utimaco safeware ag germanusstrake 4 52080aachen germany
TRANSCRIPT
a member of the Sophos Group
Utimaco Safeware AG GermanusstraKe 4 52080Aachen Germany Phone +49 (0) 241-16 96-0 [email protected]
a member of the Sophoc Group
I Utimaco L---3" L a W Interception of mu
/ Lawful Interception of Telecommunication Services Throughout the world providers of telecommunication services are required to support law enforcement agencies in their fight against crime and terrorism. Network operators and telecommunication service providers have to install interception facilities in their network to fulfil these obligations. The legal frame- work of lawful interception (LI) is defined by national laws and regulations, the technical details are defi- ned by a number of international technical standards.
Utimaco LlMS (Lawful lnterception Management System) is a proven solution for network operators and service providers to automate the administrative and operative tasks related to lawful interception. The system is based on a central management platform for the surveillance of communication services and implements electronic interfaces to various authorized law enforcement agencies and their monitoring centers.
Utimaco LlMS offers the industry's broadest range of supported network elements for active interception as well as highspeed network probes for passive interception. This approach enables lawful interception in virtually any fixed, mobile, and lnternet service provider's environment without any negative impact on the performance and reliability of the network and revenue generating services. Communication services supported include telephony, fax, SMS, MMS, e-mail, voicemail, VolP, webmail and instant messaging as well as other lnternet services. While the system is designed for large-scale networks with millions of subscribers, the LlMS suite easily scales to economically feasible solutions for networks with only a few thousand users. The modular architecture of LlMS facilitates cost-effective extension and adaptation to new technologies and regulatory requirements.
LlMS complies with international LI standards of ETSI, 3GPP, ATISIANSI and CableLabs and satisfies the highest security requirements to protect the privacy of all associated data. Utimaco supports providers, carriers, and LEAS in need of lawful interception solutions with consulting and technical support services, and also provides managed service models together with qualified solution partners.
For more than 25 years Utimaco is a leading global provider of data security solutions. Since 1994 Utimaco has been providing lawful interception systems for mobile and fixed network operators and lnternet service providers. Utimaw Data Retention Suite was introduced in response to the EU directive 2006124lEC and at the request of telecom customers for integrated LI and DR solutions. With more than 160 installations in 60 countries, Utimaco is a leading global supplier in the LI market. While Utimaco data security products are now distributed by Sophos, the business units .Lawful lnterception and Monitoring Solutions" and "Hardware Security Module" form Utimaco's operating businesses.
Benefits
Compliance 4 Provides surveillance of all common
telecommunication services in fixed and mobile networks, incl. telephony, fax, SMS, MMS, Push-to-Talk, Internet, e-mail, VolP, webmail, instant messaging and others
4 Complies with regulatory requirements in numerous countries worldwide
4 Conforms to international lawful interception standards of ETSI, 3GPP, ATISIANSI. CableLabs and others
Cost Efficiency 4 Central management of all intercepts
even in heterogeneous networks Modular, scalable architecture for small to very large communication networks
4 Smooth integration into available networks
Reliability 4 Meets highest security demands 4 No negative impact on performance
or reliability of networks and services 4 Continuous enhancements support
the latest technologies and standards 4 Close cooperation with regulatory
authorities and standardization bodies 4 16 years of experience in lawful inter-
ception
U timaco" a member of the Sophos Group
Law Enforcement Agency
Networks & Services + GSM, GPRS, UMTS, CDMA,
CDMA2000, LTE + PSTN (Fixed Telephony) + xDSL, cable + WIMAX, WLAN + SMS, MMS, Voicemail Monitoring Cente
+ PoC (Push-to-Talk over Cellular) + lnternet Access (IPv4 and IPv6) + VolP (SIP, RTP, H.323, SCCP) + E-mail (POP3, SMTP, IMAP, webmail) + other IP-based services
Lawful Interception Standards + ETSI TS 101 671 (voice), TS 101 331
(generic), ES 201 158 (generic), TS 102 232-1 to 102 232-6 (IP, E-Mall, IN1 Internal Network interface XI x2 x3 Internal Nehvork t e r n for L! Pmns!onmg !RI
IRI Intercept~on Related lnforrnat~on and CC exchange CC Content of Cornmun!cat~on H1 H2 H3 SfandaNhandover!nte#ace to the Law Enforcement
+ ANSIIATIS. J-STD-025-B (Voice, Agency for L1 Pmv,sronmg. IRI and CC exchange
CDMA), T1.678 (VolP), T1 .IPNA,
+ 3GPP: TS 33.106, TS 33.107, + Central administration of Intercepts and target assignments TS 33.108 (UMTS) + Actlve and passive interception of voice and data services
+ Packetcable v1.5 (Cable) + Collection and mediation of intercepted data from all network nodes + Standard compliant delivery of Intercepted communications to the appropriate
Vendor Interfaces law enforcement agency + Acme Packet, Arris, Bridgewater, + Comprehensive user management with granular access rights
Broadsoft, Casa Systems, Cisco, + Multi-tenancy, segregates up to 64 different networkslproviders Ericsson, Huawei, Iptego, Juniper, + Authority management
Motorola, Nokia Siemens Networks, + lntegrated system administration and alarm monitor
Nortel, Redback, Sitronics, Sonus, + Securlty features Starent Networks, Sun, Thomson- - RBAC (Role-based Access Control)
Cirpack, Unisys, Vocaltec, ZTE - Transparent separation of multiple authorltles - Full audit trails of all user and system events - IPseclSSHITLS encryption - Encrypted database and backups - System monttor and alarms aximum number of subscribers: - System redundancy virtually unlimited, scalable configu- - Dlsaster recovery system
rations from 1,000 to several million -Automatic consistency checks subscribers - Secure remote access + Maximum number of interception + Remote administration of other LI systems targets. scalable up to thousands of + Dynamic load-balancing parallel interception targets + lntegrated billing capabilities + Probe performance. up to 10 Gbps + Various language kits available
Network Interfaces Copyright Information + 10110011000 Mb Ethernet, Copyright 8 1994-2011 - Utimaco Safeware AG - a member of the Sophos group, July 2011
10 Gb Ethernet, X.25, ISDN, EIPTI, Utimaco LIMSm Utlmaco LIMS 1s a trademark of Ut~maco Safeware AG All other named trademarks are trademarks of the particular copyright holder
SDHISonet, ATM, SS7 interfaces Spec~ficat~ons are subject to change wlthout notlce
GerrnanusstraBe 4 52080 Aachen
a member of the Sophos Group Phone +49 (0) 241-1 6 96-0 licontact@ut~rnaco corn
Automated Data Retention for Telecommunications Service Providers Retention of subscriber data and communications related data has become a legal require- ment for telecom operators and service providers around the world. Laws and regulations like the EU Directive 20061241EC oblige telecommunications service providers to retain CDRs, IPDRs, as well as subscriber data for a period of six to twenty-four months.While much of the data required is being recorded by providers already for billing and marketing purposes, these new regulations put some cumbersome and potentially costly obligations on CSPs in regards to data security, delivery of data, and completeness of information.
