[VOIPSEC] CALEA Enforcement
Geoff Devine
gdevine at cedarpointcom.com
Fri May 12 08:00:51 CDT 2006
Hadriel Kaplan <HKaplan at acmepacket.com> a ecrit:
> I think he meant the access edge router - i.e., the BRAS, CMTS, etc.
> So it has guaranteed visibility because it's the only entry/exit path
> to the UA. Whether it's pragmatic to do it on every one of those,
> and scalable to control them, is a different question. (especially
> for non-packetcable networks)
Works great until you introduce nomadic and/or mobile devices. As long
as you operate the access network, it's pretty straightforward to do
this for DOCSIS, DSL, and PON networks. As you say, you don't have very
many simultaneous intercepts on an individual access edge router so
hacking in the function doesn't cause significant scaling problems. In
today's CMTSs, this function wasn't an initial requirement so the
implementations are often quite quick & dirty since they don't need to
scale.
> Obviously CMTS' already have the ability to open/close gates from a
> northbound control (COPS) interface for qos, and the call rate
> per-CMTS has been low enough to make it reasonable scale/performance.
> (Certainly the volume of lawful interception is so low it doesn't
matter)
> Whether the operators actually do COPS dynamic media gate control with
> their CMTS today I cannot say, but I think I can say I haven't seen
any
> doing LI on them yet.
That COPS interface between the soft switch and the CMTS is used on
every cable digital voice call to install access network QoS policy on
the CMTS. We integrated SBC-like functions into our product solution so
all media passes through our box. We've opted out of the PacketCable
lawful intercept method and instead use the tried & true J-STD-025
solution with call content over T1 and call detail over IP. Our
customers are slowly hooking our systems up to CALEA servers but we have
an awful lot of switches in the field where the lawful intercept
function is not plumbed up yet. I imagine the same is true for our
competitors who are using the PacketCable solution where RTP packets are
intercepted at the CMTS and Media Gateway and relayed to an SS8 delivery
function product. Anything involving an interface to the US Government
isn't going to get rolled out at a rapid pace.
Geoff
More information about the Voipsec
mailing list