EduCause LI Overview February 2007

Slides:

Advertisements

Similar presentations

Lawful Intercept Briefing

Advertisements

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 8: Monitoring the Network Connecting Networks.

1 © 2005 Cisco Systems, Inc. All rights reserved. Craig Mulholland Consulting Engineer February 8, 2006 Cisco Systems Lawful Intercept Capabilities The.

Tom Behrens Adam Muniz. Overview What is VoIP SIP Sessions H.323 Examples Problems.

Voice over IP Fundamentals

© 2004, NexTone Communications. All rights reserved. Introduction to H.323.

© 2006 Cisco Systems, Inc. All rights reserved. Optimizing Converged Cisco Networks (ONT) Module 2: Cisco VoIP Implementations.

Copyright © 2005 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 Using COTS Routers for Lawful Intercept Annual Member Meeting.

CALEA Compliance in 2006 H. Michael Warren Vice President, Fiduciary Services NeuStar, Inc February 2006.

1 © 2006 Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Using the Cisco Technical Support & Documentation Website for Voice Issues.

Overview of CALEA Conformance Proposed Standard PTSC-LAES R6 Manish Karir, Merit – Research and Development.

Cisco Architecture for Lawful Intercept in IP Networks October 2004,rfc3924 Author(s): F. Baker,B. Foster,C. Sharp.

Building Applications Using SIP Scott Hoffpauir Vice President, Engineering Fall 1999 VON, Atlanta.

1 © 2002, Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Lawful Intercept Case Study Harvard Law School November 12, 2003.

Internet Telephony Helen J. Wang Network Reading Group, Jan 27, 99 Acknowledgement: Jimmy, Bhaskar.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

CALEA: The Communications Assistance for Law Enforcement Act Doug Carlson, Executive Director, Communications and Computing Services, NYU Mark Luker, Vice.

VOIP ENGR 475 – Telecommunications Harding University November 16, 2006 Jonathan White.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

Microsoft ® Application Virtualization 4.6 Infrastructure Planning and Design Published: September 2008 Updated: February 2010.

CALEA Discussion EDUCAUSE MARC Conference Wilson Dillaway, Tufts University Doug Carlson, New York University January 18th, 2007.

Is VoIP Dead? Where Does it Stand? James Rafferty Product Line Director, Dialogic September 3, 2009.

CALEA Discussion Network Policy Council February 4, 2007.

DECISION Group Inc.. Decision Group Mediation Device for Internet Access Provider.

1 Leveraging SS7 to Deliver IP Services Carl Bergstrom Director – IN & IP Services VeriSign Telecommunication Services Internet Telephony Conference, February.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

February 25, Infrastructure-ENUM Secure, Private, Next Generation Addressing Infrastructure Douglas J. Ranalli Founder, Chief Strategy Officer NetNumber,

RIPE64 Enum Working Group DE-CIX NGN Services.

Protocols and the TCP/IP Suite

Application-Layer Mobility Using SIP Henning Schulzrinne, Elin Wedlund Mobile Computing and Communications Review, Volume 4, Number 3 Presenter: 許啟裕 Date:

Agenda Welcome – Don Welch Introduction to CALEA – Mary McLaughlin Non-CALEA Assistance Obligations – Beth Cate CALEA Update – Matt Brill Making the Compliance.

CALEA Market Overview Robert Golden Chief Research Officer Merit Network CALEA and Beyond January 31, 2007.

CALEA Discussion Internet2 Joint Techs July 19, 2006 Doug Carlson Executive Director, Communications & Computing Services New York University

Call Control with SIP Brian Elliott, Director of Engineering, NMS.

B2BUA – A New Type of SIP Server Name: Stephen Cipolli Title: System Architect Date: Feb. 12, 2004.

Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. Emergency Services & Regulatory Compliance Internet Telephony.

Existing PBX Existing Phone Handsets Numbering Plan to digit Internal extensions 9 for an outside line 3 digits.

CALEA Communications Assistance for Law Enforcement Act October 20, 2005.

The University of Bolton School of Games Computing & Creative Technologies LCT2516 Network Architecture CCNA Exploration LAN Switching and Wireless Chapter.

CALEA and J-STD-025 revisions. CALEA  Communications Assistance for Law Enforcement Act (1994)  Standardized access to telecommunications systems using.

1 © 2008 Avaya Inc. All rights reserved. Enterprise Infrastructure Anne L Coulombe Global Unified Communications Solutions September.