Utimaco has addressed these challenges with a brand-new approach that is affordable, quickly implemented, and secure. Utimaco Data Retention Suite (DRS) is a state-of-the-art, purpose-built management system for secure data retention and fast data retrieval. The system has been designed to easily integrate into existing network infrastructures that generate thousands of data records or even up to several billion records per day.
Utimaco DRS incorporates a configurable workflow management system which reduces operational expenses by automating the administrative tasks of request handling and delivery of search results to authorized agencies. Comprehensive security mechanisms like granular user management functionality, strong access control, encrypted storage and handover, and full audit trails of all user and system events, are fundamental features to support compliance with national regulations for data protection and for public safety.
\bout Utimaco
For more than 25 years Utimaco is a leading global provider of data security solutions. Since 1994 Utimaco has been providing lawful interception systems for mobile and fixed network operators and lnternet service providers. Utimaco Data Retention Suite was introduced in response to the EU directive 2006124lEC and at the request of telecom customers for integrated LI and DR solutions. With more than 160 installations in 60 countries, Utimaco is a leading global supplier in the LI market. While Utimaco data security products are now distributed by Sophos, the business units ,,Lawful Interception and Monitoring Solutions" and ,,Hardware Security Module" form Utimaco's operating businesses.
Features
+ Collects communications data (CDR, IPDR) and subscriber data from any telecommunications network
+ Retains large amounts of data in a powerful and secure data warehouse
Provides very fast search and analytics in billions of data records
+ Automates request processing and delivers data to authorized agencies by fax, e-mail, or secure IP interfaces
Benefits
+ Complete solution to satisfy the data retention obligations of communications service providers
+ Lowest operating costs due to high automation of workflows
+ Cost-effective integration in existing networks of any size with various communication services
+ Suitable for large networks with several billions of CDRs per day
+ Reliable system security and data protection
a member of the Sophw Group
Hardware Specifications + Oracle X86 servers + Various configurations from single
server appliances to multi-server clusters
+ Integrated disk storage (up to 12TB) + External SAN from 6TB to 1000TB
(RAID) + Oracle Solaris 10
Operating System + Sybase IQ data warehouse + CE marked, FCC compliant, ROHS
Services + PSTN telephony + Mobile telephony & data (GSM,
UMTS, CDMA) + Mobile Messaging (SMS, MMS) + lnternet Access
(DSL, cable, Wimax, WLAN) + VolP, Push-to-Talk + E-Mail, Webmail + Other services on request
Security + Granular rights management + Remote access via https
(password, certificate) + Full audit trail (encrypted) + Data integrity protection + Encrypted storage (optional) + Hardened operating system
Performance + Loads up to 100,000 records
per second (on one server) + Average search performance:
5 sec per l000 query results
Norms and Standards + EU Directive 2006lECl24 + ETSl TS 102 656 + ETSl TS 102 657
I Utimaco Data Retention Suite r
Highlights
DRS Collectior
>RS Management Sew4 --
p i CDR MBdlahon Router svstm
Lmhon Subscriber Sewer Database
Data Analysls
Seamless Intc " 1
Utimaco DRS l.,, ,,,.l designed for seamless integration into existing multi-vendor and multi- service networks. The solution can be customized easily to interface with CDRIIPDR systems, log files, sub-scriber databases, and other network nodes.
Multi-tenancy One Utimaco DRS system can be used to administer warrants and search requests for multiple net- work operators and service providers. The granular rights management system of Utirnaco DRS can be configured to securely segregate between networks, users, and authorities and thus supports various business models like MVNO models, managed services, or cross-border service platforms.
ormance & Capacity Utimaw DRS has been optimized for simultaneous loading of massive data volumes and fast query processing. The system can ingest several billion data records per day, supporting the transaction rates generated by large telecommunications networks with millions of subscribers. Average queries results are returned in seconds not minutes.
Strong Security Comprehensive security features like role-based access control, encryption and integrity checks prevent unauthorized access and manipulations of sensitive data during storage and handover. Full audit trails are maintained for all system and user events to provide full accountability for evidential quality.
gh-availability server redundancy, RAID-5 data mirroring and real-time system monitoring are integral concepts of Utimaco DRS to satisfy highest availability demands and disaster resilience.
Cost-efficiency Utimaco DRS runs on broadly available and cost-efficient X86 servers and uses standard SAS1 SATA disks arranged in RAID-5 arrays. This together with the excellent data compression rates reduces hardware expenses to the absolute minimum.
Standards based Utimaco DRS is fully compliant with latest ETSl standards in support of the European Data Retention Directive 2006124lEC.
Copyright Information Copyright 0 1994-2011 - Utimaco Safeware AG - a member of the Sophos group, July 2011 Utimaco DRS" Utimaco ORS is a trademark of Utimam Safeware AG. All other named trademarks are trademarks of the particular copyright holder. Specifications are subject to change without notice.
utimaco" a member of the Sophos Group
Utimaco Safeware AG GermanusstraRe 4 52080Aachen Germany
l Phone +49 (0) 241-1 6 96-0 1 [email protected]
Utimaco LlMS TM
Lawful Interception of Telecommunication Services
utimaco" a member of the S~phas Group
Utimaco LIMSTM
Lawful Interception Lawful lnterception (LI) is the legally approved surveillance of telecommunication services, and has become an im- portant tool for law enforcement agencies (LEAs) around the world for investigating and prosecuting criminal activi- ties and terrorism. Most countries have passed laws that require telecommunication service providers to support LEAs with duly authorized requests to identify, monitor, and deliver all of the electronic communications of specified individuals and groups. While regulations and requirements vary from country to country, international and US-American standardization bodies like ETSl or ANSl have developed technical standards for LI that will facilitate the work of LEAs and help operators and service providers to minimize their costs. Although various standards for LI use different termi- nology, the basic functional model shown in figure 1 applies to all LI standards and to all network and service types.
The main functions of any LI solution are to access Inter- ception-Related Information (IRI) and Content of Commu- nication (CC) from the telecommunications network and to deliver the information in a standardized format via the handover interface to one or more monitoring centers of law enforcement agencies. Of course, before surveillance can take place interception requests must be approved and appropriately provisioned to the lnterception Access Points within the service provider's network, and they must be carefully and accurately terminated after the intercep- tion authorization expires. In addition, high security requi- rements for LI systems are essential to prevent possible manipulation and misuse.
Lawful lnterception Function
General LI Architecture (Functional Model)
Law E n f o r m m l
Internal lnterception
Collection Function for IRI and CC
IRI: Interception Related Information CC: Content of Communication
Figure l: Functional model for lawful interception
Utimaco LIMSm
Utimaco LIMSTM - A Carrier-Grade LI Solution for Telecommunication Service Providers
Utimaco has been in the business of lawful interception The core competency of the Utimaco LI solution is its since 1994 and has installed LI Management Systems in ability to interface with hundreds of different elements in a more than seventy countries around the world. As an active provider's heterogeneous network and to filter and deliver member of the ETSI LI group, Utimaco has participated in target-specific data to the LEA in a standardized format. developing standards and in ETSI Plugtestsl. The Utimaco Lawful Interception Management System (LIMS) is a The LlMS modular architecture provides a future-proof comprehensive solution that provides state-of-the-art path for operators to expand their LI capabilities through- surveillance capabilities for fixed and mobile communi- out current and any future networks. The system can be cation networks and for various communication services, configured as an entry-level single-server solution for including traditional circuit-switched voice, next-generation thousands of subscribers and is scalable up to a multi- packet-switched networks, 2G13G mobile networks, and server cluster that enables monitoring in networks with mil- Internet-based services like e-mail and VolP. lions of subscribers.
