[prev in list] [next in list] [prev in thread] [next in thread]
List: voipsec
Subject: Re: [VOIPSEC] mid-span decrypt
From: "Jim Donovan" <jdonovan () covergence ! com>
Date: 2006-05-10 11:54:37
Message-ID: 0D1719326D64BD4E9F92A0C120237678CEF55A () eserv ! covergence ! com
[Download RAW message or body]
Hi Bill -
The media (voip, video, IM chat, etc.) recording functions of the
Covergence appliance are typically only activated based on demand (using
policy or dial prefix). For example, if the network operator received a
court order to target a particular individual, a policy could be
activated that would target only that individual. The policy
mechanism is also granular enough to only record calls that (for
example) are between a U.S. subscriber and PSTN or VOIP subscriber
outside of the U.S.
You are correct in your assumption that the appliance must be part of
the call setup for this feature to be used. Given that the product is
typically used to provide SIP firewall, encryption, and other session
control features at the edge of carrier and enterprise networks, the
appliance is already in the call setup path for other purposes besides
call recording. For example, a typical application of the product
would be to provide TLS and SRTP encryption over the untrusted public
network and then remove this encryption once the call enters the trusted
private network. If you would like more info, please drop me a note.
Thanks,
Jim
jdonovan at covergence.com
------------------------------
Message: 4
Date: Tue, 09 May 2006 17:32:12 -0400
From: Bill Flanagan <flanagan@flanagan-consulting.com>
Subject: [VOIPSEC] mid-span decrypt
To: Voipsec@voipsa.org
Message-ID: <44610A5C.4010305@flanagan-consulting.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Jim,
Is you appliance intended to carry every conversation of an ISP? or
just when presented with a court order?
Am I correct in inferring that the appliance must be part of the call
setup to capture the key(s) by acting as man in the middle?
Bill
>
>------------------------------
>
>Message: 4
>Date: Mon, 8 May 2006 06:23:21 -0400
>From: "Jim Donovan" <jdonovan@covergence.com>
>Subject: Re: [VOIPSEC] CALEA Enforcement
>To: <Voipsec@voipsa.org>
>Message-ID:
> <0D1719326D64BD4E9F92A0C120237678CEF104@eserv.covergence.com>
>Content-Type: text/plain; charset="us-ascii"
>
>Hi Sachin -
>
>The CALEA requirements you mention in your note are one of the reasons
>why Covergence has developed mid-stream encryption / decryption
>capabilities as well as extensive call recording capabilities. The
>mid-stream encryption / decryption capabilities allow you to run SIP
>TLS and/or SRTP in your network and our appliance will remove the
>encryption, capture the bidirectional RTP packets, and if necessary,
>re-encrypt for transmission to the next hop in the network. Our
>appliance has dedicated hardware to ensure that the integrity of the
>media is not impaired as a result of this process. The captured RTP
>streams are then coupled with an accounting record. This information
>can be stored on our appliance or swept out to third-party database.
>The stored media recording and associated call record allows the
>captured media to be accessed by law enforcement personnel or network
>technicians for the purpose of troubleshooting call quality. Whether
>or not an individual call is recorded is done based on a finely
>granular policy that allows the network operator and law enforcement
personnel to
>determine who, what, and when to record.
>
>Thanks,
>Jim
>www.covergence.com
>jdonovan at covergence.com
_______________________________________________
Voipsec mailing list
Voipsec@voipsa.org
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic