CryptoPhone CP600G

CPIP Server System

The GSMK CryptoPhone IP server system allows you to run private, self-hosted CryptoPhone networks with on-premise call switching systems.

Protected Encrypted Communication

GSMK CryptoPhone IP servers exclusively provide private call switching and presence services. They are not involved in the call and message encryption process since communication between GSMK CryptoPhones is always end-to-end encrypted. All voice and message encryption functionality resides exclusively on the users’ phones. This ensures that even if a GSMK CryptoPhone IP server is captured by hostile elements, it remains impossible to compromise the security of encrypted communications.

Maximum Reliability

Each CryptoPhone IP server element is scalable to multiple hardware nodes per element. GSMK CryptoPhone infrastructure elements are implemented in Erlang to achieve true carrier-grade reliability, scalability and redundancy.

CryptoPhone IP server systems are scalable from small groups to very large corporate and government-wide systems capable of serving hundreds of thousands of simultaneous encrypted calls.

All system state is held in a distributed database that can be spread over multiple hosts via VPN interconnects to provide maximum reliability, allowing clients to build distributed private, fault-tolerant, non-stop CryptoPhone IP networks. Changes to a running server can be made at runtime without stopping productive operations, so updates do not interrupt communications.

Features

The presence server keeps in regular contact with all GSMK CryptoPhone end user devices registered on the private network to ensure reachability, regardless of how and where each CryptoPhone connects to the network.

In this capacity, the presence server functions as the point of contact between individual CryptoPhones. When one CryptoPhone calls another CryptoPhone that is registered with a particular presence server, the server checks whether the called phone is online and notifies that phone of the incoming call. When the call is picked up, the presence server requests a trunk connection at the trunk server and hands over the trunk information to both calling and called party.

The trunk server connects the end-to-end encrypted data streams of two GSMK CryptoPhones, as directed by the presence server. Its sole purpose is setting up and maintaining this connection until one of the parties hangs up. Trunks have different types, for messages and for streaming data.

Administration of a private server infrastructure is straightforward and accomplished via a web-based user interface. Administrators can add and remove users to and from the private network either manually or based on individually configured rule sets.

All administrative functions only control access to the private network. By design, GSMK CryptoPhone IP servers exclusively perform call and message routing functions, completely independent from and without any information about the encryption processes performed by the individual phones.

Deployment options include 19” rack-mounted servers for deployment in data centers as well as 19”/2 ruggedized, MIL-STD-810F & MIL-STD-461E compliant servers for mobile deployment in extreme environments.

Backhaul options: The GSMK CryptoPhone server system supports a wide range of backhaul connections - from high-speed fixed-line Ethernet satellite and/or terrestrial wireless IP data links for land-mobile and naval applications.

Scalability options: Available in configurations from small yet fully redundant stand-alone systems for small groups to distributed, fault-tolerant server networks for CryptoPhone IP mass deployments throughout large organizations.

Configurability: Freely configurable levels of isolation from walled-off private networks to IP PBX integration with virtual extensions.

Optional accessories for private server systems include IP54, MIL-STD-810F and MIL-STD-461E compliant uninterruptible power supplies as well as shock and vibration-absorbing mounts with passive cooling for mobile deployment in conjunction with tactical wireless network systems.

The CryptoPhone Group Manager provides centralized management of secure contacts and call groups for a private fleet of CryptoPhone mobile and desktop devices. It allows administrators to compartmentalize an existing private infrastructure and set up closed user groups by defining individual signaling permissions in a way that reflects an organization’s communication structures.

As a software solution with a browser-based frontend, the Group Manager is easy to use and runs in your private CryptoPhone infrastructure, hosted on your own servers.