System and method for enabling communication sessions in a network environment
First Claim
1. An apparatus, comprising:
- a policy element operable to receive a query for a policy that pertains to a selected one of first and second endpoints, wherein the first and second endpoints are two distinct entities, each endpoint being associated with a virtual private network (VPN), wherein the VPNs are disjointed, wherein interaction occurs between a session border controller (SBC) and a session initiation protocol (SIP) signaling entity, wherein each SBC makes a mapping between signaling entity information and pre-configured SBC VPN information, wherein credential negotiation occurs between the policy element and the SBC such that a selected policy within the policy element determines that a requested communication session is conducted between the endpoints, wherein the pre-configured SBC VPN information is used for dynamic policy configuration of the communication session, and wherein a local database is checked for a log of an existing call and for a prior configuration between the endpoints.
1 Assignment
0 Petitions
Accused Products
Abstract
A method is provided in one example implementation and the method includes receiving a query for a policy (e.g., a multi-media session) that pertains to a selected one of first and second endpoints. Each endpoint interfaces with their respective session initiation protocol entity, which interacts with a session border controller (SBC). The method further includes negotiating credentials via a policy element and a selected SBC and determining, via a selected policy within the policy element, whether a requested communication session is prohibited or conducted between the endpoints. In more specific embodiments, each SBC makes a mapping between signaling entity information and pre-configured SBC virtual private network (VPN) information used for dynamic configuration of the communication session, and wherein a SIP [or other communication protocol] adjacency configuration is created, where adjacency characteristics are defined for each enterprise in which the endpoints reside.
447 Citations
19 Claims
-
1. An apparatus, comprising:
a policy element operable to receive a query for a policy that pertains to a selected one of first and second endpoints, wherein the first and second endpoints are two distinct entities, each endpoint being associated with a virtual private network (VPN), wherein the VPNs are disjointed, wherein interaction occurs between a session border controller (SBC) and a session initiation protocol (SIP) signaling entity, wherein each SBC makes a mapping between signaling entity information and pre-configured SBC VPN information, wherein credential negotiation occurs between the policy element and the SBC such that a selected policy within the policy element determines that a requested communication session is conducted between the endpoints, wherein the pre-configured SBC VPN information is used for dynamic policy configuration of the communication session, and wherein a local database is checked for a log of an existing call and for a prior configuration between the endpoints. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
14. A method, comprising:
-
receiving a query for a policy that pertains to a selected one of first and second endpoints, wherein interaction occurs between a session initiation protocol (SIP) entity and a session border controller (SBC), and wherein the first and second endpoints are two distinct entities, each endpoint being associated with a virtual private network (VPN), wherein the VPNs are disjointed, and wherein each SBC makes a mapping between signaling entity information and pre-configured SBC VPN information; negotiating credentials via a policy element and a selected SBC; determining via a selected policy within the policy element whether a requested communication session is prohibited or conducted between the endpoints, wherein the pre-configured SBC VPN information is used for dynamic policy configuration of the communication session if the communication session is conducted; and evaluating a local database for a log of an existing call and for a prior configuration between the endpoints, and wherein if an entry exists for the existing call, an expire timer is reset and the requested communication session is authorized. - View Dependent Claims (15)
-
-
16. Logic encoded in one or more non-transitory tangible media for execution and when executed by a processor operable to:
-
receive a query for a policy that pertains to a selected one of first and second endpoints, each endpoint being associated with a virtual private network (VPN), wherein the VPNs are disjointed, wherein interaction occurs between a session initiation protocol entity and a session border controller (SBC), and wherein the first and second endpoints are two distinct entities, and wherein each SBC makes a mapping between signaling entity information and pre-configured SBC VPN information; negotiate credentials via a policy element and a selected SBC; determine via a selected policy within the policy element whether a requested communication session is prohibited or conducted between the endpoints, wherein the pre-configured SBC VPN information is used for dynamic policy configuration of the communication session if the communication session is conducted; and evaluate a local database for a log of an existing call and for a prior configuration between the endpoints, and wherein if an entry exists for the existing call, an expire timer is reset and the requested communication session is authorized. - View Dependent Claims (17, 18)
-
-
19. A system, comprising:
-
means for receiving a query for a policy that pertains to a selected one of first and second endpoints, wherein interaction occurs between a session initiation protocol (SIP) entity and a session border controller (SBC), and wherein the first and second endpoints are two distinct entities that belong to two different enterprises, each endpoint being associated with a virtual private network (VPN), wherein the VPNs are disjointed; means for negotiating credentials via a policy element and a selected SBC; means for determining via a selected policy within the policy element whether a requested communication session is prohibited or conducted between the endpoints, wherein each SBC makes a mapping between signaling entity information and pre-configured SBC VPN information used for dynamic policy configuration of the communication session, and wherein a SIP adjacency configuration is created, where adjacency characteristics are defined for each enterprise in which the endpoints reside; and means for evaluating a local database for a log of an existing call and for a prior configuration between the endpoints, and wherein if an entry exists for the existing call, an expire timer is reset and the requested communication session is authorized.
-
Specification