The LlMS solution usually acts as a bridge or mediator The Utimaco LlMS solution, as illustrated in figure 2, con- between the service provider's network and the LEA'S sists of the following components: monitoring centers.
I Telecommunication Service Provider
Utimaco LIMSTM
Management Sewer Munitwing Center
a -
%.,.,,, -b",".
IN1 Internal Network Interface XI, x2, x3 Internal Network Interfaces for L1 Provisron~ng, /RI IRI. lntercephon Related lnfamahon and CC exchange CC Content of Communicatron HI, H2, H3, Standard handover rnterface to the Law Enforcement
Agency for L1 Pmvisronrng, /RI and CC exchange
Figure2: Architecture of the Utimaco LlMS
' Plugfests are lntemperabll~ty tests organized by the European Telecommun~cattons Standards I n s t i i (ETSI) Plugtestm is a trademark of ETSI
Utimaco LIMSm
LlMS Management Server The Management Server, the core component of the LlMS system, incorporates the administration system for all system modules, the user interface, as well as security management for the whole system. The server maintains a central data- base of all intercept targets and authorized LEAs. Once an intercept target is entered into the Management Server, it is automatically provisioned to the appropriate interception access point in the network.
LlMS Mediation Devices The LlMS Mediation Devices perform all tasks related to the delivery of intercepted communications to the autho- rized law enforcement agency. Mediation encompasses the conversion and mapping of interception data received from the internal network to the appropriate formats, pro- tocols and interfaces as required by the LEAs. Also, Inter- cept Related Information sometimes needs to be stored intermediately in the Mediation Device before it can be forwarded to its final recipient.
Utimaco offers the industry's broadest list of mediation devices supporting a wide range of network technologies, services, protocols and standards. There are LlMS Media- tion Devices for more than 200 different network elements of all major vendors. Delivery of intercepted data is com- pliant with various national regulations and national and international standards including CALEA, ATIS, ETSl and 3GPP standards.
LlMS Access Points Depending on the network topology and capabilities, Utimaco recommends either active or passive approaches to intercepting communication data. In passive mode, network probes are integrated into the operator's network to filter, de- code and forward intercept data to the LIMS, respectively to the appropriate Mediation Device. Utimaco has developed specialized network probes for deep-packet inspection of va- rious communication services and application protocols such as e-mail, webmail, lnternet access, instant messaging, Voice- over-IP and other IP-based services. Active interception, on the other hand, refers to the method of managing integrated interception capabilities of the available network elements, like switches or routers. In many real-world deployments a mixture of active and passive interception techniques pro- vides the best results or is the only available option.
LlMS Decoder The LlMS Decoder module can be used to enable LI in networks where the communication session is SSLITLS encrypted between the user and the provider's servers. In e-mail environments, for instance, the LlMS Decoder is able to decrypt POP3S, SMTPS or IMAPS sessions before the e-mails can be monitored and filtered by the Interception Access Point.
LlMS Gateway This modular media gateway handles the real-time con- version between packet-switched networks and circuit- switched networks. The LlMS Gateway is often needed in VolP networks where the handover interface to the LEAs requires conversion of RTP media streams into TDM
I I
(Time Division Multiplexing) signals. In addition to the media conversion, the LlMS Gateway can also act as a sig- naling gateway between SS7, ISDN and SIP. The product's modular hardware concept enables customized solutions for small networks, as well as for large networks supporting from 60 to 3,360 simultaneous calls.
Utimaco LIMSm
LlMS Hardware Utimaco LlMS runs on industry-standard servers by OracleB with Oracle Solaris@operating system. Customers can choose from single-server configurations for small networks up to multi-server clusters for large networks with millions of subscribers and thousands of intercept targets. The LlMS Gateway is a highly modular blade system with eight slots for different CPU, DSP and line card modules.
LIMS High-Availability Option The high-availability option for LlMS enables operators to build robust LI systems with 99,999% availability. The ad- vanced Utimaco system monitoring software recognizes all kind of potential failures and bottlenecks and automatically switches system processes to hot-standby servers when necessary.
LlMS Remote Provisioning Unit All administrative and operational functions of the LlMS Management System can be accessed remotely using the same graphical user interface as on the local manage- ment console. The LlMS Remote Provisioning Unit (RPU) ensures that the same security policies apply to both remote sessions and to local operation.
LlMS Loadbalancing Option Utimaco LlMS is well prepared to scale with the ever in- creasing bandwidth requirements in modern telecom net- works. Dynamic loadbalancing algorithms distribute inter- cepted data evenly among a range of mediation devices.
LT 'I-
"S<
R m X. *
*& ari* .l m r WTW* *&W h* - "m\"vwC'$mrr%
ePghr* -m- -.L
worldwide
- Utimaco LIMSm
Utimaco LIMSTM - Key Advantages
State-of-the-Art Interception System curity and Reliability After over 16 years of experience and continuous improve- IT security has been Utimaco's core business since its foun- ment, the Utimaco LIMS has matured from a surveillance dation in 1983.A~ such, Utimaco thoroughly understands the system for mobile networks to a complete interception security and privacy aspects of lawful interception and has suite for various kinds of networks and services. Today implemented end-to-end security mech-anisms throughout Utimaco offers the industry's most comprehensive list of the entire LlMS system. supported vendor network elements and enables lawful interception in virtually any wireless and wireline network supporting multiple services, including telephony, fax, SMS, MMS, Push-to-Talk, lnternet access, e-mail, VolP and other IP-based services. In its entire software and hardware architecture the Utimaco solution has been designed as a Authentication and authorization by using a carrier-grade system that meets highest security, reliability granular rights management system that enables and performance criteria. The Utimaco LlMS solution is accurate definition of administrative and opera- approved by national regulatory bodies and is used by more tional tasks (role-based access control). than 150 operators worldwide.
+ Full audit trail with detailed accounting of all user and system events to avoid misuse and manipulation.
Standards Compliance Utirnaco LlMS is designed to comply with national and international lawful interception standards developed by ETSI, 3GPP, ATlS and CableLabs. Utirnaco shares its experience and expertise in standards with partners and customers to continuously optimize the solution and to meet specific requirements according to individual tech- nical and legislative prerequisites.
Cost-Eff iciency The Utimaco LlMS is a centralized system that serves all LI-related tasks of multiple LEAs on a heterogeneous ser- vice network. By using one single point of access, opera- tors can reduce their administration costs by simplifying the communication with LEAs and by reducing the effort for the provisioning of surveillance operations in the net- work. Operators can initiate, modify or delete any L1 re- quest on the entire network in a matter of minutes with the easy-to-use Utimaco LlMS graphical user interface. Once installed in the network, Utimaco LIMS is almost mainte- nance-free. Optional system upgrades, for example, for new services or new network equipment, can be provi- ded cost-efficiently by Utimaco as part of a maintenance agreement or on an as-needed basis.
