Overview

PBXControl enables technicians to reach and connect remote PBXs through the configuration serial port or a LAN port. The system supports the necessary protocols to run all known configuration packages remotely including those specifically written to run only on a direct local serial link. There's no operational difference between accessing a remote PBX using PBXControl or traveling to the PBX's location for a local cable access since all functionalities are available right out of the box to the maintenance tool.

In a typical scenario, a PBX is connected to an InfraNode hardware controller through its configuration serial port. The InfraNode is able to connect an InfraReachServer using multiple paths, both IN-BAND and OUT-OF-BAND, depending on its configuration: normally, the InfraNode will work IN-BAND, reaching the InfraReachServer via the corporate LAN and/or the internet . Optionally an InfraGate can be deployed in parallel with the firewall to serve as a high encryption dedicated gateway only for the purpose of the InfraReach connection, thus avoiding any re-configuration of the company's security setup.

In addition to the normal network connection, the InfraNode can be configured to use an OUT-OF-BAND PSTN dial-up connection to an internet service provider (ISP) or a GSM/GPRS connection as an emergency backup of the existing connectivity. Once connected to the InfraReachServer, the InfraNode authenticates itself using the IP Power Technologies Security Standard that guarantees verification of the identity of the controller and a safe exchange of session keys.

On the other side, the technician's PC is running the InfraClient software that, using a 1024-bit RSA key, stored on a scrambled pass-phrase protected file nornally located on a removable USB memory device, is able to reach the InfraReachServer and authenticate with it just like the InfraNode does.

After both sides have successfully authenticated themself with the InfraReachServer, a secure tunnel is established over a direct IP connection between the InfraClient and the InfraNode, no matter what kind of connectivity is used between them (the Internet or a Local LAN ).

At this point, in case of a serial remote connection, a virtual serial port is created inside the technician's PC: this port is mapped, through the secure IP tunnel, to the PBX's serial configuration port and any command sent to the virtual port is automatically forwarded to the remote serial port of the PBX. This way, any maintenance tool is able to securely reach and operate the remote PBX by selecting the virtual serial port as the port the tool will operate from.

Access to the remote PBX's ethernet port is just as easy: the only difference will be the creation, on the technician's PC, of a virtual network interface instead of a virtual serial port and the remote PBX will be reachable by the maintenance tool through the encrypted IP tunnel cheated ad hoc for this connection.

Step-by-step to secure remote maintenance

To the user, performing a maintenance session on a remote PBX using PBXControl requires some very simple steps:

	1. The user navigates with his browser to the address of the InfraReachServer and logs in. The InfraReachServer's web interface shows a list of remote devices the user has rights to access. Overall, the web interface is as easy to use as a usual web site or portal.
	2. Near to the name of the remote PBX he wants to access, the user clicks the "Connect to this PBX" link. The virtual serial port is transparently created in the background.
	3. No additional operations are usually required to the user: any serial (or network in case of connection to the PBX's ethernet port) maintenance tool can be used on the virtual port just as if the connection were established locally using a cable.

The advantages of this approach are multiple: first, the connection to the remote PBX is completely automated and secure: the login procedure is usualy performed by the InfraReachServer via the InfraNode. In addition, all devices are managed centrally making it easier than ever to maintain any large TLC infrastructure. Access mode is fully customizable allowing the user to choose the most appropriate tool for every different PBX.

PBXControl also supports a complete range of alarming functionalities triggering selected events as they happen. Any fault is immediately tracked by the InfraNode connected to the PBX and all collected data is sent to the InfraReachServer where all details about the state of health of the device are available.

This functionality is key to prevent critical or even dangerous situations by making technicians aware of the incoming problem on time thanks to the prompt alarm notification done via email or even SMS: a fine-grained configuration of the alarm reaction is available on a customizable alarm severity basis.

By connecting to the InfraReachServer with his Internet browser, the user has immediate visibility on the state of health of the monitored PBXes. In addition, a complete history of the alarms is available along with a detailed view of each alarm. The technician can also handle each single alarm or groups of alarms and store and track all the intervention made to solve the fault. This means auditing and control easy and reliable.