HP lawful Interception and data retention „shared service model“
description
Transcript of HP lawful Interception and data retention „shared service model“
Adrian Kramer, Account Principal
Communication Media Solutions
HP lawful Interception and data
retention
„shared service model“
2
AGENDA
•Lawful Interception (LI) “The challenge”• Implications for Communications / Internet Service Providers
•The big challenge – IP-based services
•HP‟s LI solution overview and specifics
•„insight to Verint’s Lawful Interception
Software
•HP “shared service solution” how looks
the finance model?
•TelDas role in the “shared service
solution”
The lawful Interception
challenge:
The IP Service
4
There are more than one Internet Service Type
IP Service identification
1. Access to Internet
• WiFi Access, Radius Access, GPRS, .....
2. Transport over internet
• IP traffic
3. Services provided over Internet
• Surfing (html)
• VOIP
• Chat/IM
• FTP
• telnet
All of these services can
be encrypted or/and be
transported over an
encrypted channel
If encryption is not
stripped or the key are
made available, the
interception is pratically
unuseless
HP InvestigationSwiss Lawful Interception Utility
LEALEA
Large CSPLarge CSP
Medium CSPMedium CSP
Small CSPSmall CSP
Solution ArchitectureCurrent situation
Large CSP
Communications
network infrastructure
Mediation
Device
Probes /
Active
Interception
Small CSP
Communications network infrastructure
Legend
LI
Medium CSP
Communications network
infrastructure
CSP DR
solution
LEA
LEA Monitoring
Center
Request
Management
Users
Users
Users
ÜPF
Interception data “proxy”
Request
Management
LEALEA
Large CSPLarge CSP
Medium CSPMedium CSP
Small CSPSmall CSP
Solution Architecture
Large CSP
Communications
network infrastructure
Mediation
Device
Probes /
Active
Interception
Small CSP
Communications network infrastructure
Medium CSP
Communications network
infrastructure
CSP DR
solution
LEA
LEA Monitoring
Center
Request
Management
Users
Users
Users
ÜPF
Interceptio
n data
proxy
Request
Management
HP LI Utility
HP
Request Managemen
t
Users
HP
Mediation
Temp.
Probes/Active Interception
Temp/Perm
Probes/Active Interception
HI2/HI3
Verint IP-Probe
Introducing the IP-Probe
Real-time, passive interception of high speed networks
Deep packet inspection at layers 2-7
Large number of supported protocols and interception criteria
Unique architecture combining
• Ultra fast hardware for layer 1-4 filtering
• Highly Flexible software for layer 7 filtering& decoding
Range of Supported Protocols
Codecs
G711,G723
G726,G728
G729/A/BG722, GSM,
Speex, iLBC
IM & Social Networks
MSN
AOL IM
Yahoo IM
ICQ
Google Talk
Skype CDR
P2P
Kazaa
Emule CDR
Bittorrent CDR
Standard
Internet
FTP
HTTP Telnet NNTP
TCP/IP
GRE
IP-IP
ICMP
IPSec (ID)
TCP
IP
IPv6
UDP
Access
GTP
L2TP
Radius
DHCP
MIP
Mail / News
NNTP
Web-mail
WebDAV
SMTP
POP3
IMAP4VoIP/Video
RTP/RTCP
T.38
SIP
H.323
MGCP
Interception Criteria
Internet Access
Login name
Calling phone number
Mobile phone number
Mobile equipment ID
Agent remote ID
Eth/TCP/IP/UDP
MPLS
VLAN
MAC/ IP
Ports
IP Masks
Virtual Circuit
Other
URL
Cookie
Chat Nickname
Passwords
VoIP
Phone Numbers
URI’s
Equipment ID
Login name, Addresses
Display names
User part / Domain part
Keywords (+attachments)
HP-Verint Solution for Swinog
Suggested SolutionsHP – Verint Solution
Permanent Setup
Large ISP Medium ISP
On-demand Setup
Medium ISP Small ISP
STAR-GATE Components
Call Content
Delivery Function
Call Data
Delivery Function
Mediation Device
Global System
Administration
Health
Monitoring
Verification
Unit
Monitoring
Center
Access Probe
LEA
Database
ISP Premises
HP Central LI Service Center
Design Considerations
ISP SizeSolution
Parameters
HP “shared service solution”
how looks the finance model?
