STAR-GATE for PACKET DATA Arkady Linshitz Product Manager.

Slides:



Advertisements
Similar presentations
M2M Architecture Inge Grønbæk, Telenor R&I ETSI Workshop on RFID and The Internet Of Things, 3rd and 4th December 2007.
Advertisements

3GPP SA3 Lawful Intercept
1 © 2005 Cisco Systems, Inc. All rights reserved. Craig Mulholland Consulting Engineer February 8, 2006 Cisco Systems Lawful Intercept Capabilities The.
Sales Guide for DES-3810 Series Aug 2011 D-Link HQ.
1 Requirements Catalog Scott A. Moseley Farbum Scotus.
Chapter 5 standards for multimedia communications
Copyright © 2005 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 Using COTS Routers for Lawful Intercept Annual Member Meeting.
Total LI Compliance using Turn-key Applications and Solutions Rami Mittelman V.P. Product Marketing.
Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.
Overview of CALEA Conformance Proposed Standard PTSC-LAES R6 Manish Karir, Merit – Research and Development.
Lawful Interception in 3G IP Multimedia Subsystem
Telefónica Móviles España GPRS (General Packet Radio Service)
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
William Stallings Data and Computer Communications 7 th Edition (Selected slides used for lectures at Bina Nusantara University) Internetworking.
Introduction to Management Information Systems Chapter 5 Data Communications and Internet Technology HTM 304 Fall 07.
Securing TCP/IP Chapter 6. Introduction to Transmission Control Protocol/Internet Protocol (TCP/IP) TCP/IP comprises a suite of four protocols The protocols.
A survey of commercial tools for intrusion detection 1. Introduction 2. Systems analyzed 3. Methodology 4. Results 5. Conclusions Cao er Kai. INSA lab.
Data Networking Fundamentals Unit 7 7/2/ Modified by: Brierley.
1 25\10\2010 Unit-V Connecting LANs Unit – 5 Connecting DevicesConnecting Devices Backbone NetworksBackbone Networks Virtual LANsVirtual LANs.
©Brooks/Cole, 2003 Chapter 6 Computer Networks. ©Brooks/Cole, 2003 Understand the rationale for the existence of networks. Distinguish between the three.
Virtual Private Networks (Tunnels). When Are VPN Tunnels Used? VPN with PPTP tunnel Used if: All routers support VPN tunnels You are using MS-CHAP or.
Networking Components
© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—2-1 Ethernet LANs Solving Network Challenges with Switched LAN Technology.
OSI Model Routing Connection-oriented/Connectionless Network Services.
DECISION Group Inc.. Decision Group Mediation Device for Internet Access Provider.
LTEC 4560 Summer 2012 Justin Kappel Networking Components.
Security and LI; ETSI’s role in standards
LECTURE 9 CT1303 LAN. LAN DEVICES Network: Nodes: Service units: PC Interface processing Modules: it doesn’t generate data, but just it process it and.
Comparing modem and other technologies
Module 9: Planning Network Access. Overview Introducing Network Access Selecting Network Access Connection Methods Selecting a Remote Access Policy Strategy.
Chapter 1 Overview Review Overview of demonstration network
Common Devices Used In Computer Networks
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols.
Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Repeaters and Hubs Repeaters: simplest type of connectivity devices that regenerate a digital signal Operate in Physical layer Cannot improve or correct.
 Network Segments  NICs  Repeaters  Hubs  Bridges  Switches  Routers and Brouters  Gateways 2.
Client/Server Model.
Introduction to Packet Accelerator (PA). Communication Models Network Access Ethernet ARP FDDI Internet IP Host-to-Host TCP UDP Application TELNET FTP.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Introduction to HP Availability Manager.
15-1 Networking Computer network A collection of computing devices that are connected in various ways in order to communicate and share resources.
Ronald D. (Ron) Ryan Chair T1P1.SAH Slide 1 Copyright Nortel Networks T1P1/ Overview 3G UMTS LI Capabilities T1P1.SAH April 2001.
1 Kyung Hee University Chapter 15 Connecting LANs, Backbone Networks, and Virtual LANs.
CENG 490/510 Network Programming Russell Deaton Rm
15.1 Chapter 15 Connecting LANs, Backbone Networks, and Virtual LANs Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or.
Computer Networks 15-1 Connecting Devices. Connecting Device We divide connecting devices into five different categories based on the layer in which they.
Computer Networks 15-1 Chapter 15. Connecting LANs, Backbone Networks, and Virtual LANs 15.1 Connecting devices 15.2 Backbone networks 15.3 Virtual LANs.
OS Services And Networking Support Juan Wang Qi Pan Department of Computer Science Southeastern University August 1999.
Data Communications and Networks
Chapter 3 - VLANs. VLANs Logical grouping of devices or users Configuration done at switch via software Not standardized – proprietary software from vendor.
Network Equipment Assignment 3 LTEC 4550 Aaron Whitaker.
Rehab AlFallaj.  Network:  Nodes: Service units: PC Interface processing Modules: it doesn’t generate data, but just it process it and do specific task.
DECISION Group Inc.. Decision Group Monitoring Center Solution on Internet Access for LEA or Intelligence.
Voice Over Internet Protocol (VoIP) Copyright © 2006 Heathkit Company, Inc. All Rights Reserved Presentation 5 – VoIP and the OSI Model.
NETWORK DEVICES Department of CE/IT.
The OSI Model An ISO (International standard Organization) that covers all aspects of network communications is the Open System Interconnection (OSI) model.
NETWORKING COMPONENTS Jeffery Rice LTEC Assignment 3.
15.1 Chapter 15 Connecting LANs, Backbone Networks, and Virtual LANs Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or.
Also known as hardware/physi cal address Customer Computer (Client) Internet Service Provider (ISP) MAC Address Each Computer has: Given by NIC card.
Lecture # 02 Network Models Course Instructor: Engr. Sana Ziafat.
1 Wireless Networks Lecture 17 GPRS: General Packet Radio Service (Part I) Dr. Ghalib A. Shah.
CompTIA Security+ Study Guide (SY0-401)
Solving Real-World Problems with Wireshark
Lawful Interception & Next Generation Networks
Introduction to Computers
Data Networking Fundamentals
CompTIA Security+ Study Guide (SY0-401)
Introduction to Network Security
OSI Reference Model Kashif Ishaq.
Presentation transcript:

STAR-GATE for PACKET DATA Arkady Linshitz Product Manager

Company Confidential PRODUCT OVERVIEW Introduction Functional Description GPRS and 3G Solutions Product Demonstration ISP Solutions

Company Confidential – Covers both administrative and delivery function; – Supports multiple networks and switches; STAR-GATE ARCHITECTURE COMPREHENSIVE SOLUTION

Company Confidential Performs the delivery function of communication surveillance STAR-GATE MEDIATION DEVICE Wide Range of Protocols  GTP*  FTP  TIIT  ROSE  … Multicasting  Support 300 MC  Up to 5 simultaneous delivery Flexible Architecture

Company Confidential GPRS Application Design X1P X2PX3P HI1 Target Session Manager xGSN MD HI3 MD Inside HI2

Company Confidential Assigns targets and oversees system administration, maintenance and security STAR- GATE SAS (Surveillance Administration Subsystem)

Company Confidential STAR-GATE SAS SINGLE POINT OF ADMINISTRATION

Company Confidential STAR-GATE SOLUTION for GPRS

Company Confidential STAR-GATE SOLUTION for GPRS Interception Criteria  IMSI, MS ISDN, IMEI Delivery Format  HI2  FTP  ROSE  HI3  FTP  GTP*

Company Confidential STAR-GATE SOLUTION for 3G

Company Confidential STAR-GATE SOLUTION for 3G Interception Criteria  IMSI, MS ISDN, IMEI, (SIP URL) Location Dependent Interception  1 or more areas in the same 3GMS Charging Aspects  Producing intercept-charging data Target List Synchronization

Company Confidential 3G Pan European networks - The STARGATE solution

Company Confidential STAR-GATE SOLUTION for VoIP New Challenges Communication Content  IP to PCM conversion Signaling Protocols  SIP  H.323

Company Confidential 3G MD Application Design X1 HI1 Core Logic 3GMS MD VoIP Gateway X3X2 HI3HI2

Company Confidential WELCOME TO STAR-GATE DEMO

Company Confidential STAR-GATE SOLUTION for ISP

Company Confidential STAR-GATE for ISP - Challenges Operational challenges: –Target Provisioning –Identification of target traffic –Control and maintenance –High Security Technological challenges: –Various network topologies –Fast changing architecture –No interference with ISP Service level

Company Confidential STAR-GATE for ISP - Solution Interception Criteria:  address  Username/CLI in RADIUS  IP address  MAC address Access Solution based on:  LAN Splitter for mirroring  Switching hubs for aggregation and filtering  PD MD Software

Company Confidential STAR-GATE for ISP - Solution Delivery Method:  FTP  Stream based Delivery Format:  TIIT  STAR-GATE Tunneling Protocol

Company Confidential ISP Mediation Device S/W Design HI1 Core Logic MD HI3 MD Inside HI2 Access Device Network Access (Interceptor)

Company Confidential Interceptors RIPE (RADIUS IP Extractor)  Keeps in RAM the target list (Username/CLI)  Monitors RADIUS messages  Generates HI2 messages to LEMF  Activates 3-4 layer switch and IPI based on extracted IP address  Stops 3-4 layer switch and IPI upon logout event

Company Confidential Interceptors IPI (IP Interceptor)  Gets IP address from RIPE  Analyze each packet in real-time  Collects packets  Forwards to LEMF

Company Confidential Interceptors SMTPI (SMTP Interceptor)  Keeps in RAM the target list ( address)  Monitors SMTP (Port # 25)  Checks address in “RCPT TO” or “MAIL FROM”  Buffers all (from DATA command to closing ‘.’)  Forwards LEMF

Company Confidential Interceptors DHCPE (DHCP Extractor)  Keeps in RAM the target list (MAC address)  Monitors DHCP  Identifies events of IP address assignment  Generates HI2 messages to LEMF  Updates the system with the new IP address

Mr. Adams Mr. Adams Mr. Adams

Mr. Adams Mr. Adams

Mr. Adams Mr. Adams

Company Confidential The Access Device

Company Confidential Solution Considerations Coverage  Intercepting all targets  Intercepting all data  Minimize number of intercepted links Target Identification  RADIUS  DHCP Security  None intrusive  Encryption

Company Confidential The Solution

Company Confidential System Security Access rights: Access to target activation and database is controlled by user rights. Audit Trail: For user login/logout and target activation/deactivation activities. Centralized Target List Architecture: GSA is the only LI entity where target list is saved on disk Passive interception: No indication for on going interception Encrypted delivery to LEAs: Delivery to LEAs can be encrypted using IP-Sec or TLS.

Company Confidential STAR-GATE Source of Requirements GPRS  ETSI GSM Annex D  ETSI ES  ETSI TR G  ETSI TS ISP  TIIT

Company Confidential WHY STAR-GATE Comprehensive Solution  Any Network  Any Switch  Any Protocol Unified Administration Center Open Design and Flexible Architecture

Company Confidential Thank you

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.