II The data security features of LIMSTM include:
+ Integrated alarm system to alert for system failures.
+ Regular consistency checks to guarantee the data integrity in the target database and on the intercep- tion access points in the network.
I + Encryption of internal and external data traffic.
+ Encrypted storage of all sensitive data records, and complete removal of user data after expiration of the L1 request.
+ Transparent separation of different LEAs and LI requests, and isolated delivery of interception data to multiple LEAs.
+ No back doors: The Utimaco LlMS never permits access to unauthorized users or by means other than those described in the documentation. The Utirnaco LlMS security has been verified by official regulatory bodies, and interception results have been successfully approved by international courts as admissible evidence.
Utirnaw L
Modular and Scalable Architecture Managed LI Services While the system is designed for large-scale networks with The LlMS role-based user management, together with its millions of subscribers, the LlMS suite can easily be ad- capability to serve multiple different networks and LEAS apted to provide an economically feasible solution for net- concurrently, allows various deployment models of the works with only a few thousand users. In fact, the modular lawful interception system. Operators can either install and software architecture enables operators to extend the sys- operate the LlMS system as part of their own Operations tern as the demand for lawful interception increases and1 Support System (OSS), or they may decide to use the or their sub-scriber base grows. Performance-critical tasks service of an independent LI service provider. Utimaco and processes can be migrated to dedicated servers to in- has selected and qualified a number of LI service provi- crease the overall system capacity and throughput. The ders who can effectively take over all administrative tasks underlying hardware platform, based on Oraclem servers, related to L1 and thus relieve the network operator of unpro- provides the solid basis for a reliable, scalable system with fitable duties and reduce the costs for maintaining and up- sufficient performance reserves for all current and future grading systems. network sizes.
The modular concept of LlMS further facilitates the integration Global Service and Support of new network interfaces and protocols without requiring the Utimaco understands that LI management is not simply reengineering of the complete system. There is virtually no about purchasing hardware and software - it's about im- limit to the number of active and passive Interception Access plementing capabilities according to national legal require- Points that can be connected and operated in parallel. ments and technical prerequisites. Utimaco provides the
services, support and resources that help you become compliant with these requirements while minimizing the costs and effort for installation and operation. With Utimaco's help, your staff can accomplish lawful interception while also keeping your service network tuned for maximum performance and utilization. Utimaco provides worldwi- de expert consulting services, 24x7 technical assistance, online support, onsite training and installation services.
Utirnaco LIMSm
Five Reasons to Select Utimaco LlMS TM
Experience Cost-efficiency Utimaco develops high security solutions for corporate and The modular architecture of Utimaco LlMS enables cost- public applications and was one of the first companies effective and customized solutions for LI projects of all sizes. worldwide to deploy lawful interception solutions for mobile The central administration of intercepts and the high level networks. In the past sixteen years Utimaco has gained of automation speeds up the process of managing court extensive experience in the LI market and has installed LI orders, simplifies the cooperation with LEAS, thus leading to systems in more than sixty countries around the world. countable opex reduction.
Expert !
Utimaco IS an active member of several national and in- ternational standardization groups and maintains contacts with regulatory bodies and LI experts worldwide. In all matters relating to lawful interception, Utimaco is the pre- ferred partner of many of the leading telecom suppliers and monitoring center vendors. The LlMS solution continues to be developed and maintained by a team of experienced engineers who have worked in the LI field for many years.
"?liability urimaco is a recognized player and financially stable public company in the worldwide IT security industry. In addition to our technical experience in lawful intercep- tion, we pay very close attention to the legal aspects of lawful interception and regard this as an important factor in our business. As a result, the Utimaco LlMS system strictly conforms to the appropriate laws and regulations. Furthermore, the system includes numerous security measures to prevent misuse by unauthorized persons.
Compliance The LlMS solutions comply with a large number of internati- onal LI standards and requirements. Compatibility with net- work equipment vendors and monitoring center suppliers is an important benefit of the solution, and Utimaco verifies this compatibility on an ongoing basis.
Utirnaco LIMSm
Utimaco LIMSTM - Feature Overview
Supported Services
+ VolP (SIP, H.323, SCCP, RTP)
+ GSM, GPRS, UMTS, LTE
+ CDMA, CDMA2000
+ SMS, MMS, Voicemail
+ Push-to-Talk over Cellular (PoC)
+ PSTN (Fixed Telephony)
+ Broadband Access (DSL, Cable, WLAN, WiMAX)
+ E-mail (POP3, SMTP, IMAP, webmail)
+ other IP-based services
Network Interfaces
LI Standards Vendor Interfaces
+ ETSl TS 101 671 (voice), TS 101 331 + Acme Packet, Alcatel-Lucent, Arris, Bridgewater, (generic), ES 201 158 (generic), TS 102 232-1 Broadsoft, Casa, Cisco, Comverse, Ericsson, to 102 232-6 (IP, E-Mail, VolP) Huawei, Iptego, Italtel, Juniper, Motorola, Nokia-
Siemens-Networks, Nortel, Oracle-Sun, Redback, + ANSIIATIS: J-STD-025-B Unisys, Sitronics, Sonus, Starent Networks, (Voice, CDMA), T1.678~2 (VolP), T1 .IPNA (lnter- Thomson-Cirpack, Vocaltec, ZTE and others net, T1 .IAS), T1.724 (UMTS), TIA-1072 (PoC)
+ 3GPP: TS 33.106, TS 33.107, TS 33.108 (UMTS)
+ Packetcable v1.5 (Cable) + 1Gb - 10Gb Ethernet, X.25, ISDN, EI /T l ,
SDHISonet, ATM, SS7 interfaces
Security
+ Role-Based Access Control
+ Detailed accounting (full logging)
+ lPseclSSL/TLS encryption
+ Encrypted storage, encrypted backup
+ System monitoring and alarms
+ System redundancy
+ Disaster recovery system
+ Secure remote access
Performance Other features + Max. number of subscribers: + Integrated accounting and billing functions
scalable from 1,000 up to millions of subscribers (virtually unlimited) + Dynamic load-balancing
+ Max. number of targets: scalable up to thousands + Easy-to-use graphical user interface of concurrent L1 requests + Remote management of other LI systems
+ Probe Performance: up to 10 Gbps (2,000,000 pps) + Multi-tenant support and 25,000 targets per LlMS Access Point
a member of the Sophos Group
Utimaco Safeware AG GermanusstraRe 4 52080 Aachen Germany Phone +49 (0) 241-16 96-0 [email protected]
Utimaco Safeware Partner:
Copyright Information Copyright O 1994-2011 - Utimaco Safeware AG - a member of the Sophos group, February 2011 Utimaco LIMSTM Utimaco LlMS is a trademark of Utimaco Safeware AG. All other named trademarks are trademarks of the particular copyright holder. Specifications are subject to change without notice.
