Documentos de Académico
Documentos de Profesional
Documentos de Cultura
CEO DATAKOM/GTEN
2007 GTEN
DATAKOM
(Mother Company of GTEN)
www.datakom.de
2007 GTEN
1997
Development of the
G10-LI - Technology
Mediation between Carriers,
Ministries, BNetzA and LEAs
1986 founding of
DATAKOM
2007 GTEN
Why ?
2007 GTEN
2007 GTEN
Protection Houses
2007 GTEN
And others:
Like DATAKOM
2007 GTEN
Windmills
2007 GTEN
DATAKOM History
1986
1988
Start of DATAKOM-Academy
2000
Until today
more than 10 000 Installation from
2007 GTEN
1997
Foundation
of DATAKOM
GmbH
Extensive
experience in
the protocol/
performance
analysis of
data/voice
networks
Basic
development
of GTEN
technology
2002
Contract with
Telefonica
GTEN becomes
full voting
member of
ETSI
GTEN New
solution
approved
according to
BNetzA and
Dutch TIIT
Mediation
between
carriers,
ministries,
BNetzA and
LEAs
2003
Two large IP
monitoring
systems
deployed in
North Africa
and Middle East
VoIP LI solution
certified by
RegTP
1999
Contract with
Mannesmann,
ARCOR,
Deutsche
Telekom and
o.tel.o
Initial
certification of
LI solution by
BMWi
2004
Introduction
of ATM
Interceptor
Start of
development of
email solution
2000
Foundation
of GTEN AG
Contract with
Viag Interkom
(later on
BTIgnite)
Investment
backer was
obtained in
the form of
Wellington
Partners
2001
Transfer of
technology,
patent rights
and customer
contracts
Enhancement
of existing
GTEN solution
towards IP
applications
2005/6
Email solution
certified by RegTP
Contracts with
Easynet, KEVAG
and DIG
Enhancements with
existing
Customer
Development
new Product
Strategy
Cleaning up
Partner Selection
2007 GTEN
Clean Bandwith
Concept
10
IP Data
Services
Data
Video
Voice
3G
Data
Video
Voice
Wireless
Applications
Applications
IMS
IMS
11
12
Voice Services
Voice
Applications
Enterprise Data
Data
Services
Consumer Data
Internet
Access
OSS/BSS
Integration
OSS/BSS
Integration
OSS/BSS
Integration
PSTN
Packet
Broadband
/ Wireless
NGSP
Apps
ASP
Apps
Content
Apps
Common Services
Infrastructure
Intelligent IP
Transport
OA&M
OA&M
Costly
Slow to Market
Closed
One-size-fits-all
2007 GTEN
OA&M
OA&M
Focus of
differentiation
Efficient
Rapid Response
Open
Personalized
13
Market Conditions
Networking Focused Increasingly on the Content
Worms, Content (for LI)
User Conversations
MAC Header
IP Header
TCP
Payload
MAC Header
IP Header
TCP
Payload
MAC Header
IP Header
TCP
Payload
MAC Header
IP Header
TCP
Payload
20 Bytes
48 - 8,192 Bytes
Switch
Router
Firewalls
2007 GTEN
20 Bytes
IP Header
TCP
Payload
14
Market Conditions
Technology Challenges
2007 GTEN
15
2007 GTEN
Dell!Oro predicts that over the next five years 23 million 10GbE ports
will ship, worth $14bn
16
2007 GTEN
17
*
TC LI (Technical Comitee LI)
*
DTR/LI-00014 Lawful Interception of WLAN Internet Access
Beschreibt die Interception Domain und die Ausleitung von Wireless Internet. Wird voraussichtlich in 2006 herausgebracht.
*
DTR/LI-00020 Data Handover Architecture
Beschreibt die Architektur fr die Ausleitung von Daten (EU Data Retention Act). Wird voraussichtlich in 2006 herausgebraucht.
*
DTS/LI-00024 Lawful Interception;
Service specific details for IP Multimedia Services Spezifikation fr das Handover von Voice und sonstigen multimedialen Diensten in
paketvermittelten Netzen (mit und ohne IMS). Wird voraussichtlich in 2006 herausgebraucht.
