Telephony security system

US 8,150,013 B2
Filed: 11/03/2006
Issued: 04/03/2012
Est. Priority Date: 11/10/2000
Status: Active Grant

First Claim

Patent Images

1. A method for centrally monitoring and/or controlling communications between a public packet-switched communications network and an enterprise packet-switched communications network, the method comprising:

centrally configuring at least one rule designating at least one action to be performed based on at least one attribute associated with at least one real-time packet-switched call between the public packet-switched communications network and the enterprise packet-switched communications network;

downloading the at least one rule to an in-line device connected to the enterprise packet-switched communications network, the in-line device collocated or integrated into at least one packet-switched network element selected from the group of packet-switched network elements comprising;

a media gateway, an Internet-Protocol firewall, an Internet-Protocol telephone, a gateway router, a Channel Service Unit, a network hub, and a bridged router;

routing the at least one real-time packet-switched call through the in-line device;

determining, at the in-line device, the at least one attribute associated with the at least one real-time packet-switched call;

generating, at the in-line device, a call event record associated with determining the at least one attribute associated with the at least one real-time packet-switched call;

performing, at the in-line device, the at least one action in accordance with the at least one rule;

generating, at the in-line device, at least one later call event record associated with performing the at least one action in accordance with the at least one rule; and

generating an alert and/or a report based on either the call event record or the at least one later call event record generated in association with the at least one real-time packet-switched call.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method of telephony resource management and security for monitoring and/or controlling incoming and outgoing calls between an enterprise'"'"'s end-user stations and a public circuit-switched network and/or a public packet-switched network. A security policy is made up of one or more rules designating at least one action to be performed based on at least one attribute of the incoming or outgoing call. Calls are detected and sensed on the line, trunk and/or cabling, and analyzed to determine attributes associated with each call. Actions are performed based upon the determined attributes, in accordance with the security policy rules.

Citations

20 Claims

1. A method for centrally monitoring and/or controlling communications between a public packet-switched communications network and an enterprise packet-switched communications network, the method comprising:
- centrally configuring at least one rule designating at least one action to be performed based on at least one attribute associated with at least one real-time packet-switched call between the public packet-switched communications network and the enterprise packet-switched communications network;
  
  downloading the at least one rule to an in-line device connected to the enterprise packet-switched communications network, the in-line device collocated or integrated into at least one packet-switched network element selected from the group of packet-switched network elements comprising;
  
  a media gateway, an Internet-Protocol firewall, an Internet-Protocol telephone, a gateway router, a Channel Service Unit, a network hub, and a bridged router;
  
  routing the at least one real-time packet-switched call through the in-line device;
  
  determining, at the in-line device, the at least one attribute associated with the at least one real-time packet-switched call;
  
  generating, at the in-line device, a call event record associated with determining the at least one attribute associated with the at least one real-time packet-switched call;
  
  performing, at the in-line device, the at least one action in accordance with the at least one rule;
  
  generating, at the in-line device, at least one later call event record associated with performing the at least one action in accordance with the at least one rule; and
  
  generating an alert and/or a report based on either the call event record or the at least one later call event record generated in association with the at least one real-time packet-switched call.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein the at least one attribute associated with the at least one real-time packet-switched call includes at least one attribute selected from a group of attributes comprising:
    - a call direction;
      
      a call source;
      
      a call destination;
      
      a call type;
      
      a keyword detected in a call content;
      
      a call connect time;
      
      a call start date;
      
      a call start time;
      
      a call end date;
      
      a call end time;
      
      a call duration;
      
      a codec used;
      
      a number of bytes from the call source;
      
      a number of bytes from the call destination;
      
      a number of packets from the call source;
      
      a number of packets from the call destination;
      
      a source transmission rate;
      
      a destination transmissions rate;
      
      a source latency;
      
      a destination latency;
      
      a source jitter;
      
      a destination jitter;
      
      a source packet loss;
      
      a destination packet loss;
      
      a call pattern of interest; and
      
      a total bandwidth used.
  - 3. The method of claim 1, wherein the at least one action performed at the in-line device in accordance with the at least one rule includes at least one action selected from a group of actions comprising:
    - allowing the call;
      
      denying the call;
      
      redirecting the call;
      
      redirecting an in-progress copy of the call;
      
      recording the call content;
      
      encrypting the call;
      
      playing a tone to a called party;
      
      playing a tone to a calling party;
      
      playing a message to the called party;
      
      playing a message to the calling party;
      
      logging the call;
      
      generating a report;
      
      generating an alert;
      
      adjusting a security policy;
      
      monitoring the call content for keywords; and
      
      monitoring the call for patterns of interest.
  - 4. The method of claim 3, wherein the call and/or the in-progress copy of the call is redirected to a peripheral device selected from a group of peripheral devices comprising:
    - a recorder, a listening station, a data network intrusion detection system, a different end-user station source, and a different end-user station destination.
  - 5. The method of claim 3, wherein a management server and/or separate computer system performs at least one action selected from a group of actions comprising:
    - logging the call, recording the call content, monitoring the call content for keywords, monitoring the call for patterns of interest, generating a report, generating an alert, and adjusting the security policy.
  - 6. The method of claim 1, further comprising performing, at the in-line device, at least one additional action responsive to a result from the performing the at least one action in accordance with the at least one rule.

7. A centrally administered system for monitoring and/or controlling communications between a public packet-switched communications network and an enterprise packet-switched communications network, the system comprising:
- a centrally administered database comprising at least one rule designating at least one action to be performed based on at least one attribute associated with at least one real-time packet-switched call;
  
  an in-line device operable to;
  
  determine the at least one attribute associated with the at least one real-time packet-switched call;
  
  generate a call event record associated with determining the at least one attribute associated with the at least one real-time packet-switched call;
  
  perform the at least one action in accordance with the at least one rule;
  
  generate a later call event record associated with performing the at least one action in accordance with the at least one rule;
  
  at least one management server and/or separate computer system operable to generate an alert and/or a report based on the call event record generated in association with the at least one real-time packet-switched call;
  
  wherein the at least one action performed in accordance with the at least one rule includes at least one action selected from a group of actions comprising;
  
  allowing the call;
  
  denying the call;
  
  redirecting the call;
  
  redirecting an in-progress copy of the call;
  
  recording a call content;
  
  encrypting the call;
  
  playing a tone to the called party;
  
  playing a tone to the calling party;
  
  playing a message to the called party;
  
  playing a message to the calling party;
  
  logging the call;
  
  generating a report;
  
  generating an alert;
  
  adjusting a security policy;
  
  monitoring the call content for keywords; and
  
  monitoring the call for patterns of interest;
  
  wherein the in-line device is collocated or integrated into at least one packet-switched network element; and
  
  wherein the at least one packet-switched network element is connected to the enterprise packet-switched communications network.
- View Dependent Claims (8, 9, 10, 11, 12, 13, 14)
- - 8. The system of claim 7, wherein the at least one attribute associated with the at least one real-time packet-switched call is an attribute of two or more packets of the at least one real-time packet-switched call.
  - 9. The system of claim 7, wherein the call and/or the in-progress copy of the call is redirected to a peripheral device selected from a group of peripheral devices comprising:
    - a recorder, a listening station, a data network intrusion detection system, a different end-user station source, and a different end-user station destination.
  - 10. The system of claim 7, wherein the at least one attribute determined by the system includes at least one attribute selected from a group of attributes associated with the at least one real-time packet-switched call comprising:
    - a call direction;
      
      a call source;
      
      a call destination;
      
      a call type;
      
      a keyword detected in the call content;
      
      a call connect time;
      
      a call start date;
      
      a call start time;
      
      a call end date;
      
      a call end time;
      
      a call duration;
      
      a codec used;
      
      a number of bytes from the call source;
      
      a number of bytes from the call destination;
      
      a number of packets from the call source;
      
      a number of packets from the call destination;
      
      a source transmission rate;
      
      a destination transmission rate;
      
      a source latency;
      
      a destination latency;
      
      a source jitter;
      
      a destination jitter;
      
      a source packet loss;
      
      a destination packet loss;
      
      a call pattern of interest; and
      
      a total bandwidth used.
  - 11. The system of claim 7, further comprising at least one additional in-line device connected to the enterprise packet-switched communications network at at least one point of converging communications network signaling.
  - 12. The system of claim 7, wherein the at least one packet-switched network element is selected from a group of packet-switched network elements comprising:
    - a media gateway, an Internet-Protocol firewall, an Internet-Protocol telephone, a gateway router, a Channel Service Unit, a network hub, and a bridged router.
  - 13. The system of claim 7, wherein the at least one rule is associated with at least one telephony resource connected to the enterprise packet-switched communications network.
  - 14. The system of claim 13, wherein the at least one telephony resource is selected from a group of telephony resources comprising:
    - an Internet-Protocol telephone, a media gateway, a call server, and an Internet-Protocol firewall.

