Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright © 2005 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 Using COTS Routers for Lawful Intercept Annual Member Meeting.

Published byShawna Nicolas Modified over 9 years ago

Similar presentations

Presentation on theme: "Copyright © 2005 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 Using COTS Routers for Lawful Intercept Annual Member Meeting."— Presentation transcript:

1 Copyright © 2005 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 Using COTS Routers for Lawful Intercept Net@EDU Annual Member Meeting February 8, 2006

2 2 Copyright © 2005 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net ETSI Reference Model Law Enforcement Agency Service Provider HI1: Warrant Related Information HI2: Intercept Related Information HI3: Content of communication LEA Monitoring System Intercept Related Mediation System Content Mediation System Administration system Access Network Juniper Experiences From the Field  In-band versus out-of-band approaches  Features used to support LI  Mediation device control interface

3 Out-of-band (Passive Monitoring)  Implement an out-of- band infrastructure with signal splitters  User proximity improves selectivity Dynamic address changes Asymmetric routing Multicast  Sometimes preferred for operational isolation 3 Copyright © 2004 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net Storage and Analysis Data handler (multiple) Signal Splitter

4 4 Copyright © 2005 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net In-band (Active Monitoring)  Use existing network elements  Independent of network access technology Supports POTS, ISDN, xDSL, Cable, Wireless  Provides cost reduction, implementation speed Preferred for this reason where feasable Storage and Analysis User Data Replicated Data

5 5 Copyright © 2005 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net Feature: Selection  Useful for both in-band and out-of-band  Channelization Select among TDM’d, DLCI, ATM VC, or 802.1q VLANs  Mature packet filtering capability required for security and features Very high performance Highly flexible and proven IPv6 ready  Can be combined arbitrarily  Dynamic Flow Capture (DFC): Identify flows that match one or more dynamic filter criteria and forward to one or more destinations. Passive monitoring Filter criteria are dynamically added (not in configuration) Activate filter within 50ms of criterion add request IP TCP Ver IHL ToS Total Len ID Fragmentation TTL Proto Hdr Checksum Source Address Destination Address Source Port Dest Port Sequence Number Acknowledgement Number Offset Flags Window Checksum Urgent Pointer Select Selected Packets All packets on aggregated link Intercept with external splitter or in-band packet replication Sample Filterable fields

6 6 Copyright © 2005 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net Feature: Replicatoin  Useful for both in-band and out-of-band  Up to 16 copies of the same packet Each copy can be encapsulated and forwarded independently  No performance impact Ideally suited shared memory architecture One or more copies Selected Packets Replication

7 7 Copyright © 2005 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net Feature: Distribution  Useful for both in-band and out-of-band Enables reuse of data network for distribution  Multiple encapsulations supported GRE IPSec (3DES/AES) Layer 2 VPNs Selected packets and/or flow records Tunnel Packet tunneled to LEMF Packet New Header

8 8 Copyright © 2005 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net Example 1 Signal Splitter Juniper Router To Law Enforcement Facilities Separate Distribution Network Service Network Decapsulate 1. Choose sub- interface Select Circuit Select Packets Replicate 2. Remove link layer header 3. Filter on src/dest address 4. Create 3 copies of the packets 5. Send each copy to diferent LEMF in GRE tunnel Distribute

9 9 Copyright © 2005 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net Example 2 To Law Enforcement Monitoring Facilities Service Network Every M-series router can act as an IAP To Law Enforcement Monitoring Facilities DecapsulateSelectReplicate Summarize Distribute 1. Remove MPLS headers 2. Select based on IP address and port 3. Create extra copy of packet 4. Create flow records from one copy 5. Encrypt packets and flow records in IPSec 3DES tunnels and send to LEMF

10 10 Copyright © 2005 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net Mediation Device Control Interface  JUNOScript is already there  Layered Interface Design TCP/IP based SSL or plain text (for troubleshooting) Easy-to-use XML-based data format / RPC invocation readily adapts to new complex data structures  Mature standards-based solution Juniper supported for over 6 years See: http://www.ietf.org/internet-drafts/draft-ietf-netconf- prot-01.txt

11 11 Copyright © 2005 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net Included API  Object-oriented PERL  Easy library for retrieving data and manipulating results  Numerous examples my $res = $jnx->$query( %queryargs ); unless ( ref $res ) { die “FAIL CMD[$deviceinfo{hostname}] $query.\n";}

12 12 Copyright © 2005 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net Example Exchange M10iMediation Server 7.3I0 [sisyphus]. at-1/2/1 up 15 18 ATM-PVC 4482 7.3I0 [sisyphus]. at-1/2/1 up 15 18 ATM-PVC 4482

13 13 Copyright © 2005 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net Summary  Router based lawful intercept provides numerous advantages over dedicated hardware Higher flexibility Less time to implement and manage Lower costs  Juniper E, M, and T series routers provide a set of functional building blocks to support any LI application  JUNOScript is well suited for a mediation interface

14 Ben Eater eater@juniper.net

Download ppt "Copyright © 2005 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 Using COTS Routers for Lawful Intercept Annual Member Meeting."

