Lawful interception and B2B voice and messaging services
Lawful interception is a mandatory requirement for operators. Compatibility with LI processes is essential for all services, including B2B. What impact do Gintel’s applications have on LI compliance?
Enabling lawful interception is mandatory for licensed operators
As a regulated operator, Lawful Interception, or LI – the requirement to enable access to voice, messaging and other communication for law enforcement agencies – is a mandatory requirement in most countries. It’s a tool that can be used selectively in the fight against crime, but it’s always carefully supervised by the national regulator. It’s only used when specific authorisations and legal permissions are in place – but the infrastructure to support it must be present. LI has, however, been around for decades and, as such, it’s an integral component of any operator’s network.
Of course, there are several different approaches, most of which are based on international standards, such as those from ETSI, 3GPP or CableLabs. Each of these provides a template for interoperability, as well as guidance on procedures for handling different media, associated signalling information, and more. These procedures differ for different generations of network technology and infrastructure.
What does compliance with lawful interception requirements mean for B2B services?
The scope of such specifications has grown, as the number of digital channels has expanded, but handling of voice sessions remains of fundamental importance. So, whenever there’s an RFx for a B2B voice service platform – be it mobile PBX, IP Centrex, UC or a VPN, there’s always a section devoted to compliance with the specific local LI requirements.
Operators need to understand the impact on these necessary solutions due to the addition of new network elements and software. Do they change any of the required procedures? Do they disrupt any of the defined signalling and media flows?
Well, in a typical deployment, there’s no change to the existing infrastructure. That’s because we also follow the same standards-based approach to network architecture, so adapt to whatever core network is required. We do not circumvent standards or introduce new functional elements. Rather, we’re based on classical models and principles. Our applications are typically delivered as virtual components to an existing IMS – as a SIP Application Server (SIP AS).
IMS-based lawful interception
For IMS – and for VoLTE home and roaming services, LI is usually handled across different interfaces. For example, 3GPP TS 33.107 provides several reference architectures for different networks – from CS (circuit switched) to IMS and to WLAN, as well as for additional supplementary service functionality, such as conferencing. Interfaces include X1_1, X2, and X3, among others, depending on the network concerned.
In the case of the IMS, these interfaces are provided from, for example, the CSCF (P / S), or the MRFP / MRFC. In other words, they are integral to the overall IMS architecture and core network deployed. So, LI data can be obtained via these standard interfaces, without reference to the Gintel applications. The basic IMS LI architecture is shown in Figure 1.
Figure 1: IMS-CSCF intercept configuration (from 3GPP TS 33.107 V16.0.0)
Because all necessary signalling traverses the core network, it remains exposed to any LI solution and mediation layers via the appropriate interfaces. The same applies to the media, when a connection is made to our media server (MRF) for any required processing (which, due to the fact that we typically use triggering to execute a service based on initial signalling information where possible, isn’t always required).
Gintel – fully compliant with your lawful interception architecture
As a result, the LI processes in IMS or any other network are not impacted by our deployment and there is no need to extend or modify them to account for additional interfaces. Since we already provide rich metadata in the form of CDRs, this can easily be correlated with any data captured by the LI system, if required.
So, our answer is always the same: we comply. And, we’ll continue to do so as LI evolves to meet the needs of 5G networks – which bring a host of new challenges due to the inclusion of IoT services and devices under the security umbrella.