OTT VoIP

VoIP – Introduction

Voice traffic has been the main telecom service in OTT VOIP since the inception of mobile telephony. It is still relevant and is increasing as well in this day and age of mobile data and IP-based technology.

VoIP Calls can be captured by a Lawful Interception at an ISP and distributed to authorized Lawful Interception. VoIP Interception is a term used to describe when a provider delivers audio over an IP network (such as the internet), by passing the traditional operator’s network completely.

VoIP providers are a growing factor within telecommunications networks, with advances in technology such as smartphones, high-speed IP networks, and open-source platforms all fueling the increase in adoption rates.

VoIP – Lawful Interception

Lawful Interception of VoIP is a complex process with challenges like :

  • Many parties are typically involved in transporting data over the Internet.
  • Target source & destination identities of the information flow are embedded within the overall flow of data.
  • Target & Non-target data are tightly intermingled in the bit flows at numerous points throughout the Internet.
  • The separation of applications and relevant data from the overall data stream.
  • Lack of standards implementations.
  • There are limited network elements which can provide IRI and CC of the target.

Overcoming the above challenges and complying 100% to international standards PertSol offers non- intrusive passive interception approaches for the interception of VoIP calls. Supporting real time fanout of voice calls for LEA’s over SIP or E1.

Our Solution support various type of interception traffic for OTT platforms used IMS domain (IP Multimedia Subsystem):

  • Voice calls (VoIP)
  • Video calls
  • Video conferencing
  • Call forwarding or multi-participant calls
  • SMS
  • Data Flow

The PertSol’s iNtercepter solution support both Mass and Target centric interception of the traffic depending upon the MNO’s network and requirement:

  •  Interception via SBC
  • Interception via Edge routers
Passive Interception

In Passive Interception, PertSol uses its iNteliProbe which functions as an LI Access Point and investigates the tapped traffic data.

PertSol’s iNteliProbe is the state of the art passive probes providing interception support for vast range of protocols, network type, filtering capabilities, metadata analysis etc.

Advance Features:

  • Support for 100Gbps duplex traffic in single probe.
  • Support L2 to L7 network traffic filtering and Analysis.
  • Deep packet inspection (DPI) for traffic to provide InSite info like Apps detail, URL categorization etc.
  • Support more than 10,000 concurrent VoIP calls.
  • Automated re-provisioning for detecting network changes.
  • Stealthily intercept the traffic without revealing its identity.

It requires passive taps at appropriate point like SBC or Edge routers to mirror the complete traffic. LIM Generic functional architectural solution flow for interception:

Enabling cities worldwide to access lifesaving location technology

Situation Analysis
Building solutions for a better quality of life.
Pert Telecom Solutions (PertSol) creates best-in-class custom software applications and offers professional project management services. With offices in Mumbai and Gurugram, India, PertSol focuses on innovation for telecoms and government agencies.
PertSol’s expertise lies in Telecom Core Network (TCN), Telecom Compliance Management (TCM) and Internet of Things (IoT) solutions. In TCN and TCM services, PertSol’s technology helps telecom service providers effectively and efficiently run their networks while ensuring compliance with regulatory requirements. Increasingly, PertSol is using this expertise to design locationbased services (LBS) for telecom companies to integrate into their offerings.
Making the world more secure.
PertSol began developing LBS solutions, believing they could make the world a safer place in the face of rapid urbanization. LBS solutions can help with emergency call tracking, effective fleet management, location-based advertising and other locationbased, value-added services.
Fulfilling the need for a global partner.
Given the number of “smart cities” projects worldwide that are helping improve urban living, PertSol’s goal was to launch its LBS solution, called iLocator, quickly. The one major hurdle to overcome was the need for an original equipment manufacturer (OEM) partner with global services and an open-architecture approach to help launch iLocator. Moreover, the PertSol team wanted the peace of mind that while it focused on developing solutions, its OEM partner would be committed to designing an in-market solution that would differentiate iLocator, increasing its potential for success.
Design Partnership
Partnering with Dell Technologies OEM Solutions.
Working together, OEM Solutions assisted PertSol in designing and implementing the iLocator platform, which includes Dell EMC PowerEdge servers, PowerScale storage, networking solutions and OptiPlex desktops. “From the start, Dell Technologies OEM Solutions was committed to the success of PertSol’s iLocator,” says Gurjot S Sandhu, director and chief business officer at PertSol.
Making LBS intelligent across the world with OEM Solutions.
  • Ensuring class-leading solution performance to help differentiate iLocator from competing solutions.
  • Sharing engineering expertise with the PertSol team to maximize the efficiency of development processes.
  • Assisting PertSol in launching iLocator globally.
  • Helping PertSol’s customers deploy iLocater faster, saving 7-9 months on average.
“Dell Technologies OEM Solutions’ technical support was critical during deployment, and together we ensured iLocator was tested and validated to meet the high standards of telecom companies and government agencies worldwide.”
The partnership between Dell Technologies OEM Solutions and PertSol created a new in-market iLocator design for the platform’s global audience. Support from OEM Solutions included the following:
Gurjot S Sandhu
Director and Chief Business Officer
Pert Telecom Solutions
Outcome
Ensuring cities are safer.
Bharat Sanchar Nigam Limited (BSNL), which owns one of the largest telecom networks in India, is deploying iLocator to support location-based services for all of its mobile networks. iLocator will help BSNL pinpoint the locations of its mobile subscribers across India and will be able to share it with Law Enforcement Agencies for national security, Emergency Services for sending rescue/relief teams and other location-based applications for the commercial use of location services.
Expanding to increase safety in growing populations.
PertSol is now leveraging OEM Solution’s global program management to expand iLocator into Africa and South America. Comments Sandhu, “Multiple engagements are under way for iLocator as telecom companies use LBS to deliver social good among growing populations and pinpoint callers’ positions, which can mean the difference between life and death.”

IPDR Management

NEED FOR IPDR SYSTEM
Introduction

With a tremendous surge in mobile data usage & shift in the telecom industry from voice to data, all service providers are moving towards an IP network that delivers voice, data, video & mobile applications. Therefore, to safeguard the public from threats like cyber-crime, cyberbullying, cyber terrorism etc. & to help LEAs with their investigations, Regulatory Authorities across the globe have recommended TSPs/ISPs to gather metadata information of their users which may help LEAs with their investigations & Intelligence generation.
In addition, this info can also help enterprises for building future growth strategies including trading,
buying, and selling data to gain insights and drive profits. MetaData generated is being used to create
predictive models, automated processes, and predictive analytics for the subscriber database.

Tracing IP addresses to subscriber devices and their actual users can be very detrimental in investigating
and fighting modern-day crimes. In the current scenario, with everyone leaving a digital footprint finding the
source IP address, TCP port number, date, and time of session can lead to criminals.

Therefore, service providers need an IPDR System /IP Log Management System in their network which shall support Government Agencies by gathering and managing IPDR (Internet Protocol Detail Record) logs of the subscribers and help provide the data which can become the building block of LEAs’ investigations
& intelligence generation.

iSecureHL

IPDR Management Platform

PertSol iSecureHL is a fully automated IPDR management system that offers consistent and high-quality IP Logs across the operator’s network domains. It is a web-based system that fetches data from various sources like Internet Traffic, GTP traffic, CGNAT Logs, AAA traffic, etc., and stores them in the form of IPDR. It helps telecom CSPs and LEAs in protecting the public against Cybercrime by providing IPDRs.
iSecureHL in combination with PertSol iNteliProbe deliver the most comprehensive monitoring solutions.
It can simultaneously monitor Internet Traffic for the control plane and User plane. Packets can be captured
via interface cards that support 10G, 40G, 100G interfaces. It is also capable of decoding captured traffic
from layer 2 to layer 7.

TYPICAL DEPLOYMENT ARCHITECTURE
KEY FEATURES

Solution With Excellent Capabilities

ipdr-key-features-5
Download

VoLTE Lawful Interception

VoLTE – Introduction

VoLTE Lawful Interception has been the main telecom service since the inception of mobile telephony. It is still relevant and is increasing as well in this day and age of mobile data and IP-based telecom technology. In Evolved Packet System (EPS), which is completely IP-based technology, delivering voice service can only be realized using either Circuit-Switched Fallback (CSFB) or Voice over LTE (VoLTE).
While CSFB offers voice services to LTE interception users without utilizing IMS by temporarily moving the user from the LTE network to a legacy network i.e. 2G/3G system which can then serve voice calls over a circuit-switched network. Whereas VoLTE is a digital packet voice service that is delivered over IP via an LTE access network utilizing IMS (IP Multimedia Subsystem) technology.

VoLTE: Lawful Interception

Lawful Interception of VoLTE is a complex process as a VoLTE call invokes two systems, i.e. EPC and IMS. Moreover, there are multiple network elements in these two systems that can provide IRI and CC of the target. PertSol offers two different approaches for the interception of VoLTE calls depending upon the MNO’s network and requirements:

i. By Interception of EPC nodes
ii. By Interception of both EPC and IMS nodes

Lawful Interception through EPC Nodes

MNO’s which already has an existing LI solution for its IMS system can use this approach. In this approach, PertSol will provide its LI solution (iNterceptor) which will intercept the EPC traffic (including VoLTE) by integrating with the EPC nodes (Intercept Access Points) like MME, SGW and PGW. It also facilitates the VoLTE interception for inbound roamers using S8HR interception as explained in below section. 

Lawful Interception through EPC & IMS Nodes

PertSol iNterceptor can also be implemented as a combined LI solution for both IMS and LTE network of an MNO. This approach will involve integration with IMS IAPs in addition with the EPC IAPs explained in the first approach.

The IMS access points that will be integrated for VoLTE interception are CSCF, BGF, TAS and MGW.

Lawful Interception: VoLTE Roaming Scenario

VoLTE roaming can be carried out using two ways, as defined in 3GPP specifications:

i. Local Breakout (LBO): Local Breakout mechanism requires the visited network to have an IMS system in its network. In LBO the roaming user is connected to the PDN-GW of the visited network and all the traffic is transported via visited network’s PDN-GW, without using the PDN-GW of home network.

ii. S8 Home Routing (S8HR): S8HR makes use of the home network PDN-GW and does not require the visited network to have an IMS system. The roaming user traffic is to the PDN-GW of home network, via S-GW of visited network, which then forwards it to the IMS network for completing the call.

S8 Home Routing (S8HR) is the preferred VoLTE roaming architecture of most of the mobile network operators as it does not dependent on the IMS system of the visited network. PertSol offers two ways of intercepting VoLTE calls for inbound roamer in S8HR roaming scenario:

i. Active Interception – By using BBIFF functionality of SGW

ii. Passive Interception – By intercepting S8 interface

S8HR Active Interception

PertSol iNterceptor is capable of intercepting the VoLTE calls of inbound roamer by providing LI Mirror IMS State Function (LMISF). For active interception of VoLTE calls, the SGW shall support BBIFF functionality (Bearer Binding Intercept and Forward Function). This approach is as per 3GPP TS 33.107 specifications and the recommendations of GSMA PRD IR.65. It requires implementation of proprietary interfaces Xia / Xib. Moreover this approach can also be extended to 5G with minor changes.

S8HR Active Interception
S8HR Passive Interception

In S8HR Passive Lawful Interception, PertSol uses its iNteliProbe which functions as an LI Access Point and investigates the traffic data tapped from the S8 interface between S-GW of the visited network and PDN-GW of the home network. It requires passive taps at the appropriate point in the VPLMN to duplicate the complete S8 traffic. This approach can also be used for 5G (N9 interface) or 5G Interception.