 Working Group 2: Optimal Approach to NG9-1-1 Architecture Implementation by PSAPs Status Report September 29, 2015.

IP Network Clearinghouse Solutions ENUM IP-Enabling The Global Telephone Directory Frank Estes Vice President , ext 224

Sridhar Ramachandran Chief Technology Officer Core Session Controller.

CALEA Status Overview Common Solutions Group September 20, 2006 Doug Carlson Executive Director, Communications & Computing Services New York University.

1 Networking Chapter Distributed Capabilities Communications architectures –Software that supports a group of networked computers Network operating.

A Conference Gateway Supporting Interoperability Between SIP and H.323 Jiann-Min Ho (Presenter) Jia-Cheng Hu Information Networking Institute Peter Steenkiste.

Evolution towards the Next Generation Network

CALEA Communications Assistance for Law Enforcement Act Current Campus Perspective of Implementation Issues November 17, 2005 Doug Carlson – New York University.

CALEA Discussion Institute for Computer Policy and Law June 28, 2006 Doug Carlson Executive Director, Communications & Computing Services New York University.

Communications Assistance for Law Enforcement Act & Higher Education: or How I Learned to Stop Worrying and Love Wiretaps Terry Hartle American Council.

CALEA IMPLEMENTATION IN VoIP NETWORKS By Cemal Dikmen, Ph.D. General Manager Lawful Intercept Products SS8 Networks, Inc. Thursday - 02/24/05, 8:15-9:00am.

 Introduction – Consumer Market  Benefits – Operational Cost & Flexibility  Challenges – Quality of Service & Securing VOIP  Legal Issuers  Risk.

CS460 Final Project Service Provider Scenario David Bergman Dong Jin Richard Bae Scott Greene Suraj Nellikar Wee Hong Yeo Virtual Customer: Mark Scifres.

12,302,337,422,54 12,30 5,93 1,06 1,27 8,27 Location Dependent Interception Joint meeting SA 3 LI & TC LI Portugal July 2004 TD08 Bernhard Spalt.

Richard Gurdak International Development Blue Ridge Networks Service Providers and Lawful Intercept.

CALEA General Session February 6, CALEA Communications Assistance for Law Enforcement Act Basic purpose: to provide an easier way for Law.

DECISION Group Inc.. Decision Group Monitoring Center Solution on Internet Access for LEA or Intelligence.

February 24, 2004 TR-45 Lawfully Authorized Electronic Surveillance (LAES) Packet Solutions Industry Meeting March 19 th, 2004 Terri L. Brooks Chair TR-45.

Voice Over Internet Protocol (VoIP) Copyright © 2006 Heathkit Company, Inc. All Rights Reserved Presentation 5 – VoIP and the OSI Model.

© 2002, Cisco Systems, Inc. All rights reserved..

Rohde & Schwarz Topex TOPEX IP Radio Gateway July 2011.

Welcome to Hosted VoIP Scott Dike Sr. Product Manager 8x8 Inc.

CALEA TAMU ITEC Walt Magnussen, Ph.D. Director TAMU ITEC Joint Techs, February 2007.

1 © 2003, Cisco Systems, Inc. All rights reserved. CISCO CONFIDENTIAL Cisco SP Voice solutions Review Ching-Ying Tong

Network Admission Control: A Survey of Approaches Educause 2008

VoIP ALLPPT.com _ Free PowerPoint Templates, Diagrams and Charts.

IP Telephony (VoIP).

Session Initiation Protocol

VOICE AND VIDEO OVER IP VOIP, RTP, RSVP.

Presentation transcript:

EduCause LI Overview February 2007 Craig Mulholland (crmulhol@cisco.com)

Disclaimers It is Cisco's intent to support its customers by developing products that will help them meet the requirements of the law Customers are strongly advised to seek qualified legal counsel to advise them about the extent of their obligation under Lawful Intercept regulations and laws in each country in which they operate The Contents of this Presentation Do Not Constitute Legal Advice nor Does Cisco Guarantee the Accuracy or Completeness of Such Information

Agenda Regulatory Changes T1.IAS - Lawful Intercept for Internet Access and Services (IAS) (US only) Implementation Options Service Independent Intercept (SII) Architecture

Regulatory Changes

Regulatory Changes United States (US) – Compliance Deadline: 24 September 2005 – FCC issued First Order – CALEA applies to interconnected VoIP and facilities-based Broadband Internet Access 3 May 2006 – FCC issued Second Order – defers definitions to standards, affirms deadline 5 May 2006 – Appeals court oral arguments on First Order 9 June 2006 – Appeals court affirmed FCC decision to apply CALEA to interconnected VoIP and facilities-based broadband Compliance Deadline: 14 May 2007

