TICSA and lawful intercept

newer
Spoofer Report for NZNOG for May...

older
ASB Bank NOC contact

Cameron Beattie

31 May 2018 31 May '18

1:12 p.m.

Has any progress been made on a collaborative effort to address the TICSA requirements? Regards Cameron

Attachments:

attachment.htm (text/html — 594 bytes)

Show replies by date

Richard Nelson

31 May 31 May

1:39 p.m.

Yes, lots. https://openli.nz On 1/06/18 6:12 PM, Cameron Beattie wrote:

...

Has any progress been made on a collaborative effort to address the TICSA requirements?

Regards

Cameron

_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz https://list.waikato.ac.nz/mailman/listinfo/nznog

Hi all As the TICSA buzzword has popped up again I just wanted to add a bit to this. OpenLI are currently nearing a product that can meet our requirements as network operators under TICSA. Namely data intercepts and voice intercepts. We are working closely with the police on the compliance side of this. To be clear, the final product will be released as open source code at some stage (on your favourite Microsoft code platform ;) ) Funding for this project is still useful and can be put to good use. Orgs that fund this software get early (beta) access to the software and will have their LI requirements met where possible. You may also get direct access to the OpenLI code monkeys. At the moment we are purely being supported by private industry funding and NZIX (AKL-IX) funding. Other funding applied for was declined. You can find some fools talking about LI here from about 1:02 onwards - https://www.youtube.com/watch?v=pRXdv-CaVjA You will also likely hear more about OpenLI if you attend the NZIX AGM later this month. Cheers Dave On Fri, Jun 1, 2018 at 6:39 PM, Richard Nelson wrote:

...

Yes, lots.

https://openli.nz

On 1/06/18 6:12 PM, Cameron Beattie wrote:

Has any progress been made on a collaborative effort to address the TICSA requirements?

Regards

Cameron

Tarus BALOG

1:42 a.m.

On 06/01/2018 02:12 AM, Cameron Beattie wrote:

...

Has any progress been made on a collaborative effort to address the TICSA requirements?

I'm not sure if this will help, but we have a new project for collecting flow data from network devices. The flows are put into an Elasticsearch database and examined using Grafana. https://wiki.opennms.org/wiki/DevProjects/Drift This was included in last week's Horizon 22 release. This could be used to track meta-data (who is talking to whom using which protocol and transferring how much data) which I assume would help meet TICSA requirements. More info here: https://docs.opennms.org/opennms/branches/develop/guide-admin/guide-admin.ht... We have production systems collecting 100K flows/sec with the ability to collect up to 250K flows/sec depending on the size of the Elasticsearch cluster. Dunno if this helps but since OpenNMS is 100% free software I wanted to let folks know about it. -T -- Tarus BALOG, Maintainer Main: +1 919 533 0160 The OpenNMS Group, Inc. Fax: +1 773 345 3645 Email: tarus(a)opennms.org URL: http://www.opennms.org PGP Key Fingerprint: AFA1 DDA2 24B0 4B61 8D76 9CC7 91F4 79A0 FBF2 DC21

Nathan Ward

1:46 a.m.

...

On 5/06/2018, at 8:42 PM, Tarus BALOG wrote:

On 06/01/2018 02:12 AM, Cameron Beattie wrote:

...
Has any progress been made on a collaborative effort to address the TICSA requirements?

I'm not sure if this will help, but we have a new project for collecting flow data from network devices. The flows are put into an Elasticsearch database and examined using Grafana.

https://wiki.opennms.org/wiki/DevProjects/Drift

This was included in last week's Horizon 22 release. This could be used to track meta-data (who is talking to whom using which protocol and transferring how much data) which I assume would help meet TICSA requirements.

No, TICSA compliance is not the nail for that hammer. Full packets are required, not flow data. -- Nathan Ward

Tarus BALOG

1:51 a.m.

On 06/05/2018 02:46 PM, Nathan Ward wrote:

...

No, TICSA compliance is not the nail for that hammer.

Full packets are required, not flow data.

Got it - sorry for the noise. -T -- Tarus BALOG, Maintainer Main: +1 919 533 0160 The OpenNMS Group, Inc. Fax: +1 773 345 3645 Email: tarus(a)opennms.org URL: http://www.opennms.org PGP Key Fingerprint: AFA1 DDA2 24B0 4B61 8D76 9CC7 91F4 79A0 FBF2 DC21

Simon Allard

8:35 a.m.

You forgot the important bit 😊 "In ETSI Format" 😊

...

I'm not sure if this will help, but we have a new project for collecting flow data from network devices. The flows are put into an Elasticsearch database and examined using Grafana.

https://wiki.opennms.org/wiki/DevProjects/Drift

This was included in last week's Horizon 22 release. This could be used to track meta-data (who is talking to whom using which protocol and transferring how much data) which I assume would help meet TICSA requirements.

No, TICSA compliance is not the nail for that hammer. Full packets are required, not flow data. -- Nathan Ward Simon Allard | Development & Operations Manager D: +64 9 550 2790E: Simon.Allard(a)vocusgroup.co.nz M: +64 20 1000 790W: vocusgroup.co.nz A: Level 2, 1-7 The Strand, Takapuna 0622 _______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz https://list.waikato.ac.nz/mailman/listinfo/nznog

Michael Fincham

5:03 p.m.

On Wed, 6 Jun 2018 01:35:45 +0000, Simon Allard wrote:

...

"In ETSI Format" 😊

It's probably better that one of the people more closely associated with the project talk about it in more detail, but the OpenLI Project (https://openli.nz/) is making progress. I've seen the code! I suspect the right people already follow the list so hopefully one of them can give a more official update. -- Michael

2392

Age (days ago)

2397

Last active (days ago)

List overview

Download

7 comments

7 participants

participants (7)

Cameron Beattie
Dave Mill
Michael Fincham
Nathan Ward
Richard Nelson
Simon Allard
Tarus BALOG