iSecureHL – IP Log Management

iSecureHL-IP Log Management

PertSol’s IP Log Management is a fully automated solution that offers consistent and high-quality IP Logs across the operator’s network domains. With a tremendous surge in mobile data usage and a shift in the telecom industry from voice to data, all service providers are moving towards an all-IP network that delivers voice, data, video, and mobile applications.

Therefore to safeguard the public from threats like cyber-crime, cyberbullying, cyber terrorism, etc., and to help LEAs with their investigations, Regulatory Authorities across the globe have recommended TSPs/ISPs gather traffic information of their users which may help LEAs with their investigations if needed.

Tracing IP addresses to their devices and their actual users can be very detrimental in investigating and fighting modern-day crimes. In the current scenario, with everyone leaving a digital footprint finding the source IP address, TCP port number, date, and time of session can lead to criminals.

Therefore, service providers need an IP Log Management system in their network which complied with Government Norms by gathering and managing the online logs of the subscribers as per Govt. Regulation and help provide the data which can become the building block of LEAs’ investigations.

iSecureHL - Introduction

PertSol iSecureHL is a fully automated solution that  offers consistent and high-quality IP Logs across operator’s network domains. It is a web-based system which fetches data from various sources like Internet Traffic, GTP traffic, CGNAT Logs, AAA traffic etc. and stores them in the form of IPDR Management.It helps telecom CSPs and LEAs in protecting the public against cybercrimes by providing IPDRs.

iSecureHL in combination with PertSol iNteliProbe deliver the most comprehensive monitoring solutions. It can simultaneously monitor Internet Traffic for control plane and User plane. Packets can be captured via interface cards that support 10G, 40G, 100G interface. It is also capable of decoding captured traffic from layer 2 to layer 7.

‣ Generating and storing all IPDRs into a single platform and meet the Regulator’s requirements.

‣ Capturing details of destination IP address as per Regulator’s requirement.

‣ Building IPDRs through correlation of NetFlow data along with IP Data Records generated through packet data capture probe.

‣ Correlating IPDRs with NAT records, to provide complete mapping of Source IP Addresses with translated IP Addresses.

‣ Extracting IPDRs based on key parameters like MSISDN, IMSI, IMEI, Source IP Address and Destination IP Address.

‣ Probing and Decoding Layer 2 to Layer 7 Traffic.

Modular Architecture

PertSol iSecureHL is an integrated automated tool for data collection, correlation and data management. Each of its functions are performed separately by the following modules:

Data Management (DM)

On presentation layer generated event and alarm are tracked and reports & dashboard are generated

   ‣ Tracking & Monitoring UI

        ‣ Dashboard & Report

   ‣ Disclosure Management

        ‣ Interface & Integration

Data Retention (DR)

Automate the storage of collected Data with retention policies to make it available online or offline as per need and event co-relation.

   ‣ Data Identification

        ‣ Data Retention Policy

   ‣ Data Encryption & Decryption

Event Correlation (EC)

EC module aggregates data from the DC Module and
correlates events & data from different sources
to form IPDRs to generates alarm.

   ‣ Event Correlation

        ‣ Alarm Generation

Data Collection (DC)

Automate the data collection & normalization, tapped
through either optical probe or log files of switch or applications
across distributed architecture of hosts and systems.

   ‣ Data Interface

        ‣ Data Loading

   ‣ Data Normalization & Transformation

iSecureHL – Key Features

Advance Search Query – It provides for search based on MSISDN, IMEI, IMSI, Cell IDs (all that are used in session),  Translated IP, Translated Port, Destination IP, Destination Port, Date and time. Multiple inputs are allowed for each of  the parameter wherein we support query of multiple MSISDN/IMSI/IMEI, Source IP, Cell-ID, Destination IP, Source Port, Destination Port by entering comma separated values.

Remote Query Access for LEAs – It has a centralized management system using which all Law enforcement Agencies (LEAs) can query the IPDRs for their investigation. The Lawful Enforcement Agency (Government Agent) can perform Secured. LEAs can run an IPDR query using any of the following methods:

‣ E-Warrant XML based Interface                                                     ‣ API Integration                                                                                    ‣ iSecureHL GUI

‣ CLI                                                                                                       ‣ SMS                                                                                                      ‣ Email

Interoperability and Interfacing – iSecureHL can support interoperability with network elements of all the leading  Network Element Providers of the world, to process their CDR records. It supports all the interfaces required by  operators for the interoperability of IPDR system with the various third party systems.

Data Compression – iSecureHL compresses IPDR by a factor of 20 before storing them for long term retrieval. It uses  multiple level of compressions like Field level de-duplication, Pattern level de-duplication Algorithmic compression and Byte level compression.

File System – iSecureHL has an intelligent file system that enables enhanced features for processed file to protect highly sensitive data and supports optimum storage capacity.

Security – All internal workflows are protected by a number of state-of the-art security measures to assure compliance to privacy laws by means of access control, encryption, integrity checks, and full audit trails. All system data, i.e., CDRs, subscriber data, configuration data, log files, warrants and request details, are kept in encrypted databases. Detailed logging of all user and system events prevent misuse and enable security audits.

IPDR Fields

iSecureHL is capable of delivering IPDRs with all the fields that are asked by the regulators across the world. It provides more around 38 IPDR fields and does not depend upon any third party data sets to generate IPDRs. Some of the IP fields that it delivers are:

S.No.IPDR FieldNetwork Element
1Mobile Subscriber Integrated Digital Network Number (MSISDN)PGW/GGSN
2International Mobile Subscriber Identity (IMSI)PGW/GGSN
3International Mobile Equipment Identity (IMEI/ESN)PGW/GGSN
5Mobile Country Code (MCC)PGW/GGSN
6Mobile Network Code (MNC)PGW/GGSN
7Location Area Code (LAC)PGW/GGSN
9eUTRAN Cell Global Identity (eCGI)PGW/GGSN