Intelligent switching for secure and reliable voice-over-IP PBX service
First Claim
1. A switching apparatus for selectably switching packetized traffic between a first and a second authenticated communication device connected to the switching apparatus via communication ports of the switching apparatus, said packetized traffic including call control packet traffic processable for establishing a voice-related call session between the first and second authenticated communication devices and medium packet traffic indicative of digitized voice data, the switching apparatus comprising:
- a multi-layer switch that performs;
(a) rate policing call control packet traffic received from the first authenticated communication device, wherein a call session is established between the first and second authenticated communication devices through the multi-layer switch based on the call control packet traffic in response to the multi-layer switch determining that a data rate of the call control packet traffic is below a prescribed data rate threshold; and
(b) splitting medium packet traffic communicated from the first authenticated communication device towards the second authenticated communication device via the multi-layer switch during an established call session between the first and second authenticated communication devices, into a first call segment and a second call segment wherein, said splitting of medium packet traffic includes the multi-layer switch performing at least Layer-3 processing of said medium packet traffic such that the first call segment is configured to originate from said first authenticated communication device and terminate at said multi-layer switch, and the second call segment is configured to originate from said multi-layer switch and terminate at said second authenticated communication device;
wherein packetized traffic received by the multi-layer switch during the established call session between the authenticated first and second communication devices is processed by an ingress filter of the multi-layer switch based on at least one switching rule that allows only voice-related call control packet traffic and medium packet traffic received from at least one of the first and second authenticated communication devices, the packetized traffic is processed to be onwardly switched between the first and second authenticated communication devices via the multi-layer switch while restricting non-voice related packetized traffic from being communicated between the first and second authenticated communication devices via the multi-layer switch, and said at least one switching rule allowed automatic activation in response to establishment of the call session and automatic deactivation in response to termination of the call session.
1 Assignment
0 Petitions
Accused Products
Abstract
A switching apparatus for switching packetized voice traffic between a plurality of communication devices, the switching apparatus comprises a multi-layer switch, a plurality of communication ports, control means and ingress processing means, said packetized voice traffic comprises call control packets and medium packets which are exchanged between the communication devices via said communication ports, wherein medium packet traffic from a first communication device to a second communication device is split into a first call segment and a second call segment, the first call segment originates from said first communication devices and terminates at said switching apparatus, the second call segment originates from said switching apparatus and terminates at said second communication device, each medium packet from said first communication device is processed by said ingress processing means of said switching apparatus before onward transmission to said second communication device.
39 Citations
20 Claims
-
1. A switching apparatus for selectably switching packetized traffic between a first and a second authenticated communication device connected to the switching apparatus via communication ports of the switching apparatus, said packetized traffic including call control packet traffic processable for establishing a voice-related call session between the first and second authenticated communication devices and medium packet traffic indicative of digitized voice data, the switching apparatus comprising:
-
a multi-layer switch that performs; (a) rate policing call control packet traffic received from the first authenticated communication device, wherein a call session is established between the first and second authenticated communication devices through the multi-layer switch based on the call control packet traffic in response to the multi-layer switch determining that a data rate of the call control packet traffic is below a prescribed data rate threshold; and (b) splitting medium packet traffic communicated from the first authenticated communication device towards the second authenticated communication device via the multi-layer switch during an established call session between the first and second authenticated communication devices, into a first call segment and a second call segment wherein, said splitting of medium packet traffic includes the multi-layer switch performing at least Layer-3 processing of said medium packet traffic such that the first call segment is configured to originate from said first authenticated communication device and terminate at said multi-layer switch, and the second call segment is configured to originate from said multi-layer switch and terminate at said second authenticated communication device; wherein packetized traffic received by the multi-layer switch during the established call session between the authenticated first and second communication devices is processed by an ingress filter of the multi-layer switch based on at least one switching rule that allows only voice-related call control packet traffic and medium packet traffic received from at least one of the first and second authenticated communication devices, the packetized traffic is processed to be onwardly switched between the first and second authenticated communication devices via the multi-layer switch while restricting non-voice related packetized traffic from being communicated between the first and second authenticated communication devices via the multi-layer switch, and said at least one switching rule allowed automatic activation in response to establishment of the call session and automatic deactivation in response to termination of the call session. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A method of selectably switching packetized traffic from a first authenticated communication device to a second authenticated communication device via an intermediate multi-layer switching apparatus, said packetized traffic including call control packet traffic processable by the intermediate multi-layer switching apparatus to establish a voice-related call session between the first and second authenticated communication devices and medium packet traffic indicative of digitized voice data, said method including the steps of:
-
(i) establishing a call session between the first and second authenticated communication devices via the intermediate multi-layer switching apparatus based on call control packet traffic received from the first authenticated communication device where the intermediate multi-layer switching apparatus determines that a data rate of said call control packet traffic is below a prescribed data rate threshold; and (ii) splitting medium packet traffic communicated from the first authenticated communication device towards the second authenticated communication device via the intermediate multi-layer switching apparatus during the established call session between the first and second authenticated communication devices, into a first call segment and a second call segment wherein said splitting of medium packet traffic includes performing at least Layer-3 processing of said medium packet traffic such that the first call segment is configured to originate from said first authenticated communication device and terminate at said intermediate multi-layer switching apparatus, and the second call segment is configured to originate from said intermediate multi-layer switching apparatus and terminate at said second authenticated communication device, wherein packetized traffic received by the multi-layer switch during the established call session between the authenticated first and second communication devices is processed by an ingress filter of the multi-layer switch based on at least one switching rule that allows only voice-related call control packet traffic and medium packet traffic received from the first and/or second authenticated communication devices, the packetized traffic is processed to be onwardly switched between the first and second authenticated communication devices via the multi-layer switch while restricting non-voice related packetized traffic from being communicated between the first and second authenticated communication devices via the multi-layer switch, and said at least one switching rule allowed automatic activation in response to establishment of the call session and automatic deactivation in response to termination of the call session.
-
Specification