OTT VoIP

VoIP – Introduction

Voice traffic has been the main telecom service in OTT VOIP since the inception of mobile telephony. It is still relevant and is increasing as well in this day and age of mobile data and IP-based technology.

VoIP Calls can be captured by a lawful interception system at an ISP and distributed to authorized Lawful Interception. VoIP Interception is a term used to describe when a provider delivers audio over an IP network (such as the internet), by passing the traditional operator’s network completely.

VoIP providers are a growing factor within telecommunications networks, with advances in technology such as smartphones, high-speed IP networks, and open-source platforms all fueling the increase in adoption rates.

VoIP – Lawful Interception

Lawful Interception of VoIP is a complex process with challenges like :

  • Many parties are typically involved in transporting data over the Internet.
  • Target source & destination identities of the information flow are embedded within the overall flow of data.
  • Target & Non-target data are tightly intermingled in the bit flows at numerous points throughout the Internet.
  • The separation of applications and relevant data from the overall data stream.
  • Lack of standards implementations.
  • There are limited network elements which can provide IRI and CC of the target.

Overcoming the above challenges and complying 100% to international standards PertSol offers non- intrusive passive interception approaches for the interception of VoIP calls. Supporting real time fanout of voice calls for LEA’s over SIP or E1.

Our Solution support various type of interception traffic for OTT platforms used IMS domain (IP Multimedia Subsystem):

  • Voice calls (VoIP)
  • Video calls
  • Video conferencing
  • Call forwarding or multi-participant calls
  • SMS
  • Data Flow

The PertSol’s iNtercepter solution support both Mass and Target centric interception of the traffic depending upon the MNO’s network and requirement:

  •  Interception via SBC
  • Interception via Edge routers
Passive Interception

In Passive Interception, PertSol uses its iNteliProbe which functions as an LI Access Point and investigates the tapped traffic data.

PertSol’s iNteliProbe is the state of the art passive probes providing interception support for vast range of protocols, network type, filtering capabilities, metadata analysis etc.

Advance Features:

  • Support for 100Gbps duplex traffic in single probe.
  • Support L2 to L7 network traffic filtering and Analysis.
  • Deep packet inspection (DPI) for traffic to provide InSite info like Apps detail, URL categorization etc.
  • Support more than 10,000 concurrent VoIP calls.
  • Automated re-provisioning for detecting network changes.
  • Stealthily intercept the traffic without revealing its identity.

It requires passive taps at appropriate point like SBC or Edge routers to mirror the complete traffic. LIM Generic functional architectural solution flow for interception:

VoLTE Lawful Interception

VoLTE – Introduction

VoLTE Lawful Interception has been the main telecom service since the inception of mobile telephony. It is still relevant and is increasing as well in this day and age of mobile data and IP-based telecom technology. In Evolved Packet System (EPS), which is completely IP-based technology, delivering voice service can only be realized using either Circuit-Switched Fallback (CSFB) or Voice over LTE (VoLTE).
While CSFB offers voice services to LTE interception users without utilizing IMS by temporarily moving the user from the LTE network to a legacy network i.e. 2G/3G system which can then serve voice calls over a circuit-switched network. Whereas VoLTE is a digital packet voice service that is delivered over IP via an LTE access network utilizing IMS (IP Multimedia Subsystem) technology.

 

VoLTE: Lawful Interception

Lawful Interception of VoLTE is a complex process as a VoLTE call invokes two systems, i.e. EPC and IMS. Moreover, there are multiple network elements in these two systems that can provide IRI and CC of the target. PertSol offers two different approaches for the interception of VoLTE calls depending upon the MNO’s network and requirements:

i. By Interception of EPC nodes
ii. By Interception of both EPC and IMS nodes

Lawful Interception through EPC Nodes

MNO’s which already has an existing LI solution for its IMS system can use this approach. In this approach, PertSol will provide its LI solution (iNterceptor) which will intercept the EPC traffic (including VoLTE) by integrating with the EPC nodes (Intercept Access Points) like MME, SGW and PGW. It also facilitates the VoLTE interception for inbound roamers using S8HR interception as explained in below section. 

Lawful Interception through EPC & IMS Nodes

PertSol iNterceptor can also be implemented as a combined LI solution for both IMS and LTE network of an MNO. This approach will involve integration with IMS IAPs in addition with the EPC IAPs explained in the first approach.

The IMS access points that will be integrated for VoLTE interception are CSCF, BGF, TAS and MGW.

Lawful Interception: VoLTE Roaming Scenario

VoLTE roaming can be carried out using two ways, as defined in 3GPP specifications:

i. Local Breakout (LBO): Local Breakout mechanism requires the visited network to have an IMS system in its network. In LBO the roaming user is connected to the PDN-GW of the visited network and all the traffic is transported via visited network’s PDN-GW, without using the PDN-GW of home network.

ii. S8 Home Routing (S8HR): S8HR makes use of the home network PDN-GW and does not require the visited network to have an IMS system. The roaming user traffic is to the PDN-GW of home network, via S-GW of visited network, which then forwards it to the IMS network for completing the call.

S8 Home Routing (S8HR) is the preferred VoLTE roaming architecture of most of the mobile network operators as it does not dependent on the IMS system of the visited network. PertSol offers two ways of intercepting VoLTE calls for inbound roamer in S8HR roaming scenario:

i. Active Interception – By using BBIFF functionality of SGW

ii. Passive Interception – By intercepting S8 interface

S8HR Active Interception

PertSol iNterceptor is capable of intercepting the VoLTE calls of inbound roamer by providing LI Mirror IMS State Function (LMISF). For active interception of VoLTE calls, the SGW shall support BBIFF functionality (Bearer Binding Intercept and Forward Function). This approach is as per 3GPP TS 33.107 specifications and the recommendations of GSMA PRD IR.65. It requires implementation of proprietary interfaces Xia / Xib. Moreover this approach can also be extended to 5G with minor changes.

S8HR Active Interception
S8HR Passive Interception

In S8HR Passive Lawful Interception, PertSol uses its iNteliProbe which functions as an LI Access Point and investigates the traffic data tapped from the S8 interface between S-GW of the visited network and PDN-GW of the home network. It requires passive taps at the appropriate point in the VPLMN to duplicate the complete S8 traffic. This approach can also be used for 5G (N9 interface) or 5G Interception.

S8HR Passive Interaction
iNterceptor Benefits