15. A method for centrally monitoring and/or controlling communications between a public packet-switched communications network and an enterprise packet-switched communications network, the method comprising:
- collocating or integrating an in-line device into at least one packet-switched network element selected from a group of packet-switched network elements comprising;
  
  a media gateway, an Internet-Protocol firewall, an Internet-Protocol telephone, a gateway router, a Channel Service Unit, a network hub, and a bridged router;
  
  centrally configuring at least one rule designating at least one action to be performed based on at least one call attribute associated with at least one real-time packet-switched call;
  
  downloading the at least one rule to the in-line device;
  
  determining, at the in-line device, the at least one call attribute associated with the at least one real-time packet-switched call;
  
  performing, at the in-line device, the at least one action in accordance with the at least one rule;
  
  performing, at the in-line device, at least one additional action, wherein the at least one additional action is performed responsive to the result from performing the at least one action in accordance with the at least one rule;
  
  wherein the in-line device performs the at least one action and the at least one additional action selected from a group of actions comprising;
  
  allowing the call;
  
  denying the call;
  
  redirecting the call;
  
  redirecting an in-progress copy of the call;
  
  recording the call content;
  
  encrypting the call;
  
  playing a tone to the called party;
  
  playing a tone to the calling party;
  
  playing a message to the called party;
  
  playing a message to the calling party;
  
  logging the call;
  
  generating a report;
  
  generating an alert;
  
  adjusting the security policy;
  
  monitoring the call content for keywords;
  
  monitoring the calls for patterns of interest; and
  
  wherein the at least one packet-switched network element is located within the enterprise packet-switched communications network.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The method of claim 15, further comprising routing the at least one real-time packet-switched call through the in-line device collocated or integrated into the at least one packet-switched network element.
  - 17. The method of claim 15, wherein the at least one attribute determined at the in-line device includes at least one attribute selected from a group of attributes associated with at least one real-time packet-switched call comprising:
    - a call direction;
      
      a call source;
      
      a call destination;
      
      a call type;
      
      a keyword detected in the call content;
      
      a call connect time;
      
      a call start date;
      
      a call start time;
      
      a call end date;
      
      a call end time;
      
      a call duration;
      
      a codec used;
      
      a number of bytes from the call source;
      
      a number of bytes from the call destination;
      
      a number of packets from the call source;
      
      a number of packets from the call destination;
      
      a source transmission rate;
      
      a destination transmissions rate;
      
      a source latency;
      
      a destination latency;
      
      a source jitter;
      
      a destination jitter;
      
      a source packet loss;
      
      a destination packet loss,a call pattern of interest; and
      
      a total bandwidth used.
  - 18. The method of claim 15, wherein the call and/or the in-progress copy of the call is redirected to a peripheral device selected from a group of peripheral devices comprising:
    - a recorder, a listening station, a data network intrusion detection system, a different end-user station source, and a different end-user station destination.
  - 19. The method of claim 15, wherein a management server and/or separate computer system performs at least one action selected from a group of actions comprising:
    - logging the call, recording the call content, monitoring the call content for keywords, monitoring the calls for patterns of interest, generating a report, generating an alert, and adjusting the security policy.
  - 20. The method of claim 15, further comprising downloading the at least one rule to at least one additional in-line device connected to the enterprise packet-switched communications network at least one point of converging communications network signaling.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SecureLogix Corporation
Original Assignee
SecureLogix Corporation
Inventors
Buntin, David L., Pickens, Keith S., Smith, Kirk E., Collier, Mark D.
Primary Examiner(s)
HONG, HARRY S

Application Number

US11/592,515
Publication Number

US 20070127448A1
Time in Patent Office

1,978 Days
Field of Search

379/112.39, 379/188, 379/189, 379/198, 379/199, 379/200, 379/219, 379/221.15, 379/32.04, 379/93.02, 379/114.14, 379/196, 379/197, 370351-356
US Class Current

379/189
CPC Class Codes

H04L 12/6418 Hybrid transport

Telephony security system

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Telephony security system

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links