Utimaco LIMS Access Points
Realtime Network Monitoring for Lawful Interception and Data Retention
utimaco" a member of the Sophos Group
Utimaco LlMS Access Points
Realtime Monitoring with Passive Probes
Realtime monitoring of network connections has been used by telecom operators for years for various purposes, like quality of services monitoring, performance analysis, fraud detection, E911 location and billing. Specialized network probes are typically connected to the network by taps, thus receiving a copy of the communications traffic. These probes analyze the traffic based on defined filter rules and can extract data of specific interest.
Law enforcement and intelligence agencies make use of passive probes for non-intrusive surveillance of communi- cation links. Compared to the common approach of active monitoring, where network nodes, e.g. switches or routers, acquire the required data, probes have a number of advan- tages with regard to:
+ Performance, bandwidth support
+ Capacity, number of simultaneous targetslfilter rules
+ Transparency
+ Accuracy, level of details
Utimaco provides three tvDes of probes:
Telecom operators and lnternet service providers some- times prefer network probes for similar reasons. That's why probes are an integral part of the Utirnaco Lawful Interception Management System (Utimaco LIMSTM) and of the Utimaco Data Retention Suite (Utimaco DRSTM).
Management by Mediation by Utimaco LlMS Utimaco LlMS
Management Interface l nterface
Network Link
LlMS Access Points for IP services cost-effective probes for single IP services like e-mail, VolP, AAA, SMS, MMS
LlMS Access Points DPI Deep Packet Inspection Probes for 1 Gb to 10Gb Ethernet networks
LlMS Access Points TDM Probes for circuit-switched networks based on EI/TI, SDHISONET (STM-1 to STM-4)
LlMS Access Points are centrally controlled by the Utimaco LlMS and Utimaco DRS. All data intercepted by the probes are encrypted and protected from unauthorized access. Before data is handed over to law enforcement agencies it is mediated to comply with international LI standards.
Utimaco LlMS Access Points
supported services ana protocols
Deep Packet lnspection Deep Packet lnspection (DPI) is the name of a state-of-the- art technology designed to meet some of the key challenges relating to the plethora of IP-based communication services. , The ever-growing number of lnternet applications and , + Networking protocols IP-based protocols make it hard for law enforcement agen- j IPv4, IPv6, TCP, UDP, Ethernet, EtherlP, cies (LEAS) and communication service providers to identify FTP, HTTP 'bad guys' or criminals on the net and to analyze their com- + Tunneling protocols munications for the purpose of criminal investigations and MPLS, GRE, LZTP, PPP, PPTP, GTP prevention of terrorism. + AAA protocols Utimaco LlMS Access Points implement DPI technology not RADIUS, DHCP only to filter individual IP packets but also to decode and + E-Mail analyze complete communications flows of more than POP3, SMTP, IMAP, MAP1 300 different lnternet applications. The probes can either extract only the metadata (e.g. source ID, destination ID, IP + Webmail addresses, port numbers, timestamps) or intercept entire Yahoo mail, Microsoft Hotmail, google mail, communication sessions. Intercept targets can be identi- Maktoob, OWA fied by a range of application specific user IDs, device IDs, + VolP network addresses or by keywords. SIP, RTP, H.323, SCCP
Utimaco offers a variety of carrier-grade probes for + Signaling different networks and services. Customers can select SIGTRAN, MTP, MAP, SCCP, RANAP from a range of LlMS Access Points according to their + and many more lnternet applications actual needs for performance, protocol support and scalability.
Utirnam LlMS Access Points
LlMS Access Points are designed for non-intrusive monitor- ing without alerting subscribers or disrupting the service. The probes can be seamlessly integrated into networks of various kinds, such as broadband access networks, IP core networks, or lnternet exchange networks. Common network access techniques such as passive taps (splitters) or switch span ports help ensure that there is no outgoing traffic from the IP probe back to the network.
Keeping Pase with New Types of Traffic lnternet applications are constantly evolving. Regularly, new communications applications appear on the lnternet and established application protocols are modified. So customers must be prepared to keep pace with this evolution. To this end, Utimaco provides support plans that give customers access to quarterly protocol updates and new protocol plug- ins. Such plug-ins can also be customized according to individual customer needs.
Core Network r d
l
I
Utimaco LIMS Access Points
LlMS Access Points DPI Realtime Monitoring of IP Networks
Deep Packet Inspection In contrast to many other network probes, Utimaco LlMS Access Points do not just filter IP packet headers on well- known ports but reassemble complete IP flows in order to analyze the header fields and the content of more than 300 IP-based protocols and lnternet applications. By carrying out semantic analysis, the LlMS Access Point can track control connections that induce dynamically negotiated connections on temporary ports such as passive FTP, VolP or full multi- media conferencing streams, gnutella or BitTorrent peer-to- peer traffic and instant messaging, and is able to automatic- ally decode complex encapsulation tunnels.
Models
Lawful Interception and Data Retention Utimaco LlMS Access Points are fully integrated in the Uti- maco LlMS (Lawful lnterception Management System) and Utimaco DRS (Data Retention Suite). Intercept targets can be provisioned centrally in LlMS and will then be distributed to all connected LlMS Access Points for interception. For data retention purposes the probes can generate IPDRs (IP data records, or metadata) for all IP services or for those of specific interest. These IPDRs are sent to the Utimaco DRS for further processing and storage.
LlMS Access Point DPI 1 G + 4x1 Gb Ethernet (fiber or copper) + up to 800kpps + HW accelerated data aquisition + Multi-protocol support
LlMS Access Point DPI 10G + up to 4xlOGb Ethernet (fiber or copper) + up to 4,000kpps
r + HW accelerated data aquisition + stackable + Multi-protocol support
Utimam LlMS Access Points
High-speed Monitoring Interception of Ongoing Ses Utimaco offers a range of probe models to meet customer LIMS Access Points keep track of all online users authenti- requirements in terms of performance, capacity, and price. cated via the DHCP, RADIUS, or GTP protocol. This feature There are small appliances with a 100/1000 Mbit interface and enables intercepts to start immediately, even if a target user single protocol support as well as blade-server systems with has been authenticated before the intercept is activated. multiple 10 Gbit interfaces and sufficient capacity to monitor many protocols and thousands of targets simultaneously. All Updates models are designed to provide line-speed performance with As new lnternet applications emerge and communication zero packet loss. Blade systems can be expanded by means protocols change, network operators must be prepared for of additional line cards and processor cards to accommodate changes and updates. Utimaco offers support plans that qrowing network capacity. include free updates for new versions of protocols at pre-
dictable costs. Flexible Target Identific LlMS Access Points can identify targets by various kind of
"
' vailability triggers related to a certain protocol or service. A target ID Utimaco LlMS Access Points are designed to protect data can be an IP address, MAC address, user ID, device ID, SIP- from unauthorized access and to provide timely, secure URL, TEL-URI, email address, URL, MSISDN, IMSI, IMEI, delivery to the law enforcement agencies. Security features a keyword, or several other application-level IDs. A virtual include full audit trails, communication encryption, access ID manager correlates target IDs of different protocols and control, operating system hardening, automatic consistency applications in order to capture all relevant traffic associated checks and alarms. The probes are continuously monitored with a certain intercept target. For instance, a MAC address by the Utimaco LIMS or Utimaco DRS system and can sup- monitored in the DHCP traffic can be automatically corre- port redundancy concepts with hot-standby functionality. lated to the associated IP address to capture all IP traffic, a SIP-URI can be mapped to an IP address to capture all RTP traffic, or an instant messaging login can be mapped Utimaco LlMS mediates and delivers intercepted commu- to the IP address to intercept all IP traffic to and from such nications in compliance with ETSl standards, CALEA, and a target. For investigators, this feature represents a great other national lawful interception mandates. Utimaco DRS new tool for identifying the communications of a person retains the data generated by the LlMS Access Points and under surveillance even when the information available for provides controlled access to such data in accordance with identification is limited. national data protection and data retention laws.
