With a tremendous surge in mobile data usage and shift in telecom industry from voice to data, all service providers are moving towards an all IP network that delivers voice, data, video and mobile applications.
Therefore to safeguard public from threats like cyber-crime, cyber bullying, cyber terrorism etc. and to help LEAs with their investigations, Regulatory Authorities across globe have recommend TSPs/ISPs to gather traffic information of their users which may help LEAs with their investigations, if needed. Tracing IP addresses to their devices and their actual users can be very detrimental in investigating and fighting modern day crimes. In current scenario, with everyone leaving a digital footprint finding the source IP address, TCP port number, date and time of session can lead to criminals. Therefore, service providers need an IP Log Management system in their network which complied with Government Norms by gathering and managing the online logs of the subscribers as per Govt. Regulation, and help provide the data which can become the building block of LEAs’ investigations.
iSecureHL - Introduction
PertSol iSecureHL is a fully automated solution that offers consistent and high-quality IP Logs across operator’s network domains. It is a web-based system which fetches data from various sources like Internet Traffic, GTP traffic, CGNAT Logs, AAA traffic etc. and stores them in the form of IPDR. It helps telecom CSPs and LEAs in protecting the public against cybercrimes by providing IPDRs.
iSecureHL in combination with PertSol iNteliProbe deliver the most comprehensive monitoring solutions. It can simultaneously monitor Internet Traffic for control plane and User plane. Packets can be captured via interface cards that support 10G, 40G, 100G interface. It is also capable of decoding captured traffic from layer 2 to layer 7.
‣ Generating and storing all IPDRs into a single platform and meet the Regulator’s requirements.
‣ Capturing details of destination IP address as per Regulator’s requirement.
‣ Building IPDRs through correlation of NetFlow data along with IP Data Records generated through packet data capture probe.
‣ Correlating IPDRs with NAT records, to provide complete mapping of Source IP Addresses with translated IP Addresses.
‣ Extracting IPDRs based on key parameters like MSISDN, IMSI, IMEI, Source IP Address and Destination IP Address.
‣ Probing and Decoding Layer 2 to Layer 7 Traffic.
PertSol iSecureHL is an integrated automated tool for data collection, correlation and data management. Each of its functions are performed separately by the following modules:
Data Management (DM)
On presentation layer generated event and alarm are tracked and reports & dashboard are generated
‣ Tracking & Monitoring UI
‣ Dashboard & Report
‣ Disclosure Management
‣ Interface & Integration
Data Retention (DR)
Automate the storage of collected Data with retention policies to make it available online or offline as per need and event co-relation.
‣ Data Identification
‣ Data Retention Policy
‣ Data Encryption & Decryption
Event Correlation (EC)
EC module aggregates data from the DC Module and
correlates events & data from different sources
to form IPDRs to generates alarm.
‣ Event Correlation
‣ Alarm Generation
Data Collection (DC)
Automate the data collection & normalization, tapped
through either optical probe or log files of switch or applications
across distributed architecture of hosts and systems.
‣ Data Interface
‣ Data Loading
‣ Data Normalization & Transformation
iSecureHL – Key Features
Advance Search Query – It provides for search based on MSISDN, IMEI, IMSI, Cell IDs (all that are used in session), Translated IP, Translated Port, Destination IP, Destination Port, Date and time. Multiple inputs are allowed for each of the parameter wherein we support query of multiple MSISDN/IMSI/IMEI, Source IP, Cell-ID, Destination IP, Source Port, Destination Port by entering comma separated values.
Remote Query Access for LEAs – It has a centralized management system using which all Law enforcement Agencies (LEAs) can query the IPDRs for their investigation. The Lawful Enforcement Agency (Government Agent) can perform Secured. LEAs can run an IPDR query using any of the following methods:
‣ E-Warrant XML based Interface ‣ API Integration ‣ iSecureHL GUI
‣ CLI ‣ SMS ‣ Email
Interoperability and Interfacing – iSecureHL can support interoperability with network elements of all the leading Network Element Providers of the world, to process their CDR records. It supports all the interfaces required by operators for the interoperability of IPDR system with the various third party systems.
Data Compression – iSecureHL compresses IPDR by a factor of 20 before storing them for long term retrieval. It uses multiple level of compressions like Field level de-duplication, Pattern level de-duplication Algorithmic compression and Byte level compression.
File System – iSecureHL has an intelligent file system that enables enhanced features for processed file to protect highly sensitive data and supports optimum storage capacity.
Security – All internal workflows are protected by a number of state-of the-art security measures to assure compliance to privacy laws by means of access control, encryption, integrity checks, and full audit trails. All system data, i.e., CDRs, subscriber data, configuration data, log files, warrants and request details, are kept in encrypted databases. Detailed logging of all user and system events prevent misuse and enable security audits.
iSecureHL is capable of delivering IPDRs with all the fields that are asked by the regulators across the world. It provides more around 38 IPDR fields and does not depend upon any third party data sets to generate IPDRs. Some of the IP fields that it delivers are:
|S.No.||IPDR Field||Network Element|
|1||Mobile Subscriber Integrated Digital Network Number (MSISDN)||PGW/GGSN|
|2||International Mobile Subscriber Identity (IMSI)||PGW/GGSN|
|3||International Mobile Equipment Identity (IMEI/ESN)||PGW/GGSN|
|5||Mobile Country Code (MCC)||PGW/GGSN|
|6||Mobile Network Code (MNC)||PGW/GGSN|
|7||Location Area Code (LAC)||PGW/GGSN|
|9||eUTRAN Cell Global Identity (eCGI)||PGW/GGSN|