Inspection of data channels and recording of media streams

We claim: 1 . A method comprising: receiving, from a first endpoint, a request for communication with a second endpoint, using browser based real time communication; identifying, using a processor, a control protocol based on the request for communication; receiving one or more write keys from the first endpoint; and monitoring, using the processor, communication between the first endpoint and the second endpoint using the one or more write keys. 2 . The method of claim 1 , further comprising: enforcing a security policy on the communication between the first endpoint and the second endpoint. 3 . The method of claim 2 , wherein the security policy includes the identification or removal of malicious packets or malicious software. 4 . The method of claim 2 , wherein the security policy includes recording or forwarding the communication between the first endpoint and the second endpoint. 5 . The method of claim 2 , wherein the security policy includes filtering data based on the type of data or content of the communication between the first endpoint and the second endpoint. 6 . The method of claim 1 , further comprising: generating a key request listing the control protocol; and sending the key request to the first endpoint. 7 . The method of claim 6 , wherein the control protocol is port control protocol (PCP) and the key request is included in a PCP option of a MAP or PEER response. 8 . The method of claim 6 , wherein the control protocol is a traversal around relays using network address translation (TURN) protocol and the key request is included in a session traversal utilities for network address translation (STUN) attribute of a permission response. 9 . The method of claim 6 , further comprising: starting a timer in response to the key request, wherein the communication between the first endpoint and the second endpoint is blocked if the one or more write keys from the first endpoint are not received before the timer reaches a predetermined time period or if the key request is declined. 10 . The method of claim 1 , further comprising: identifying a subsequent negotiation between the first endpoint and the second endpoint; and determining whether one or more write keys have been received that correspond to the subsequent negotiation between the first endpoint and the second endpoint. 11 . The method of claim 1 , wherein receiving one or more write keys from the first endpoint further comprises: receiving a first write key for a media channel; and receiving a second write key for a data channel. 12 . An apparatus comprising: a communication interface configured to receive, from a first endpoint, a request for communication with a second endpoint, using browser based real time communication; and a processor configured to identify a control protocol based on the request for communication and monitor communication between the first endpoint and the second endpoint using one or more write keys received from the first endpoint. 13 . The apparatus of claim 12 , wherein the processor is configured to enforce a security policy on the communication between the first endpoint and the second endpoint. 14 . The apparatus of claim 13 , wherein the security policy requires portions of the communication between the first endpoint and the second endpoint to be recorded. 15 . The apparatus of claim 13 , wherein the security policy includes the identification or removal of malicious packets or malicious software. 16 . The apparatus of claim 13 , wherein the security policy includes filtering data based on the type of data or content of the communication between the first endpoint and the second endpoint. 17 . The apparatus of claim 12 , wherein the processor is configured to generate a key request for the first endpoint and the key request lists the control protocol. 18 . The apparatus of claim 17 , wherein the processor is configured to start a timer in response to the key request, wherein the communication between the first endpoint and the second endpoint is blocked if the one or more write keys from the first endpoint are not received before the timer reaches a predetermined time period. 19 . A method comprising: sending, from a first endpoint, a communication initiation message with a second endpoint, using browser based real time communication; receiving, from an intermediary device, a request to advertise write keys in response to the communication initiation message; sending one or more write keys in response to the request to advertise write keys; and sending communications to a second endpoint, wherein the communications are monitored by the intermediary device using the one or more write keys. 20 . An apparatus comprising: a processor; and a memory storing instructions that when executed are configured to cause the processor to: generate a communication initiation message from a first endpoint to a second endpoint, using browser based real time communication; receive, from an intermediary device, a request to advertise write keys in response to the communication initiation message; send one or more write keys in response to the request to advertise write keys; and send communication to a second endpoint, wherein the communication is checked under a security policy by the intermediary device using the one or more write keys.