IEA Software, Inc.

IEA Software Knowledge Base - ID:56497

IEA Knowledge base

RadiusNT (KB ID: 56497)

Feb 1 2007

Does Emerald and RadiusNT/X enable call and network traffic intercept per government regulation for law enforcement assistance such as the US CALEA requirements?

Feb 1 2007

Intercepts can be configured via encrypted RADIUS reply attributes in Cisco routers and access servers running IOS.

Information on configuring this is avaliable from the Cisco web site:

The encrypted attribute mentioned in this document is avaliable starting with RadiusNT/X 5.1.26 or later and Emerald 5.0.25 or later. The encrypted attribute is named "Cisco-Encrypted-AVPair" within Emerald/RadiusNT.

If you will be configuring intercepts using this method we recommend configuring attribute data filters to append the attributes to the target users normal attributes. Use of data filters prevent normal account operators from having knowledge of an account configured for intercept.

Feb 1 2007

Most intercept schemes use "mediation" software to perform two vital roles enabling call/traffic intercept. First is the association of network traffic based on network address with the individual being monitored. Secondly the collection and transmission of relevent traffic to the government for processing.

The first part of this process in a typical service provider environment is accomplished by monitoring the network for "signaling" information such as RADIUS authentication and accounting messages. In turn this data is used to identify the specific network flows (IP,MAC,interface..etc) relevent to the individuals under surveillance. This function is typically handled by the mediation software in a passive manner not requiring additional configuration in Emerald or RadiusNT/X.

The second facet involving the configuring of access devices to "mirror" traffic or network probes to do the same for transmission to the government. This is generally accomplished by the mediation software and is well outside our ability to effect or assist with.

Please refrain from the following questions with respect to intercept capabilities of our software:

1. Ask if we are "CALEA Compliant"
2. Ask us questions about government regulations that may apply to you.

The reality of the situation is we are not in much of a position to assist with call/traffic intercept however we very much would like to assist you in any capacity we are reasonably able to. To this end we will be adding technical information on configuring specific network devices for intercept purposes including any necessary configuration within Emerald and RadiusNT/X. We also welcome feedback on what in specific terms we can do to help you meet the intercept requirements of your government in future updates of our software.