Videoconferencing provides a convenient way for users in distant locations to participate in a face-to-face meeting, without having to spend time and money traveling to a central meeting site. Many prior videoconferencing systems have been based on circuit switched Integrated Services Digital Networks (ISDN) standards. ISDN lines typically offer guaranteed quality of service, with specialized lines having high transmission rates. This enables high-quality video and audio signals to be delivered to the conferencing participants. However, ISDN videoconferencing is extremely expensive, because ISDN lines are costly to install and lease, and because specialized hardware is required at the sites of the users. Because of this expense, ISDN videoconferencing systems are typically offered in a specialized videoconferencing room, rather than at each desktop computer of each employee in an enterprise. In addition, ISDN can be complicated to set up, and unreliable. ISDN calls on average take more than 10 minutes to set-up, and greater than 10% of calls are dropped without being completed.
Recently, another approach to videoconferencing has emerged for use on packet-switched Internet Protocol (IP) networks, using the H.323 and Session Initiation Protocol (SIP) standards. H.323 is a standard approved by the International Telecommunication Union (ITU) in 1996 to promote compatibility in videoconference transmissions over IP networks. SIP is a proposed Internet Engineering Task Force (IETF) standard for multimedia communication over IP networks.
Videoconferencing over IP networks has a number of fundamental problems, including security, bandwidth utilization, quality of service, and deployment and management. Regarding security, H.323 and SIP are difficult to implement with current firewalls. The difficulty lies in the fact that H.323 and SIP are complex protocols and use multiple dynamically allocated ports for each call. Because of the heavy use of dynamically allocated ports, it is not possible to preconfigure firewalls to allow SIP- or H.323-signaled traffic without opening up large numbers of holes in the firewall. This represents a more lax firewall policy than would be acceptable at most enterprises. In addition, SIP or H.323 video endpoints behind a firewall typically cannot receive calls from external parties due to firewall policies in place at most enterprises.
Many enterprises also deploy Network Address Translation (NAT) devices, often implemented as part of a firewall application, to connect the enterprise network having private IP unregistered addresses to a public IP network with globally unique registered addresses. NAT is generally used for two purposes: 1) as a mechanism to work around the problem of IPv4 address space depletion, and 2) for security purposes (to hide internal IP addressing policy from outside entities. A NAT device rewrites IP headers as packets pass through the device. The NAT device maintains a table of mappings between IP addresses and port numbers. The problem with sending H.323 and SIP traffic through a NAT device is that these protocols make heavy use of embedded IP addresses, while normal data traffic contain IP address in the header of each packet. While configuring a NAT to rewrite packet headers to change addresses is relatively straightforward, it is very difficult to configure a NAT to translate addresses that are embedded in H.323 and SIP traffic, because the location of these address in these data stream is difficult to calculate.
Regarding bandwidth utilization, in order to achieve a quality sufficient for business videoconferencing, a minimum of 384 Kbps bandwidth is generally required per videoconferencing participant. Multiple users simultaneously engaged in videoconferencing applications may use up available bandwidth on a local area network (LAN), slowing down other critical network operations. Current systems do not allow a network administrator to control easily the bandwidth usage of multiple network users. Therefore, network administrators are reluctant to deploy videoconferencing systems.
Regarding quality of service, typical IP networks do not provide guaranteed transmission speeds for videoconferencing data. Videoconferencing data generally is indistinguishable from other data on IP networks, such as email and web page data. Data on IP networks may be delayed due to network congestion. While small delays are generally not a problem for less time sensitive data such as email, it can severely affect picture and audio quality for videoconference participants.
The above discussed issues lead to another problem with current videoconferencing systems, namely, that enterprises cannot easily outsource videoconferencing services to outside service providers. Currently, service providers are not able to cost-effectively provide videoconferencing services to a large number of subscribers, because specialized equipment must be deployed or existing equipment must be upgraded at every subscriber site. This results in an expensive up-front capital investment as well as significant operational expenses for the service provider. Up-front equipment installations take time at each subscriber, resulting in a slow deployment of the videoconferencing capabilities to subscribers. In addition, the high up-front costs result in decreased service provider profit margins. It is difficult to grow such a service because each subscriber adds to an incremental growth in the capital equipment pool because these resources are not shared.
Because of the cost and reliability issues with ISDN, and because of the security, bandwidth utilization, quality of service, and deployment and management issues with H.323 and SIP, it is difficult for the average enterprise to upgrade and customize its network to enable videoconferencing. In addition, it is difficult for service providers to cost-effectively provide an outsourced videoconferencing service on a per-subscriber basis. Thus there exists a need for a videoconferencing system, method, and device for delivering secure, high-quality videoconferencing services over an IP network to multiple enterprise subscribers in a manner that does not require expensive upgrading and customization of the enterprise network.