted mode, sending a tone, sending a message, logging the call, generating a report, and providing an alert; determining said one or more attributes of the incoming or outgoing call to/from the first geographically separate location; determining said one or more attributes of the incoming or outgoing call to/from the second geographically separate location; performing said one or more actions associated with the first geographically separate location in accordance with said one or more rules associated with the incoming or outgoing call to/from one or more end-user stations located at the first geographically separate location; and performing said one or more actions associated with the second geographically separate location in accordance with said one or more rules associated with the incoming or outgoing call to/from one or more end-user stations located at the second geographically separate location. - View Dependent Claims (36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51)
-
Specification