Private IP communications systems, such as private IP telephony systems, typically comprise a communications server connected to an external communications network, such as a public switched telephone network (PSTN), and a private data network (i.e. a converged IP network). IP endpoints, such as IP telephones (e.g., Avaya Call Manger Definity™ products), are connected to the private data network and provide for IP communications under the control of the communications server. In addition to the IP endpoints used in connection with communications, a customer's private data network typically includes data processing and storage components, such as server computers, client computers and network storage devices. Thus, giving a third party access to the customer's private data network so the third party has access to the IP endpoints, such as for support and troubleshooting of the IP communications system, increases security risks associated with the private data network. Since the third party does not typically need access to the private data network except for limited actions related to communicating with the IP endpoints, the increased security risks are typically not warranted. Furthermore, access to customer devices on the private data network other than the IP endpoints and other components provided as part of the private IP communications system is not necessary for the third party to support and troubleshoot the customer's IP communications system. Thus, the risk of accidental or intentional actions that may damage the private data network should be minimized by limiting the third party's access to only the portions of the network that the third party actually needs to access.
While the third party would typically have access to a communications server attached to an external communications network, the communications server is also typically isolated from the customer's private data network. For example, since the communications server controls sensitive communications such as 911 emergency calls, the communications server is usually isolated from the private data network to prohibit access to the communications server from users of the private data network.
Thus, when the customer's communications system requires support or troubleshooting of the IP endpoints located on the customer's private data network, the third party must send a technician to the location of the private data network. The technician is assigned an IP address and connects to the private data network to access the IP endpoints. The technician, for example, may utilize a maintenance information bulletin (MIB) browser to read configuration or operating information from the IP endpoints. After the technician has collected the required information, the technician typically disconnects from the private data network, establishes a remote connection with the third party's network and forwards the retrieved information back to the third party for analysis.