*
DTR/LI-00025 Lawful Interception;
Architecture for IP Networks within a Communincation Service Provider's domain Beschreibt die Architektur fr fr LI in paketvermittelteten
Netzen. Wird voraussichtlich in 2006 herausgebraucht.
*
DTS/LI-00030 Lawful Interception;
Service specific details for PSTN Emulation Services (PES) Spezifiziert die Ausleitung von Daten aus multimedialen Netzen, die PSTN
Emulation System Eigenschaften besitzen (legacy TDM). Wird voraussichtlich in 2006 herausgebraucht.
*
TISPAN LI
(Technical Committee - The harmonisation of IP Network Architectures)
*
DTS/07013
Telecoms & Internet converged Services & Protocols
for Advanced Networks (TISPAN);
Spezifiziert wird der sog. Point of Interception fr NGN Netze. Fr das Handover wird auf die Dokumente TS 102 232 und 133.108 verwiesen.
Wird voraussichtlich ende 2006 herausgebraucht.
*
Bereits verffentliche Standards, die erweitert werden (Work Items)
Standards, die bereits herausgebracht und von europischen Staaten adaptiert sind.
*
TS 101 671
2007 GTEN
18
List continued
LI in Breitband Kabelfernsehen Hybrid Fibre/Coaxial (HFC) Datennetzen. Die Spezifikationen beschreiben die Ausleitung von Telefonie und
Daten. Diese Spezifikation wird schon europaweit von Regulierungsbehrden adaptiert.
*
TS 101 331 Telecommunications security;
Lawful Interception; Requirements of Law Enforcement Agencies Die Anforderungen fr die Behrden. Das Dokument wird regelmig an
die zu bercksichtigenden Gegebenheiten angepat. Diese Spezifikation wird schon europaweit von Regulierungsbehrden adaptiert.
*
3GPP
*
133.108 UMTS 3G Security;
2007 GTEN
Handover interface for the lawful interception of telecommunications traffic Erweiterungen fr PES und PSS sind in Arbeit. Wird
verraussichtlich in 2006 fertig. Diese Spezifikation wird schon europaweit von Regulierungsbehrden adaptiert.
*
TS 102 232
*
19
2007 GTEN
20
2007 GTEN
LI Data
Processing
Filter
Filter
Data
Collection
Data
Collection
X.25
LEA 1
X.25
ISDN
LEMF 2
ISDN
LEMF 1
NIC
Monitor
Server
Filter
LIM
LIM
Tap
Data
Collection
LIM
LIM
Flow
Mirror
LIM
Network
LIM
Tap
LEA 2
Administration
DCFU
LEA n
Internet
LEMF n
21
Hand Shake Interfaces, designed many years ago for voice application
Level
Functional Units
GTEN Unit(s)
Operator
HI 1
Interface
Management
HI 2
Provisioning
HI 3
Delivery
Probe
Tap
Network
2007 GTEN
IP
22
Radius
Server
VoIP
Gateway
ISDN
Mail
Server
Front-end
DCFD
(TCP/IP Filter)
Monitored
Provider
AMADO
(ATM Filter)
GEMINI
(VoIP)
LI GATEWAY
Encryption
Back-end
2007 GTEN
POSEIDON
LEA
MONITORING CENTER
Mediation
Decryption
Internet
Interfaces
DAVIATH
ISDN
23
2007 GTEN
Together with a friend (Dr. Kornel Terplan) have written a book last year
describing LI Technology and Methods plus Solutions from all over the world
As a result of the gained Knowledge our new LI Technology Concept was born
24
2007 GTEN
25
2007 GTEN
26
NGSP
Apps
ASP
Apps
Content
Apps
Policy
Enforcement?
Common Services
Infrastructure
Intelligent IP
Transport
Policy
Enforcement incl..