Utimaco LlMS Access Points
Monitoring Telephony Networks Circuit-switched connections are still widely deployed in of switching systems or replace the integrated interception modern telecom networks to carry telephone calls, fax or SMS functionality of switches entirely. messages. When monitoring a standard PSTN network or a 2G or 3G cellular network for interception purposes, passive Utimaco LlMS Access Points can be deployed at various probes offer a worthwhile alternative to on-switch intercep- positions in a network for monitoring both signaling and tion. Probes can either enhance the interception capabilities media. The probes associate the signaling to the bearer
traffic and then acquire the targeted call data and usage
+ Highly scalable from one to thousands of circuits, up to 100,000 simultaneous targets
+ 100% transparent no impact on existing network links
+ Mass intercept monitors all calls and messages and generates CDRs
+ Standards-compliant ETSl conform hand-over via ISDN or IP
information. All intercepted data are mediated by the Uti- maco LlMS before they are delivered to the law enforcement agency over standardized interfaces.
Alternatively or in addition, the same LlMS Access Points used for targeted interception can also generate call detail records (CDR) for all communications session. The CDRs can be collected by the Utimaco DRS for long-term reten- tion and further analysis.
Utimaco LlMS Access Paints
Utimaco LlMS I Law Enforcement Agency
MSISDN. I IMSI, IMEI) I L
LlMS
H12 (DF2:IRI)
Point TDM H13 (DF3 CC)
Monitoring Center
Access Network Access Network
Utimaw LlMS Access Points
LlMS Access Points TDM Realtime Monitoring of Circuit-Switched Networks
Communications Interception and Data Retention The LlMS Access Point TDM supports the interception of signaling, content and location data of telephony calls, SMS messages and faxes on a wide range of networks: + PSTN + GSM + UMTS + CDMAone, CDMA2000 The probes are fully integrated in the Utimaco LlMS and DRS, where intercepted data is mediated and retained.
Target Identification The LlMS Access Point is capable of correlating different iden- tities of a single subscriber, even over multiple interfaces. Each probe tracks in realtime all occurrences of MSISDNs, IMSI, MSRN, IMEI, and TMSI. This allows the probe to acquire all data related to a target by just defining one of its identities.
Content Analysis Realtime monitoring with the LlMS Access Point is not restric- ted to signaling only. The probe can also detect and extract DTMF tones, CAS tones (C5, R2), and faxlmodem calls from bearer channels. The integrated CIC mapping technology assures accurate automatic correlation between signaling and bearer channels.
Interface Support Elm1
+ SDHISONET (STM-1 lOC3, STM-410C-12) 4 1 G Ethernet (1 000Base-T)
Protocol Supyon + SS7 ISUPrTUP (incl. country specific implementations) 4 ISDN PRI, C5, R2, DTMF, faxlmodem + GSMICDMA A-Interface, Abis-Interface + UMTS luCS, IuPS, RANAP + ATM, HDLC, TCPIIP + SIGTRAN, SMPP
Performance Figures + Scalable to monitor up to 16,000 TDM connections
in realtime + Supports up to 100,000 concurrent targets
Hardware Platforms + Server: l U 19" rack mount
11 01230V AC power, redundant CE, FCC, UL compliant
+ Chassis: 2U 19" rack mount W/ 3 cPCl slots or 5U 19" rack mount W/ 8x cPCl slots
11 01230V AC power, -48V DC power, redundant CE, FCC, UL compliant
+ Switch: l U 19" Ethernet switch 1011 0011 000 Base-T
1101230V AC power, FCC, CE compliant
Standards + ETSl TS 101 671 (TDM delivery) + ETSI TS 102 232-1, TS 102 232-6 (IP delivery)
Utimaco LlMS Access Points
Models
I:' i ::
LlMS Access Point TDM-M + up to 32 X E l r r l (duplex) or + up to 2 X STM-1 (duplex) + 2x1 Gb Ethernet (copper) + 1 U server + 2U cPCl chassis
LlMS Access Point TDM-L + up to 64 X Elm1 (duplex) or + up to 4 X STM-IISTM-4 (duplex) + 2x1 Gb Ethernet (copper) + 1 U server + 2U cPCl chassis
utimaco" a member of the Sophos Group
For more information on the Utimaco LlMS and Utirnaco DRS, please visit:
www.utirnaco.cornllirns
Utimaco Safeware AG GerrnanusstraRe 4 52080Aachen Germany Phone +49 (0) 241-16 96-0 [email protected]
Utimaco Safeware Partner:
Copyright Information Copyright O 1994-2011 - Utimaco Safeware AG - a member of the Sophos group, September 2011 Utimaco LIMSm, Utimaco DRSTM Utimaco LlMS and Utimaco DRS are trademarks of Utimaco Safeware AG. All other named trademarks are trademarks of the particular copyright holder Specifications are subject to change without notice.
Utimaco DRS TM Data Retention Suite
Automated Data Retention for Telecommunications Service Providers
utimaco" a member of the Sophos Group
Utimaco DRSw
Data Retention Data Retention has become a buzzword in intense debates between data protectors and law makers over the last few years. It refers to the process of storing call detail records and subscriber data for various telecommunication services for a period of several months and years. Law enforcement agencies and intelligence services regard the access to retained telecom data as an important pillar of criminal investigation and the prevention of terrorism. The common objective is to use the data to identify and trace suspects, uncover social networks among terrorists, or to collect admissible evidence for court proceedings.
Many countries around the world have passed laws that stipulate the authority of police and intelligence agencies and the responsibility of service providers. In Europe, for instance, the EU directive 20061241EC was introduced in March 2006 as a response to the coordinated terror attacks in Madrid 2004 and London 2005. The directive has led to harmonized laws within EU member states that oblige tele- com operators and lnternet service providers to retain call detail records and subscriber data for a period between six to twenty-four months, and to respond to inquiries by law enforcement agencies without undue delay.
For telecom operators and lSPs this means they need to make an additional investment in support systems that enable them to comply with these new laws. Clearly, it is not sufficient to simply extend the retention period of bill- ing records as the laws and regulations require additional data to be stored, such as unsuccessful calls and e-mail records. Depending on the size and type of operator there are millions to billions of records to be stored every day and operators must be prepared to respond to hundreds to thousands of inquiries per day.
Utimaco has addressed these new needs and challenges with the introduction of a purpose-built solution for telecom data retention: the Utimaco DRS. This system is based on the experience and technology of our world-leading lawful interception system, the Utimaco LIMS, which is deployed among telecom operators in more than sixty countries around the world.
Challenges for Operators
+ Store millions to billions of records per day of data generated at various sources in the network
+ Handle hundreds to thousands of inquiries by law enforcement agencies per day
+ Respond without undue delay (near-real-time)
+ Maintain high security to protect data
+ Be prepared for changes in range of service and network infrastructures
Utimaco DRSTM
Utimaco DRS TM
A carrier-grade data retention solution
The Utimaco DRS (Data Retention Suite) has been designed as a carrier-grade system to enable fast and secure access to retained data by authorized agencies. It enables network operators and lnternet service providers to easily comply with recent telecom regulations for data retention.
System architecture The Data Retention Suite consists of a set of software modules that run on broadly-available X64 servers with Oracle Solaris OS. The frontend component, the DRS Management Server, enables user-friendly access to all administrator and operator functions via a secured web
application. It also provides electronic interfaces to law enforcement agencies via fax, e-mail, or IP interfaces (ETSI RDHI). The backend components of the Utimaco DRS include the DRS Backend Server, one or many DRS Collection Devices, and a powerful data warehouse opti- mized for rapid search and massive data analysis. The DRS Backend Server is the core of the entire system as it imple- ments the business logic encapsulated in a well protected server. The DRS Collection Devices provide the service- and vendor-specific interfaces to the various network nodes that generate CDR records and keep subscriber and location data.
timaco Data Retention Suit
DRS Collection Devices
.1. - HI-B 3
Data Analysis
Law Enforcernenl Aeency
.
Handover Interface
I " " - - Medlat~on CDR Router Lmtton Subscnber
System Sewer Database
Figure 1 : Utirnaco DRS System Architecture
Utimaco DRSm
Key ~tures Collects communications data (CDR, IPDR) and sub- scriber data from any telecommunications network
* Retains large amounts of data in a powerful and secure data warehouse Provides very fast search and analytics in billions of data records Automates request processing and delivers data to authorized agencies by fax, e-mail, or secure IP inter- faces
The Utimaco DRS addresses all aspects of telecom data retention and has been designed to provide the following benefits to network operators, service providers, and law enforcement agencies:
Cost-ef. I + The Utimaco DRS minimizes operational costs by
automating warrant management and electronic delivery of search results.
+ Broadly-available servers deliver optimum price- performance ratio for telecom operators of any size.
+ Multi-tenancy support reduces capital expenses for multi-provider and multi-country networks and enables outsourced business models.
+ The state-of-the-art data warehouse architecture compresses all retained data and thus minimizes storage costs and enhances search performance.
+ One-stop shopping - Utimaco delivers a full turn- key solution with all required hardware, software and services.
+ The Utimaco DRS has been designed for seamless integration into existing networks, making use of available CDR mediation systems and customer databases.
4 The Utimaco DRS is a purpose-built solution that reduces the risk of non-compliance to data reten- tion obligations.
+ Highest security standards guarantee data protec- tion and prevent misuse by unauthorized persons.
+ Automated workflows help operators balance bet- ween data protection laws and obligations to sup- port LEAS.
4 The Utimaco DRS enables operators to handle thousands of requests per day and is fully compli- ant with the latest ETSl standards for retained data.
-he Utimaco DRS is a future-proof investment that is continuously being improved in accordance with the latest regulatory requirements.
+ The modular architecture of the Utimaco DRS's software and hardware system facilitates techno- logy changes in the telecom network at predictable costs.
+ The Utimaco DRS enables full retention of tele- phony, e-mail, lnternet access, and subscriber data and can be extended for other communication services or by data from other sources, such as financial transaction systems or toll systems.
+ Server redundancy, RAID storage, and process monitoring are integral concepts to maximize service availability and to prevent data loss.
+ The Utimaco DRS can scale with data volumes from a few million to billions of data records and customers can easily extend their installation as capacity and performance needs grow.
+ Utimaco has over 16 years of experience in lawful interception and has proven technologies that have been developed for the Utimaco Lawful Inter- ception Management System.
Utimaco DRSTM
Seamless System Integration Rather than replacing existing equipment, the Utimaco DRS has been optimized for seamless integration into existing OSSIBSS infrastructures, thereby reducing total cost of owner- ship. The solution supports different methods and data formats to access CDRs and subscriber details at various sources in the network.
Import to the data warehouse CDRs generated by different networks nodes can be loaded into the Utimaco DRS internal data warehouse at a very high speed (up to 100,000 records per second, per server). The system simultaneously supports multiple CDR sources for tele-phony, messaging, e-mail, and lnternet Access. Other services can be added on request.
During the data acquisition process all CDRs are filtered, integrated, and normalized to a uniform data for- mat before they are stored in the encrypted database. The organization of the data in the DRS data warehouse differs significantly from common relational databases. DRS arranges the data by column rather than by line, which in effect means that all tables are automatically indexed, but without the overhead (storage, management and tuning) that is associated with traditional approaches to indexing. Columnar storage also means that much more
effective compression algorithms can be applied to the data so that storage requirements are reduced even further. As a result of these and other features, query performance will on average improve by several orders of magnitude when compared to row-based database solutions.
The purpose-built data organization in the Utimaco DRS further removes the need for a multi-tier archive with different partitions for fast access and long-term storage. With the DRS all data records can be kept in one archive while providing average query times of just a few seconds even for complex searches in billions of records.
bnline access to databases When certain data to be retained are already available in databases or in information systems of the network operator, and can be accessed via common application interfaces, these data do not necessary need to be copied into the DRS data warehouse. Instead the storage system can be con- figured for online access at query time. This approach saves redundant data keeping and reduces costs.
Law enforcement agencies can connect to Utimaco DRS systems in various ways depending on the technical capa- bilities and configurations and on national regulations.
Utimaco DRSm
There are handover interfaces for fax, e-mail, and for VPN connections in accordance with the ETSI retained data handover interface (ETSI RDHI).
The Utimaco DRS system can be flexibly configured for different deployment options and business models. It can be installed and operated by a service provider who exe-
cutes the search requests on behalf of an authorized law enforcement agency, or, alternatively it can be installed at a trusted third party with direct IP connections to the data sources. One DRS management system can ad- minister and segregate many different networks to enable managed service models, support MVNOs, and multinatio- nal DR solutions.
Utimaco Data Retention Suite
Data Storage Warrant Collection Management Management Function 1 Function 1 Function
Data
Telecam Sew~ce Law Enforcement Plovtder Agency
I L
Internal Interfaces
Network Nodes
I Data Analys~s
Data Collection U
Request Management & Storage & Reporting
Figure 2: Data Retention Functional Model
Warrant
+ Report
Handover Interface
Optimizing Workflows
Automation of workflows from the receipt of data requests from law enforcement agencies to the delivery of reports is an integral concept of the Utimaco DRS solution. The system can receive requests and warrant documents either by fax, e-mail, or ETSl RDHl (Retained Data Handover Interface). An incoming request will appear as a new war- rant in the inbox of the operator screen. Where possible, all request details are imported in the warrant form auto- matically. After a short validation the database query can be started with just a few mouse clicks. The results will be available within seconds, ready for automatic or manual delivery.