Regulatory Changes

LI Architecture Requirements Service Provider must be able to provide: Communication-Identifying Information (CmII) Dialed Digits (Voice Calls) Subject login (data) Network Addresses (& ports??) (data) Content of Communication (CC) Audio Content of Voice Call Packets to/from subject Must be able to correlate Communication Identifying Information with Content of Communication

T1.IAS Lawful Intercept for Internet Access and Services

T1.IAS Lawful Intercept for Internet Access and Services (IAS) Issue S086 - Ballot Closed 11/14/2006 13 “YES” Votes - 8 with comments 3 “NO” Votes 3 abstentions Interim Meeting Austin, 29 - 30 November to resolve Ballot comments Law Enforcement “NO” votes unresolved - “buffering issue” Default Ballot recommended at close of meeting Default Ballot closed in January 1 “Yes” vote changed to “No” 1 “No” vote changed to “Yes” Comment resolution scheduled for February meeting

T1.IAS T1.IAS divides the subject’s session into two states The “Access Session” state - logon, logoff, and failure or rejection events during the logon process The “Packet Session” state - subject has been granted access to the Internet and is ready to transfer data Not all networks can report all events, eg. “always on” scenarios may not be able to report some access events

What is Communication Identifying Information (CmII) for Internet Access?? Access Session Events – Access Attempt, Access Accepted, Access Failed, Access Session End, Access Rejected, Access Signaling Message Report Packet Session Events - Packet Data Session Start, Packet Data Session Failed, Packet Data Session End, Packet Data Session Already Established, Packet Data Header Report, Packet Data Summary Report Packet Data Header Report, and Packet Data Summary Report are used to report Packet Header information for Internet sites visited by the subject

T1.IAS - Communication Identifying Information (CmII) AAA Server (Cisco Access Registrar, Other) Collection Function LEA Mediation Device IRI IRI Access Attempt: Case ID, IAP, Time, Subscriber ID Access Request Target Subscriber Aggregation Router Data Stream

T1.IAS - Communication Identifying Information (CmII) AAA Server (Cisco Access Registrar, Other) Collection Function LEA Mediation Device IRI IRI Access Accepted: Case ID, IAP, Time, Subscriber ID, Access Session ID Target Subscriber Access Accept Aggregation Router Data Stream

T1.IAS - Communication Identifying Information (CmII) AAA Server (Cisco Access Registrar, Other) Collection Function LEA Mediation Device IRI Intercept Request Intercepted Data Packet Data Session Start: Case ID, IAP, Time, Subscriber ID, Packet Session ID, IP Address Target Subscriber Aggregation Router Data Stream

T1.IAS - Communication Identifying Information (CmII) AAA Server (Cisco Access Registrar, Other) Collection Function LEA Mediation Device IRI Packet Data Header Report: Case ID, IAP, Time, Packet Session ID, IP Packet Headers Intercept Request Intercepted Data Target Subscriber OR Packet Data Summary Report: Case ID, IAP, Time, Packet Session ID, IP Packet Header Summary reports Aggregation Router Data Stream

T1.IAS - Communication Identifying Information (CmII) AAA Server (Cisco Access Registrar, Other) Collection Function LEA Mediation Device IRI CC Intercept Request Intercepted Data Content Delivery, if authorized Target Subscriber Aggregation Router Data Stream

T1.IAS - Issues $$ Buffering/Short term Storage – Law enforcement has requested buffering and file management, not included in standard - Alternate standard for buffering in progress IP Packet Headers – port numbers required as a result of ballot comment resolution

Implementation Options

Passive Equipment Involves placement of new equipment in strategic locations in the network to access ‘signaling’ and ‘content’ information of interest. Pros: Does not require changes to existing network element hardware and/or software Cons: Additional equipment required. Amount of equipment required can be reduced by physically moving equipment, as required. Additional O&M costs Not capable of intercepting information that remains local to the edge network element Cost: Passive equipment: $35K +++ ea. Mediation Device: $75K + (based on number of subscribers)

Intercept Capable Network Elements Adds interception capability to existing network elements Pros: Reduced cost by leveraging existing infrastructure Reduced O&M costs Cons: Functionality may not be supported on all platforms in the network. If it is supported, hardware upgrades (memory, processor, etc.) may be required Interception introduces an impact to network element performance Cost: Network element S/W licenses: $0 - $15K+ ea Mediation Device: $75K + (based on number of subscribers)

