System and method for enabling VPN-less session setup for connecting mobile data devices to an enterprise data network
First Claim
Patent Images
1. A method for provisioning a data service in a telecommunications network, comprising:
- receiving, by a first gateway server a request to invoke a data session issued by a mobile terminal;
responsive to receiving the request, forwarding the request to a second gateway server, via a data network, deployed in an enterprise network;
establishing a secure tunnel between the first gateway server and the second gateway server, wherein the secure tunnel supports selectable security and encryption specific to requirements of the enterprise network;
transmitting data of the data session to the enterprise networkidentifying, by the first gateway server, the enterprise network based on identified information corresponding to the mobile terminal; and
deploying the second gateway server in the enterprise network and interfacing with the first gateway server via an Internet Protocol connection which is deployed in a cellular network;
wherein the mobile terminal is subjected to a data policy of the enterprise network irrespective of a location of the mobile terminal.
0 Assignments
0 Petitions
Accused Products
Abstract
A mobile application gateway configured to interconnect mobile communication devices on a cellular network with an enterprise network is provided. The mobile application gateway includes a voice and data signaling gateway configured to provide routing functionalities, service functionalities and admission control. A gateway GPRS support node (GGSN) is configured to establish a secure data session between one or more of the mobile communication devices and the enterprise network by establishing a GPRS tunneling protocol (GTP) tunnel between a carrier-hosted serving GPRS support node (SGSN) and the GGSN.
10 Citations
14 Claims
-
1. A method for provisioning a data service in a telecommunications network, comprising:
-
receiving, by a first gateway server a request to invoke a data session issued by a mobile terminal; responsive to receiving the request, forwarding the request to a second gateway server, via a data network, deployed in an enterprise network; establishing a secure tunnel between the first gateway server and the second gateway server, wherein the secure tunnel supports selectable security and encryption specific to requirements of the enterprise network; transmitting data of the data session to the enterprise network identifying, by the first gateway server, the enterprise network based on identified information corresponding to the mobile terminal; and deploying the second gateway server in the enterprise network and interfacing with the first gateway server via an Internet Protocol connection which is deployed in a cellular network; wherein the mobile terminal is subjected to a data policy of the enterprise network irrespective of a location of the mobile terminal. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for provisioning a data service in a telecommunications network, the system comprising:
-
a cellular network including a first gateway server configured to receive a request to invoke a data session issued by a mobile terminal of the cellular network; and an enterprise network including a second gateway server, wherein the first gateway server, responsive to receiving the request, identifies the enterprise network and forwards the request via a data network to the second gateway server, wherein a secure tunnel is established between the first gateway server and the second gateway server, wherein the secure tunnel may support selectable security and encryption specific to requirements of the enterprise network, and wherein data of the data session is transmitted to the enterprise network, wherein the first gateway server identifies the enterprise network based on identified information corresponding to the mobile terminal, and wherein the second gateway server is deployed in the enterprise network and interfaces with the first gateway server via an Internet Protocol connection which is deployed in the cellular network; and wherein the mobile terminal is subjected to a data policy of the enterprise network irrespective of a location of the mobile terminal. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A system configured to interconnect mobile communication devices on a cellular network with an enterprise network, comprising:
-
a voice and data signaling gateway configured to provide routing functionalities, service functionalities and admission control; and a home agent configured to establish a secure data session between a mobile terminal and the enterprise network by establishing a secure tunneling protocol between a carrier-hosted serving foreign agent and the home agent, wherein the secure tunneling protocol is established for the mobile terminal in response to receipt of a request to invoke a data session issued by the mobile terminal, wherein a first gateway server deployed in the cellular network identifies the enterprise network, responsive thereto, forwards the request to a second gateway server that is Internet Protocol interfaced with the first gateway server deployed in the enterprise network, wherein a secure tunnel is established between the first gateway server and the second gateway server, wherein the secure tunnel may support selectable security and encryption specific to requirements of the enterprise network, wherein the first gateway server identifies the enterprise network based on identified information corresponding to the mobile terminal, and wherein the second gateway server is deployed in the enterprise network and interfaces with the first gateway server via an Internet Protocol connection which is deployed in the cellular network; and wherein the mobile terminal is subjected to a data policy of the enterprise network irrespective of a location of the mobile terminal.
-
Specification