Re: [nznog] TICSA and lawful intercept

On 5/06/2018, at 8:42 PM, Tarus BALOG wrote:

On 06/01/2018 02:12 AM, Cameron Beattie wrote:

...

Has any progress been made on a collaborative effort to address the TICSA requirements?

I'm not sure if this will help, but we have a new project for collecting flow data from network devices. The flows are put into an Elasticsearch database and examined using Grafana.

https://wiki.opennms.org/wiki/DevProjects/Drift

This was included in last week's Horizon 22 release. This could be used to track meta-data (who is talking to whom using which protocol and transferring how much data) which I assume would help meet TICSA requirements.

No, TICSA compliance is not the nail for that hammer. Full packets are required, not flow data. -- Nathan Ward