You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Back to Table of Contents

Back to Configuring Various Features on SBC

Back to Configuring SBC For Lawful Interception

In this section:

Related articles:

Overview

Unable to show "metadata-from": No such page "_space_variables"
acting as P-CSCF or I-BCF is configurable to intercept IMS sessions using Lawful Interception (LI)  techniques (legally sanctioned official access to private communications). This feature can also be used in non-IMS deployments to intercept audio, clear mode and fax streams.

At a high level, SBC Lawful Intercept functionality includes:

  • Support of Encapsulation mode (multimedia) for all signaling messages and media streams; Encapsulation mode signifies intercepting the received or sent signaling or media stream, by appending an header with extra information, towards the Mediation Server.
  • Support for SIP URI and DN based interception
  • Support for intercepting RTP media types such as audio, image (fax), clearmode
  • Support for intercepting any SIP signaling messages

  • Support for sending intercepted signaling messages over TCP, using an optional IPSec tunnel

 Perform these steps if not already configured in EMS. The LI license is provisioned before interception, using EMS. For more details to provision LI license, refer to EMS User Guide.

Configuring the Call Data Channel

To configure Call Data Channel (CDC), perform the following steps:

Configure CDC with IP Interface Group

% set addressContext default intercept callDataChannel CDC ipInterfaceGroupName LIG1
commit

Configuring CDC for Intercept Flavor as IMS LI

For other options of configuring the intercept flavor as IMS LI, refer to the section Configuring SBC For Lawful Interception.

% set addressContext default intercept callDataChannel CDC interceptStandard etsi vendorId verint
commit

Configuring CDC for Media Interception Over TCP

% set addressContext default intercept callDataChannel CDC mediationServer MS1 media tcp ipAddress 10.54.78.20 portNumber 65120
commit
% set addressContext default intercept callDataChannel CDC mediationServer MS1 media tcp state enabled mode inService
commit 

Mediation server’s ipInterfaceGroup must be different from other signaling ipInterface groups. This ensures that LI doesn't use signaling ipAddress to send intercepted traffic (media/signaling) towards Mediation Server.

Configuring CDC for Media Interception Over UDP

% set addressContext default intercept callDataChannel CDC mediationServer MS1 media udp ipAddress 10.54.78.20 portNumber 65200
commit
% set addressContext default intercept callDataChannel CDC mediationServer MS1 media udp state enabled mode inService
commit 

The protocolType "udp" is not supported for Signaling interception in this release.

 Configuring CDC for Signaling Interception

% set addressContext default intercept callDataChannel CDC mediationServer MS1 signaling ipAddress 10.54.78.25 portNumber 65300 protocolType tcp
commit
% set addressContext default intercept callDataChannel CDC mediationServer MS1 signaling state enabled mode inService
commit

Configuring CDC for RTCP Interception

% set addressContext default intercept callDataChannel CDC rtcpInterception enabled

The rtcpInterception parameter is visible, when interceptStandard and vendorId is configured as IMS LI

Configuring CDC for "Li Pol Dip For Regd Ood Msg"

The parameter liPolDipForRegdOodMsg when enabled is used to indicate SBC to send policy request to PSX for registered Out-Of-Dialog requests(messages) to be intercepted. When this parameter is disabled, policy request is not sent to PSX for registered Out-Of-Dialog requests (messages).

Enable the support for Policy dip, for registered users out-of-dialog messages, to decide on interception, by executing the command

% set addressContext default intercept callDataChannel CDC liPolDipForRegdOodMsg enabled

The liPolDipForRegdOodMsg  parameter is visible, when interceptStandard and vendorId is configured as IMS LI.

Back to Top

Viewing IMS LI Configuration

Enter the show commands to view the configurations.

View the Intercept Details

View the intercept details, by executing the command:

 > show status addressContext default intercept interceptCallDataChannelStatistics default
primaryChannelStatus    outOfService;
secondaryChannelStatus  outOfService;
StartSuccess            0;
StartFailures           0;
StopSuccess             0;
StopFailures            0;
CallAnswerSuccess       0;
CallAnswerFailures      0;
CallDisconnectSuccess   0;
CallDisconnectFailures  0;
ServiceInstanceSuccess  0;
ServiceInstanceFailures 0;
IndicationSuccess       0;
IndicationFailures      0;
KeepAliveSuccess        0;
KeepAliveFailures       0;
RestartSuccess          0;
RestartFailures         0;
RadiusAckReceived       0;
StartResponsesReceived  0;
[ok]

View the CDC Configuration

View the CDC configuration, by executing the command:

 % show addressContext default intercept callDataChannel CDC
interceptStandard    etsi;
vendorId             verint;
ipInterfaceGroupName LIG1;
mediationServer MS1 {
    media {
        tcp {
            ipAddress  10.54.78.20;
            portNumber 65120;
            mode       inService;
            state      enabled;
        }
    }
}
[ok]

Back to Top

  • No labels