Law Ful Interception
OA&M
2007 GTEN
27
2007 GTEN
MAC
IP Header
TCP
Payload
28
2007 GTEN
High-Speed Integrated
Sensor
Intercept
& Control
DNS Protection
Content Control
Infrastructure Protection
P2P Control
29
Market Conditions
10 Gb
GTEN
and new Technology
??
5 Gb
1 Gb
Appliances
Servers &
Server-based
Appliances
<1Gb
Single-Function
Fixed-Function
2007 GTEN
Flexible
Multi-Function
30
IP Services Control
GTEN taking care for old and new demands
Security
Service Control
L2-L7 analysis
P2P Control
Tiered Services
Transport
Aggregation
Routing
Switching
2007 GTEN
31
IP Services
Delivery Requirements
Adaptable, Scalable
Processing Resources
Interception as
part of Service
Delivery
Peer-2-Peer Ctrl
VoIP Control
Content Filter
Traffic Analysis
Access Control
Security Apps
Applying
Applying the
the development
development approach
approach from
from IT
IT software
software industry
industry to
to telecoms
telecoms
2007 GTEN
32
2007 GTEN
33
Value Proposition
2007 GTEN
34
Revenue opportunity
directly linked with pace
and number of services
rolled-out
Capex breakeven in
under 12 months for
each service
Differentiate your
business via:
! Services mix
! Ease of
deployment
2007 GTEN
35
Radius
Server
VoIP
Gateway
ISDN
Mail
Server
Front-end
DCFD
(TCP/IP Filter)
Monitored
Provider
AMADO
(ATM Filter)
GEMINI
(VoIP)
LI GATEWAY
Encryption
Back-end
2007 GTEN
POSEIDON
LEA
MONITORING CENTER
Mediation
Decryption
Internet
Interfaces
DAVIATH
ISDN
36
leased lines
BAS 2
4x GE
2x GE
2x GE
4x Rx
BAS1
2x Tx
BAS2
2x GE
2x GE
2x Rx
BAS2
4x Tx
BAS1
Dial-up
2x TX
BAS2
4x LL
4x dial
7x Aggregator GigE
1x Aggregator FE
3x GS-4000
Filtering & Target Detection
All Emails
3x POSEIDON
GE-Fiber Recording
11TB Storage
Switch
LTO-2 Archiving
Changer
2007 GTEN
Archiving-Server
ISP location
IMC location
GS-4000
Target / Filter
Administration
Storage-Server
1x exisiting
POSEIDON FE
10 x Analysis Workstations
37
Philosophy:
2007 GTEN
38
Login Screen
2007 GTEN
39
2007 GTEN
40
POSEIDON Applications
2007 GTEN
41
POSEIDON Architecture
PC Browser
Statistics Generator
Recorder
Kernel
POSEIDON
Apache WEB-Server
2007 GTEN
42
Reconstruction of IP-data
Protocols
Frame Relay, HDLC, Cisco HDLC, PPP, BayPPP, MLPPP, VLAN (ISL & IEEE
802.1q), Ethernet (IEEE 802.3), IP, ATM & IP, PoS & IP, WCP and STAC
! Ethernet
IP
UDP
ICMP
TCP
- FTP
-
HTTP
SMTP
POP3
IMAP4
TELNET
CHAT / IRC
VoIP (optional)
2007 GTEN
44
2007 GTEN
45
2007 GTEN
46
2007 GTEN
47
2007 GTEN
48
2007 GTEN
49
2007 GTEN
50
Audio / Video
Playback Buttons
2007 GTEN
51
leased lines
BAS 2
4x GE
2x GE
2x GE
4x Rx
BAS1
2x Tx
BAS2
2x GE
2x GE
2x Rx
BAS2
4x Tx
BAS1
Dial-up
2x TX
BAS2
4x LL
4x dial
7x Aggregator GigE
1x Aggregator FE
3x GS-4000
Filtering & Target Detection
All Emails
3x POSEIDON
GE-Fiber Recording
11TB Storage
Switch
LTO-2 Archiving
Changer
2007 GTEN
Archiving-Server
ISP location
IMC location
GS-4000
Target / Filter
Administration
Storage-Server
1x exisiting
POSEIDON FE
10 x Analysis Workstations
52
Access Network
Aggregation Network
S
e
r
v
I
c
e
s
10GbE
App
Server
App
Server
App
Server
Internet
Requiring 10Gbps of:
! Inspection;
! Classification; and
! Control
CIR
CIR is
is forecasting
forecasting the
the market
market for
for 10-Gbps
10-Gbps ports
ports on
on telecommunications
telecommunications
and
data
communications
equipment
will
grow
from
221,000
and data communications equipment will grow from 221,000 ports
ports in
in 2006
2006
to
1.2
million
by
2010;
Light
Reading,
Nov
2005.