A sound portion of common sense (and the right components)
How do we make the price right
Hosting Requirements Partners Front-end
Communication & Media Solutions
Hosting Requirements Partners HP CMS
• Market
leaders
• Selected
based on
best match
• Primed by
HP
• Partners that
we can trust
• Commonality
• Best practices
• Predictable
roadmap
• The IP challenge
• HP Data Centres
• Large operations
advantage
• Extensive experience
• Excellent references
• Local presence
• Business
value focus
• Common
wins
• Operational
Efficiency
• Risk
Mitigation
• Governance
• Fair price
The right offering and the right price!
How do we make the model rightA sound portion of common sense (and the right components)
Almost as a group insurance policy
Full coverage - summary
Full LI coverage regardless the number of requested lawful interception
Provided as a SERVICE
Tier based (S/M/L) pricing
Well-defined boundaries
SLA as protection against penalties
HP takes care of the equipment
3-5 years contract
Fair price strategy
Price depends on overall volume
Legal
Administration
Security
TechnologyL I
TelDas role in the “shared
service solution”
Teldas as a neutral platform for
Telecom players in Switzerland…
Who is Teldas?
Founded in 1999 to support the introduction of Number Portability in
Switzerland, followed by INA in 2001 and VTA in 2008
Teldas GmbH’s shareholders are Orange, Sunrise and Swisscom
Teldas offers its services to most Swiss telecommunication
service providers…
Teldas central database has become the master in Switzerland
Open platform to all providers active on the Swiss telecom market
Decisions driven by the telecom branch through Working Group
participation open to all industry
Customer focus
Neutrality and non-discrimination
Individual Number
Allocation (INA)
All Swiss Service &
Directory Numbers are stored
in the central database. You
can manage INA numbers
and tariffs or query the
database for routing and
billing purpose.
What are the Teldas Services?
Operator Number
Portability (ONP)
We support your
administrative processes for
porting numbers between
operators, as well as the
query of the Swiss central
database of ported numbers
for routing purpose.
Subscriber Access
Fee (VTA)
You can download
the monthly files provided by
Swisscom with the detailed
wholesale charges for the
retail billing of your
subscriber access line.
Flexible organisation where users
can participate in decision making…
Teldas Shareholders
Teldas
Management
HP Helpdesk
Users: Telecom
Companies
Steering Committee:
Headgroup
Working Group 1 Working Group 2
Orange, Sunrise, Swisscom
Suppliers (Accounting,
Webmaster, Application…
Working Group 3…
External Project
Managers
Advantages Teldas as central
Platform for Lawful Interception
Long experience with regulated services in the telecom
domain
Experience with multiple stakeholders:
Flexible and low cost structure (modularly Working Groups,
external project managers)
Synergies : some infrastructure already exists (Service
Helpdesk, Operations & Maintenance, IP Connection,
interactive Webpage…)
Working group structure could easily be extended to Lawful
Interception with the creation of a new industry WG LI
Suppliers (HP…)
Implement
solution
Telcom Operators
Define common
processes
Bakom
obligations
Teldas’s role for Lawful Interception
Neutrality
Watchdog
Customer focus
Service available to all
operators, independent entity
fair prices (prices to reflect effective
costs) based on fair obligations
Working Groups open to all ISPs and TSPs
(smaller companies can be represented
through associations like SWINOG)
Processes, new features, new obligations discussed within
Teldas Working Groups
WG to liaise with ÜPF and HP to put in place cost efficient
solutions that best fit the authorities' needs