Cloud PBX core
Extensions, ring groups, inbound and outbound routing with trunk failover, weekly business-hours modes and holidays, voicemail with message-waiting indication, IVR audio prompts, and class-of-service dialing controls.
The communications appliance Coming soon
One platform for every conversation, on hardware you own.
A full PBX, integrated call center, carrier trunking, compliant call recording, and live operational visibility — unified in one multi-tenant, standards-based appliance you own and control.
Executive summary
Pentacomm consolidates the systems an organization normally buys separately — a phone system, a contact-center suite, a session border controller, and a call recorder — into a single, self-contained appliance managed from one web console. It runs on your own hardware or private cloud, so calls, recordings, and customer data never leave your control.
Because Pentacomm is multi-tenant at its core, one appliance can serve many departments, sites, or customers in complete isolation. And because it speaks open telecom standards end to end, it interoperates with any SIP carrier and any standards-based phone or browser — with no proprietary lock-in at the protocol layer.
Why it matters
Capabilities
Each area below is production-ready today and managed from the same console, with role-based access for administrators, supervisors, and agents.
Extensions, ring groups, inbound and outbound routing with trunk failover, weekly business-hours modes and holidays, voicemail with message-waiting indication, IVR audio prompts, and class-of-service dialing controls.
Queues and agents, an in-browser WebRTC softphone (no plugins), a live wallboard, supervisor KPI reports and QA scoring, scheduled callbacks, and self-service agent and supervisor portals.
SIP trunks in register, auth, or peer mode with ordered failover and per-trunk caller-ID rules. A hardened media edge terminates SRTP / DTLS so every leg — carrier, desk phone, or browser — is encrypted.
Per-tenant call recording encrypted with dedicated keys. GDPR consent announcements, DTMF opt-out, periodic beep, and supervisor pause / mask keep you on the right side of regulation.
Searchable call-detail records with CSV, XLSX, and PDF export; a real-time dashboard of live calls and registrations; a GDPR-grade audit log; and live diagnostics for operations teams.
Strict per-tenant isolation enforced in the database, role-based access control, TLS throughout, and an offline license bound to the hardware to prevent cloning.
What sets Pentacomm apart
The bottom line
Fewer vendors. Lower cost. Full control of your data — and the compliance evidence to prove it.
Technical architecture
Pentacomm is a layered, single-appliance stack. A SIP proxy handles all signalling at the network edge; a media relay is the sole path for audio, so the media/application server never faces the public network. A REST backend drives configuration and real-time control, and every tenant's data is isolated in the database.
| OpenSIPS | SIP edge — proxy, registrar and load balancer. Terminates SIP-over-UDP/TCP, SIP-TLS and SIP-over-WebSocket (WSS); performs request validation, authentication, per-source flood protection and NAT keepalive. |
|---|---|
| FreeSWITCH | Back-to-back user agent and application server — dialplan, IVR, voicemail, recording and conferencing. Reachable only over the internal loopback; never exposed to the public network. |
| rtpengine | Media edge — the single public RTP/SRTP path for every leg (carrier, desk phone, browser). Terminates DTLS-SRTP and SDES-SRTP; the application server stays on plain RTP behind it. |
| FastAPI backend | REST API and control plane — drives OpenSIPS (MI) and FreeSWITCH (ESL), renders configuration, streams live events, and issues/validates the offline license. |
| Angular frontend | Web admin console plus dedicated agent and supervisor portals, and a browser WebRTC softphone (sip.js) — no plugins or desktop client required. |
| PostgreSQL | System of record with row-level security per tenant and dedicated least-privilege roles for the app, the CDR writer and the recording encryptor. |
| 443 / TCP | HTTPS — admin console, REST API and WebRTC signalling proxy (TLS). |
|---|---|
| 5060 / UDP,TCP | SIP signalling (OpenSIPS), advertising the appliance address. |
| 5061 / TCP | SIP-TLS for native encrypted desk phones (IANA sips port). |
| 7443 / TCP | SIP-over-WebSocket Secure (WSS) for browser softphones. |
| 30000–30499 / UDP | RTP / SRTP media range served by rtpengine for every call leg. |
| Base OS | Debian 13 (Trixie) appliance — bare-metal, VM or private cloud. |
|---|---|
| Delivery | Native Debian packages via a managed apt channel; a single install brings up the whole stack. |
| Data store | PostgreSQL (row-level security); separate database for voicemail/recording metadata. |
| Codecs | G.711 (A-law / µ-law), G.722, G.729 and Opus for audio; VP8 / H.264 for video paths. |
| Endpoints | Browser WebRTC softphone (sip.js) on desktop and mobile browsers; standards-based desk phones and SIP softphones over SIP-TLS. |
| Releases | Semantic-versioned, CI-gated builds validated by an automated SIP call-flow suite. |
Product roadmap
The platform evolves on a published roadmap. The following capabilities are in active development, building on the same standards-based foundation.
A drag-and-drop call-flow builder — design menus, prompts, business-hours branches, queue and voicemail targets on a visual canvas, with no scripting. Publishes straight to the live dialplan.
Classic menu-driven auto-attendant — multi-level DTMF menus, time-of-day routing, prompt playback and directed call handling, configured from the same console.
Multi-party audio conferencing with PIN-protected rooms, moderator controls (mute, kick, lock) and scheduled or ad-hoc bridges — secured by the same SRTP media edge.
Conversational, natural-language self-service — speech-to-text, intent understanding and text-to-speech let callers be routed and served by voice, with graceful hand-off to a live agent.
Who it is for
Deployment & operations
See Pentacomm running on a live appliance and PentaPhone registered against it — or against your existing SIP platform. Talk to us about a proof-of-concept, licensing, and deployment.
Talk to us