Similar presentations

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Implement Inter- VLAN Routing LAN Switching and Wireless – Chapter 6.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Implement Inter- VLAN Routing LAN Switching and Wireless – Chapter 6.
CPSC 441 - Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-

CPSC Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-
Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.

Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.
Computer Networks20-1 Chapter 20. Network Layer: Internet Protocol 20.1 Internetworking 20.2 IPv4 20.3 IPv6.

Computer Networks20-1 Chapter 20. Network Layer: Internet Protocol 20.1 Internetworking 20.2 IPv IPv6.
Packet Switching COM1337/3501 Textbook: Computer Networks: A Systems Approach, L. Peterson, B. Davie, Morgan Kaufmann Chapter 3.

Packet Switching COM1337/3501 Textbook: Computer Networks: A Systems Approach, L. Peterson, B. Davie, Morgan Kaufmann Chapter 3.
Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Switching Topic 4 Inter-VLAN routing. Agenda Routing process Routing VLANs – Traditional model – Router-on-a-stick – Multilayer switches EtherChannel.

Switching Topic 4 Inter-VLAN routing. Agenda Routing process Routing VLANs – Traditional model – Router-on-a-stick – Multilayer switches EtherChannel.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 5: Inter-VLAN Routing Routing & Switching.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 5: Inter-VLAN Routing Routing & Switching.
Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 Juniper CALEA(LI)/Monitoring Solution Architectures Richard Holben.

Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 Juniper CALEA(LI)/Monitoring Solution Architectures Richard Holben.
Cisco Architecture for Lawful Intercept in IP Networks October 2004,rfc3924 Author(s): F. Baker,B. Foster,C. Sharp.

Cisco Architecture for Lawful Intercept in IP Networks October 2004,rfc3924 Author(s): F. Baker,B. Foster,C. Sharp.
Protocols and the TCP/IP Suite Chapter 4 (Stallings Book)

Protocols and the TCP/IP Suite Chapter 4 (Stallings Book)
Protocols and the TCP/IP Suite

Protocols and the TCP/IP Suite
IPv6 Mobility David Bush. Correspondent Node Operation DEF: Correspondent node is any node that is trying to communicate with a mobile node. This node.

IPv6 Mobility David Bush. Correspondent Node Operation DEF: Correspondent node is any node that is trying to communicate with a mobile node. This node.
1 Application TCPUDP IPICMPARPRARP Physical network Application TCP/IP Protocol Suite.

1 Application TCPUDP IPICMPARPRARP Physical network Application TCP/IP Protocol Suite.
Securing TCP/IP Chapter 6. Introduction to Transmission Control Protocol/Internet Protocol (TCP/IP) TCP/IP comprises a suite of four protocols The protocols.

Securing TCP/IP Chapter 6. Introduction to Transmission Control Protocol/Internet Protocol (TCP/IP) TCP/IP comprises a suite of four protocols The protocols.
Chapter 3 Review of Protocols And Packet Formats

Chapter 3 Review of Protocols And Packet Formats
Network Layer4-1 Network layer r transport segment from sending to receiving host r on sending side encapsulates segments into datagrams r on rcving side,

Network Layer4-1 Network layer r transport segment from sending to receiving host r on sending side encapsulates segments into datagrams r on rcving side,
(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,

(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,
Lecture slides prepared for “Business Data Communications”, 7/e, by William Stallings and Tom Case, Chapter 8 “TCP/IP”.

Lecture slides prepared for “Business Data Communications”, 7/e, by William Stallings and Tom Case, Chapter 8 “TCP/IP”.
Protocols and the TCP/IP Suite Chapter 4. Multilayer communication. A series of layers, each built upon the one below it. The purpose of each layer is.

Protocols and the TCP/IP Suite Chapter 4. Multilayer communication. A series of layers, each built upon the one below it. The purpose of each layer is.

Similar presentations

Ads by Google