All internal workflows are protected by a number of state-of- the-art security measures to assure compliance to privacy laws by means of access control, encryption, integrity checks, and full audit trails. The integrated user management system allows for fine-grained definition of access rights to various functions and data sources. All system data, i.e. CDRs, subscriber data, configuration data, log files, warrants and request details, are kept in encrypted data- bases. And, detailed logging of all user and system events prevents misuse and enables security audits.
If warrants come in as a letter or fax, pre-defined report forms assist operators to quickly translate the request into executable database queries. The results can be export- ed in different formats like *.pdf or *.csv tiles. The query and reporting system of the Utimaco DRS can be easily extended to support country or customer specific demands.
Utimaco DRS - Specifications Few + Collects communications data (CDR, IPDR) and sub-
scriber data from any telecommunications network + Retains large amounts of data in a powerful and secure
data warehouse + Provides very fast search and analytics in billions of
data records + Automates request processing and delivers data to
authorized agencies by fax, e-mail, or secure IP inter- faces
+ Seamless Integration The Utimaco DRS has been designed for seamless integration into existing multi-vendor and multi-service networks. The solution can be customized easily to interface with CDRJIPDR systems, log files, subscriber databases. and other network nodes.
+ Multi-tenancy One Utimaco DRS system can be used to administer war-rants and search requests for multiple network operators and service providers. The granular rights management system of Utimaco DRS can be config- ured to securely segregate between networks, users, and authorities and thus supports various business models like MVNO models, managed services, or cross-border service platforms.
+ High Performance & Capacity The Utimaco DRS has been optimized for simultaneous loading of massive data volumes and fast query pro- cessing. The system can ingest several billion data records per day, supporting the transaction rates gene- rated by large telecommunications networks with mil- lions of subscribers. Average query results are returned in seconds not minutes.
+ Strong Security Comprehensive security features like role-based access control, encryption, and integrity checks prevent unauthorized access and manipulation of sensitive data during storage and handover. Full audit trails are main- tained for all system and user events to provide full accountability for evidential quality.
+ Cost-efficiency The Utimaco DRS runs on broadly available and cost- efficient X64 servers and uses standard SASISATA disks arranged in RAID-5 arrays. This together with excellent data compression rates keeps hardware ex- penses to the absolutely minimum.
+ Standards-based The Utimaco DRS is fully compliant with latest ETSl re- quirements in support of the European Data Retention Directive 2006124lEC.
Iracle X64 servers + Various configuration options from single server-
appliances to multi-server clusters + Integrated disk storage (up to 12TB) + External SAN from 6TB to 1000TB (RAID-115) + Oracle Solaris 10 Operating System + Sybase IQ data warehouse + CE marked, FCC compliant, ROHS
"-vices r 9STN telephony + Mobile telephony & data (GSM, UMTS, CDMA) + Mobile Messaging (SMS, MMS) + lnternet Access (DSL, cable, Wimax, WLAN) + VolP, Push-to-Talk + E-Mail, Webmail + Other services on request
Sranular user rights management + Remote access via https (password, certificate) + Detailed audit trails + Encrypted storage and handover + Hardened operating system
.oads up to 100,000 records per second (on one server)
+ Average search performance: 5 sec per l000 query results
!U Directive 2006lECl24 + High-availability Server redundancy, RAID-11-5 data mirroring, and + ETSl TS 102 656 real-time system monitoring are integral concepts of + ETSl TS 102 657 the Utimaco DRS to satisfy the highest availability demands and disaster resilience.
Utimaco DRSTM
About Utimaco For more than 25 years Utimaco has been a leading global provider of data security solutions. Since 1 July 2009 Utimaco Safeware AG has been part of the Sophos Group, a world leader in IT security and data protection with headquarters in Boston, US and Oxford, UK. While Utimaco data security products are now distributed by Sophos, the business units "Lawful Interception & Monitoring Solutions" and "Hardware Security Module" form Utimaco's operating businesses. Utimaco currently employs a staff of 160+.
Since 1994 Utimaco has been providing lawful intercep- tion systems for mobile and fixed network operators and lnternet service providers. The Utimaco Data Retention Suite was introduced in response to the EU directive 20061241EC and at the request of telecom customers for integrated lawful interception and data retention solutions. With more than 180 installations in about 70 countries, Utimaco is a global supplier of leading-edge technology in the LI and DR market.
g team The Utimaco LlMS and the Utimaco DRS have been devel- oped by a team of telecom professionals with more than 16 years of working experience in this field. At Utimaco, more than 55% of our professionals are exclusively involved in product development and customer service. The Utimaco LlMS team is committed to ongoing investment in product research and development to provide all of our customers with the very best-of-breed solution.
. . . and a strong partner We build relationships with our partners that go far be- yond the normal vendor-client relationship and are based on trust, honesty, reliability and openness. We provide products, support, and training that contribute significantly to the technical work and business prosperity of our part- ners and customers. We are responsive to the needs of our customers in product design, technical support, and customer service. We provide exceptional value and a level of personalized service which set a new standard in our industry, a standard with which our competitors must measure themselves. These are the reasons why many of the leading telecom infrastructure suppliers worldwide rely on products and solutions developed by Utimaco Safeware AG.
- .a-- -m#& 1 - --U - - -.-- - . - . l . l l S r r - D I w w -..M__ - -8 - .-P , a r - I n w-.---r - _1_1dl"(UY. blA -#E Irs-IRW~=IVWYII.. - -a+-, - 2 4 7-G i-.L.L* - A* .I. W U X C .L li. &- - 4 . . .- . .- =L>-- .
4-F I L ' * L C I . -.- - , 8 - -
. - L W = - I L - B I B C N I - I 3 . .- - r r
- * * v - -.me 7 - v--- T
-L . .. m* -L L err;. t ..,"I I Pi P
--,C I,. I 3 ..%I -.m .m -.=S R.. .- -.- --A--.? - - -:WA-
nv*' .l .,ruu -- 3-
-----L- . - < - : -1: h.---=.. - -1 I I *-.
:, A=%-.- I LT-- --m,.ar 22 ., -,I..*- .-- -
m . " 8 . P . 7 , = 7 : -- -: -
I .. _.- I - . , - , , A ,-:- -l.. . - -
U timaco" a member of the Sophos Group
Utimaco Safeware AG GermanusstralJe 4 52080Aachen Germany Phone +49 (0) 241 -1 6 96-0 [email protected]
Utimaco Safeware Partner:
Copyright information Copyright O 1994-2011 - Utimaco Safeware AG - a member of the Sophos group, September 2011 Utimaco DRSm Utimaw DRS is a trademark of Utimaw Safeware AG. All other named trademarks are trademarks of the particular copyright holder. Specifications are subject to change without notice.