to 1.2 million by 2010; Light Reading, Nov 2005.
2007 GTEN
53
3rd Party
Svc Modules &
Applications
Policy Management
DoS
Mitigation
APIs
(Soap, HTTPS, RMON, ODBC, ?)
Northbound
APIs
Service
Modules
MLS
Guard
Svc #1
Svc #2
Svc #3
System APIs
System APIs
Built-in Security
System Security
Svc #4
UTM
Content
& RegEx
Engines
Stream
Protocol
Processing
Accelerators
Accelerator
IDS
Linux-based OS
RAVE Virtual Machine
Line Rate
Execution
Resources &
Controls
VoIP
Intercept
Standards-based
Service Dev. Environment
Silicon
Database
54
2007 GTEN
55
Controlled IP Network
Selective Monitoring
Through Application
Layer Route Manipulation
Traditional IP
Traffic Mirroring
and Monitoring
56
Internet
OSS Provisioning
Aggregation
Routers
Attack Target
2007 GTEN
57
Malware Mitigation
- Web Anti-Virus (Kaspersky, etc.)
- Web Protection and IPS
- Adware, Spyware, Bots
- Email, Webmail, FTP
2007 GTEN
58
Scalable Deployments
Attack
ISP C
Traffic
AS
250
ISP E
AS 350
PeakFlow SP / MSM
Border
Routers
Flexibility
- Extensible Mitigation Techniques
- Netflow Generation
- Content Based Scrubbing
- Additional Services Capabilities
Backbone
Routers
Cleaned Traffic
CE Routers
NetFlow
NetFlowData
Data
Filter
Instructions
Filter Instructions
Sampled
SampledTraffic
Traffic
iBGP
iBGPRoute
RouteUpdate
Update
Attack Target
2007 GTEN
59
Benefits:
2007 GTEN
60
Data APIs
(Reporting / Provisioning)
DPPM
SILICON
Pattern Protocol
DATABASE Matching Engines
RAVE Application Logic
PKT
PKT
PKT
2007 GTEN
PKT
PKT
PKT
PKT
PKT
PKT
PKT
61
Voice Services
Voice
Applications
Enterprise Data
Data
Services
Consumer Data
Internet
Access
OSS/BSS
Integration
OSS/BSS
Integration
OSS/BSS
Integration
PSTN
Packet
Broadband
/ Wireless
NGSP
Apps
ASP
Apps
Content
Apps
Common Services
Infrastructure
Intelligent IP
Transport
OA&M
OA&M
Costly
Slow to Market
Closed
One-size-fits-all
2007 GTEN
OA&M
OA&M
Focus of
differentiation
Efficient
Rapid Response
Open
Personalized
62
leased lines
BAS 2
4x GE
2x GE
2x GE
4x Rx
BAS1
2x Tx
BAS2
2x GE
2x GE
2x Rx
BAS2
4x Tx
BAS1
Dial-up
2x TX
BAS2
4x LL
4x dial
7x Aggregator GigE
1x Aggregator FE
3x GS-4000
Filtering & Target Detection
All Emails
3x POSEIDON
GE-Fiber Recording
11TB Storage
Switch
LTO-2 Archiving
Changer
2007 GTEN
Archiving-Server
ISP location
IMC location
GS-4000
Target / Filter
Administration
Storage-Server
1x exisiting
POSEIDON FE
10 x Analysis Workstations
63
Question?
2007
2007
GTEN
GTEN
64
65