At 03:23 PM 5/10/2007, Sean Donelan wrote:
On Thu, 10 May 2007, Patrick Muldoon wrote:
We've been under the impression that is *all* data. So for us,
things like PPPoE Sessions, just putting a tap/span port upstream
of the aggregation router will not work as you would miss any
traffic going from USER A <-> USER B, if they where on the same
aggregation device. Since the Intercept has to be invisible to
the parties being tapped, you can't route their traffic back out
and then in either, since the tap would change the flow. In that
regard, we've been upgrading our older NPE's to newer ones in order
to support SII, All the while I keep having something a co-worker
said stuck in my head. "CALEA - Consultant And Lawyer Enrichment Act" :)
If you are doing PPPOE over another carrier's ATM network, are you really
a "facilities-based" provider? Or is the CALEA compliance the
responsibility of the underlying ATM network provider to give LEA
access to the ATM VC of the subscriber under surviellance?
Just had this conversation with one of my clients, and it's a good
question. Seems like the telco providing the ATM (or other) access
cloud might be the responsible party. The ISP reselling that DSL is
too far upstream anyway to capture traffic between users of the same
DSL cloud, though they could capture traffic between those DSL users
and other users of their network or the Internet at large.
Consult your attorney, of course.