S8HR Passive Interaction
iNterceptor Benefits

ILD Interception

ILD- Interception
Need of LI for IPLC

ILD Interception is a complete solution that is capable of handling both circuit switch and packet switch traffic from both legacies as well as the latest telecom technologies. Telecom Regulators mandate every service provider to implement a Lawful Interception System to facilitate the interception of all kinds of interfaces over which Leased Line services are provided by the operator based on the criteria defined by Law Enforcement Agencies. Also, as per the License granted to the IPLC provider, it is mandatory for the operator to fulfill the following Lawful Interception: 

The Licensee shall take IPLC from the licensed ILDOs. The interception and monitoring of Resellers circuits shall take place at the Gateway of the ILDO from whom the IPLC has been taken by the Licensee. 

The provisioning for Lawful Interception & Monitoring of the Resellers’ IPLC shall be done by the ILD Operator and the concerned ILDO shall be responsible for Lawful Interception and Monitoring of the traffic passing through the IPLC. The Resellers shall extend all cooperation in respect of interception and monitoring of its IPLC and shall be responsible for the interception results. The Licensee shall be responsible to interact, correspond and liaise with the licensor and security agencies with regard to the security monitoring of the traffic.  

The Licensee shall, before providing an IPLC to the customer, get the details of services/equipment to be connected on both ends of IPLC, including type of terminals, data rate, actual use of circuit, protocols/interface to be used etc. The Resellers shall permit only such type of service/protocol on the IPLC for which the concerned ILDO has capability of interception and monitoring.

Without prejudice to the liability of ILDO, the Licensee shall pass on any direct request placed by security agencies on him for interception of the traffic on their IPLC to the concerned ILDOs within two hours for necessary actions.  

The Licensee shall ensure that necessary provision (hardware/ software) is available in their equipment for doing the Lawful interception and monitoring from a centralized location. 

The Licensee shall provide at its own cost technical facilities for accessing any port of the switching equipment at the HUB for interception of the messages by the designated authorities at a location to be determined by the Licensor.  

iNterceptor: Lawful Interception of IPLC Network

PertSol iNterceptor is a unified Lawful Interception System for network operators and service providers which is fully compliant with international standards and has a proven track record. It is a complete solution that is capable of handling both circuit switch and packet switch traffic from both legacies as well as the latest telecom technologies including PSTN, 2G, 3 G, 4G, 5G, NGN, IMS, IPLC, and others.

The core purpose of iNterceptor is to intercept the traffic and convert intercepted traffic into a format suitable for delivery to National Authorities or Law Enforcement Agencies, over a secure network. It can also retain the intercepted traffic for future use by the LEAs.

PertSol iNterceptor platform along with iNteliProbes intercepts the IPLC traffic using the probes that capture the data and intercept the required information and transmit it towards the LEA through LI Mediator & Management platform situated at the central monitoring location. The mediator server carries out the reconstruction of entire TCP traffic for various protocols including HTTP, Telnet, FTP, POP3, SMTP, NNTP, and many other unencrypted protocols. SSL decoding is also supported wherein private keys are available. iNterceptor solution is designed to change and adapts as per the latest network upgradation and technologies. It protects investments through its modular setup, accommodating network expansion as well as network changes. It can also integrate with existing Lawful Interception Solution incorporating it into a centrally managed unified solution.
Supported Standards & Regulations:
Supported Standards & Regulations'
IPLC - LIMS Architecture
iplc-ims-architecture
Interception Criteria

iNterceptor is capable of intercepting content using the criteria below:

  • MAC Address
  • ATM Address/X25Address (If in network)
  • L2VPNIdentifier
  • Source IP (IPv4, IPv6)
  • Destination IP (IPv4, IPv6)
  • VOIP Identifier
  • Subnet IP Address
  • LL Circuit Number
  • LL Channel Number
  • L3 VPN Identifier
  • TCP Port number & range
  • UDP Port number & range
  • SCTP range
  • Radius, AAA and DHCP username
  • Chat Nickname – For unencrypted traffic if available
  • Email Address (SMTP, POP3, IMAP4)
  • Web mail (To, From, CC)
  • URL Address
  • IM-ID
  • IM Group
  • Keyword (case Insensitive)
  • User Group (i.e. Yahoo user group)
  • Phone number (including VOIP)
  • SIP (URI/Phone/Email)
  • Leased Line (Circuit/Channel Number)
  • MPLS Tag (RD/RT+IP address)
  • STM Link ID
  • Customer Location
  • STM Channel Number

iNterceptor can intercept content using any combination of the above-mentioned criteria which includes boolean condition (AND, OR, NOT etc.). It is also possible to group targets on the basis of the following rules:

Packets originating from or destined to an IP - Sub-network
Packets between two specific IP–Sub-network
Packets originating from a specific IP address (client or server) and port-range
Packets destined to a specific IP address (client or server) and port-range
Supported Traffic for Interception

Our solution discovers and collects data based on IPv4 or Ipv6 internet access. IP access can be static IPv4/IPv6 addresses or subnets, DHCP assigned via MAC address or RADIUS login.

  • ITU-T H.323, H.248, G.711, G.722.2, G.723.1, G.726, G.728, G.729AB
  • SIP + RTP,
  • SIP + SRTP,
  • SIP over TLS + RTP
  • SIP over TLS and SRTP
  • RTP header Compression systems with and without extensions
  • Packetized GSM and Data Traffic over TDM and IP
  • De-multiplexing of voice sent over IP with and without RTP header
  • De-multiplexing of Bundling of Multiplexed IP traffic which contains TCP, UDP, SCTP etc, traffic over fixed ports

Our solution can discover and collect data based on target’s email activity. It supports email based on SMTP, POP3 and IMAP4. The monitored traffic can be all emails or can be specified as target email id like abc@domainname, local name (at any domain), @domainname (any local name on this domain). Targets can be specified as receiver of emails (including CC & BCC) or sender of email or both. Our system collects the email session, the full email and its attachments.

Our solution can also monitor and collect data from webmail. The webmail session is captured and decoded with the information extracted and delivered in RFC822 format (email text, folders, drafts) and byte stream with metadata (attachments).

Some of the supported email protocols are SMTP, POP3, IMAP4, Windows Live Email, QQ mail, Lotus Notes, Thunderbird mail system and other commonly used systems.

Our solution is capable of collecting data for all IM/Chat activity. Options for delivered traffic includes key IM/Chat events, or the full IM/Chat session, including (when possible) advanced features such as audio, video, and file sharing, formatted using RFC 3920/3921 XMPP for IM/Chat text and presence information, video files, summary information, and events.

Our solution can detect and collect based on DNS domain lookups and HTTP/HTTPS traffic based on URL, HTTP header and SSL handshakes. Traffic can be discovered and collected for all web activity or can be specified with targeting information including the client, a website or a specific type of traffic.

Our solution can detect and collect data based on file transfer activity such as FTP, BitTorrent, Gnutella, SMB V1/V2 and others.

Supports fax over IP that use ITU-T T.37, T.38

Our solution can detect and collect encrypted information such as certificates, Public Key, Encryption, Authentication and integrity algorithms, Server Key and Session key information. Some of the encrypted algorithms supported by our system are DES, 3DES, AES-128, AES-256. It also supports SIP over SSL, POP3 over SSL, HTTPS, OpenSSL, Openswan and other encrypted traffic provided their keys are available.

iNterceptor Benefits
  • High Performance Mediation: iNterceptor is capable of handling network with very high throughput requirements. It can handle multiple 100 Gbps links and is capable of selecting required traffic from these links.

  • Integrity Check Mechanism: The integrity check mechanism periodically checks the network elements and if required correct the erroneous states. It will query the network element for the placed intercepts and add missing intercepts, remove invalid intercepts, etc. This mechanism is used to detect and correct both network flaws as well as tampering with the interception solution. In case of correction of an erroneous state, this will be notified to the operator.

  • Extensive Interface Adapters: iNterceptor has a vast range of Input/Output adapters which makes it compatible with all the available access technologies and network equipment of all the major equipment providers.

    By allowing multiple Input and Output Adapters to be combined in one system, iNterceptor can be configured to support any situation, even mixing circuit switched and packet switched technologies in the same system. If required, customerspecific Input or Output adapters can be developed. Because of the true modularity of the iNterceptor, these specifically developed adapters can generally be offered at the same price as a standard license.

    Due to its design philosophy, iNterceptor can support hybrid networks with equipment from different vendors on same server. When networks grow or change, iNterceptor can easily be extended to cater for the growth in traffic volumes or new types of network elements.

  • Compliance: Unified solution for all interception requirements of a service provider which is compliant to international standards like 3GPP, ETSI, ATSI, ANSI, CALEA and others. It also complies with local LI regulations of many countries across the world.

  • Proven Field Record: PertSol’s LI is a proven and mature solution that continues to benefit from functional enhancement and feature evolution. It has been deployed in varied networks, enabling TSPs / Law Enforcement Agencies to benefit.

Hosted GMLC Provider

An Approach to improve location identification success ratio of PSAP/Emergency service callers

Presently, the PertSol iLocator GMLC Provider sends a request to the TSP’s LBS platform for the caller’s location. The location coordinates availability depends on TSP’s LBS platform. The caller’s location can be fetched only if, the TSP has the information generated at its LBS platform. Getting LBS issues resolved at TSP end has been a major challenge in the past months. TSPs compliance is not meeting DOT guidelines in which the failure rate of non-getting lat-longs is more.

A solution to this is “PertSol’s Hosted GMLC or iGMLC ” which generates the location of the distressed caller by querying the TSP’s network and locating the caller. GMLC in telecom stands for Gateway Mobile Location Centre. It enables offering Location Based Services(LBS) to mobile subscribers roaming across several Mobile Network Operator’s Radio Access Networks, regardless of the type of access (GERAN, UTRAN or E-UTRAN). It is an independent service that is integrated with the TSPs network over a secured communication channel. A GMLC can query the TSP network to generate the location of the distressed caller.
iGMLC or hosted GMLC would be an evolved version of present LBS solution

PertSol shall adopt a novel method for location retrieval as per the TSPs network type and architecture. iGMLC can be installed at TSPs premises or at Dial 112 / 100 Data centre, whichever is suitable to the TSP/ Department. We have implemented a similar solution for BSNL North zone.

Current Limitations: Non-Compliance of DoT Guidelines

The emergency services are long-suffering due to TSP issues. TSPs’ are not able to meet the LBS standards as per DOT guidelines in which the failure rate of getting lat-longs is much more than the guidelines. This non-compliance is gravely impacting the emergency services where a timely response is imperative to ensure that help reaches the distressed caller in time. Moreover, the penalties for non-compliance are being imposed on the vendors who are availing TSPs services.

For the past several months, PertSol has been continuously working with TSP teams to improve and maintain better LBS performance. But in spite of our rigorous follow up there is a continuous drop in Performance. In PertSol endeavor to help TSPs improve their LBS performance, it has observed many issues which were regularly shared with their technical team as well for resolution. However, there is still a very big gap between the level of services being offered and the service level expected by the Emergency Services.

Some of the common error that PertSol observed are highlighted below:

Request failed since service subscription is in pending state TimeOut Error MSISDN not subscribed to service Cell Id Error

Position method failure System failure.

Network Failure Subscriber switch off/Not latched

TSP’s Average Performance Month Wise
*PertSol hosted GMLC is integrated with BSNL network for PSAP/Emergency services location identification.
PertSol Hosted GMLC Approach

PertSol’s Hosted GMLC approach will help TSPs’ achieve the desired LBS results as per DoT mandate. PertSol will deploy its iGMLC either at PSAP’s premise or at TSP’s premise and will identify location of the distress caller. It will ensure that TSP’s fulfil the compliance by providing location intelligence as per the standards defined by the regulators.

Some of the key highlights of the proposed iLocator PertSol’s GMLC platform are:

‣ This solution would be able to achieve a higher success rate of 95% to 100%, serving maximum distressed citizens in the state.

‣ There would be no dependencies on TSPs for error resolution or follow-ups to find LBS error resolutions. We shall be handling the issues by ourselves with minimum dependency on the TSPs.

‣ With SDR (Subscriber Data Record) made available online it would be a perfect combination to build a foundation of a robust PSAP system at emergency locations.

Benefits of TSP's