Hybrid Combination of passive equipment and intercept support Provides flexibility of passive equipment solution with cost advantages of intercept support on network elements Augments network element intercept capability Offloads network element for large bandwidth intercepts Pros: Most comprehensive and cost effective solution Most flexible solution for CALEA compliance in multi-vendor network Cons: Somewhat higher O&M and equipment costs Cost: Network element S/W licenses: $0 - $15K+ ea Passive equipment: $35K +++ ea. Mediation Device: $75K + (based on number of subscribers)

Trusted Third Party (TTP) TTP becomes agent of record for Service Provider Assumes all responsibilities and obligations Pros: Continued protection from criminal & civil liability Reduces operating costs and conserves capital Assumes risk and up-front investment (personnel, technology) Future-proof services Cons: CALEA activities are handled by third party TTP requires access (physical and admin) to your network Cost: Initial assessment/setup fee: $10K+ (depends on size of network) Monthly service fee: $1.5K+ (depends on size of network) Per intercept fee: Records production = $500?, Pen/Trap = $1000?, Full Content = $1500? (Reimbursable by LEA)

Service Independent Intercept (SII) Architecture

Key Cisco SII Architecture Features Standard architecture (same for voice or data) Places control of LI on Mediation Device (instead of on call control equipment) Separates lawful intercept control from call control Common interface to Mediation Device and Call Control partners Modular architecture, easily adapted to regional requirements through mediation device

Generic View of the LI Architecture Demarcation Point (SP, LEA Responsibility) Service Provider LI Administration Function Law Enforcement Agency (LEA) Intercept Related Info (IRI) Intercepting Control Element (ICE) Request Mediation Device Collection Function IRI Communication Content (CC) Request Content Information for the Same Intercept May Be Sent to Multiple LEAs Intercepting Network Element (INE) Request Access Function (AF)/ Intercept Access Point (IAP) Cisco Equipment 3rd Party Equipment

Cisco Service Independent Intercept Configuration Commands Service Provider LI Administration Function Voice - Call Agent Data - Radius, AAA Law Enforcement Agency (LEA) Intercept Related Info (IRI) Intercepting Control Element (ICE) Request Mediation Device Collection Function IRI Communication Content (CC) Request Content RADIUS Event Messages RTP or UDP transport for delivery Intercepting Network Element (INE) SNMPv3 Cisco Equipment Voice - Edge router, Trunk G/W Data – Access/Aggregation router 3rd Party Equipment

IETF—RFC 3924 Lawful Intercept Architecture Reference Model HI1(a) b c Law Intercept Administration Function HI1(a) Law Enforcement Agency (LEA) MD Provisioning Interface b c HI2(g) Intercept Related Information (IRI) IAP Mediation Device (MD) e HI3(h) HI3(h) IRI (e) d f Intercept Request (d) Intercepted Content (f) Content Intercept Access Point (IAP) User Content User Content Service Provider Functions Lawful Intercept Architecture Reference Model

Cisco Lawful Intercept Architecture IETF first draft June 2003 IETF second draft October 2003 Informational RFC 3924 adopted October 2004 Modular architecture—adapts to regional requirements via partner equipment (mediation device) Key Features: Common architecture (SII) for voice and data Separation of intercept control from call control (voice) and session control (data) Controlled by mediation device Standardized interface for mediation device to provision intercepts via SNMPv3

LI Architecture—Voice Intercept LI Administration Function Gatekeeper, SIP Proxy, Call Agent Admin 2 Admin (HI1) 1 Collection Function LEA Config 3 Mediation Device IRI 6 IRI 5 CC 11 Intercept Request 8 Intercepted Data 10 Call Control 4 7 Call Control Target Subscriber CPE Adapter or IP Phone CPE Adapter or IP Phone 9 Aggregation Router Aggregation Router RTP Stream

LI Architecture—Data Intercept LI Administration Function AAA Server (Cisco Access Registrar, Other) Admin 2 Admin (HI1) 1 Collection Function LEA Config 3 Mediation Device IRI 6 11 IRI 5 10 CC 14 Config 3 Acct Start 9 Sniffer/ Probe Intercept Request 7 Intercepted Data 13 Access Request 4 Target Subscriber Access Accept 8 12 Aggregation Router Data Stream