Skyriver has worked very hard on becoming CALEA compliant. We worked with a vendor Solera Networks on our project. They felt that we had an innovative solution to a very expensive problem. They have been selling capture devices for a number of years, but they asked me to participate in a podcast because of the creativity in the implementation.
Give it a listen:
A link to the mini-profile from Solera Networks
Solera Networks provides more than just a CALEA compliance solution to Skyriver
The deadline for CALEA compliance arrived and Skyriver needed a cost effective solution to quickly bring them into compliance. Solera Networks provided its Solera CALEA Appliance to enable Skyriver to provide lawful intercepts or “wire taps??? when requested by Law Enforcement Agencies.
Skyriver is a Fixed-Wireless broadband wireless carrier located in San Diego, California, providing enterprise grade high speed internet access to businesses throughout Southern California. In addition to enterprise grade bandwidth, they provide typical Internet Service Provider (ISP) solutions including, web-hosting, spam filtering and e-mail intrusion detection services. They also provide on-site network services and full infrastructure management and maintenance as well as deploy and maintain WiFi hotspots for hotels and other hospitality organizations. Skyriver has 40 employees located in Los Angeles, San Diego and Riverside, California.
In 1994, the U.S. passed a law called The Communications Assistance for Law Enforcement Act (CALEA). This act states that communications providers, including telephone companies and network and service providers must have the ability to tap any communication or data transfer carried over their networks when they receive a request from a Law Enforcement Agency—a procedure called lawful intercept. Providers must also make communication and network traffic details available to the agencies and monitoring must be carried out in a way that it is not detectable by those under surveillance.
For a small to medium ISP, this mandate can be an overwhelming prospect and the implication of the act seems to call for complicated, very expensive solutions.
“When we looked into the law, a lot of what I learned was that not everybody understood it the same way,??? says Brad Slavin, Vice President Engineering and Network Operations for Skyriver. “There were a lot of nebulous unknowns and we had to educate ourselves to find out what our responsibility actually was.???
Once the rules were clarified, Slavin’s role was to do a comprehensive due diligence and feasibility study by interviewing a number of network traffic monitoring vendors and Trusted Third Parties (TTP). “To become compliant we needed a vendor who understood what the requirements were, how they were going to impact an organization like ours and how to best respond to any lawful intercept requests we receive from approved agencies,??? he said.
“We looked at about nine different vendors,??? Slavin said. “Most of their solutions were coming in at $40k or more and we couldn’t justify that price for the sole purpose of becoming CALEA compliant. Also, the way they were requiring us to architect the network just didn’t make sense. One of the specifics most of the TTPs and appliance vendors had was their requirement to install one appliance at each Internet egress in order to be compliant. And from my perspective, there had to be a better way.???
Fortunately, Solera Networks was among the nine vendors Skyriver evaluated. Not only did Solera Networks provide an appliance to help Skyriver meet the CALEA regulations, the appliance also provided the added benefit of allowing Skyriver to monitor their own network traffic and improve performance for their customers—at a fraction of the cost of the other vendors.
Skyriver found that Solera Networks’ complete packet capture and stream-to-storage technology provides an elegantly simple CALEA compliance solution with full traffic recording, filtering and detail logging at a price point vastly lower than the competition. Solera Networks’ appliances, combined with standard packet analysis software, provides everything necessary to capture, analyze and preserve all digital communication sessions – VoIP, e-mail, chat, instant messaging, HTTP sessions, etc. – along with related intercept information.
The 1U Solera CALEA Appliance captures at OC12 data rates, has onboard storage capacity of 800 GB, and is designed to be deployed via a SPAN port or network TAP, allowing for streamlined and invisible network packet capture.
Once the data is captured, the network traffic can be accessed by LEAs through either an industry standard pcap file, a virtual network interface (Ethernet) device or a regenerated stream of packets to external network segments feeding external appliances or applications. Solera Networks also integrates with iSCSI and Fibre Channel providing numerous options for external storage options.
“When I initially learned of Solera Networks and its CALEA solution, I was stunned at the pricing,??? Slavin said. “It was about a quarter of the cost of anything else I had seen on the market and for a while I actually doubted they would be able to deal with the compliance issues in a solution that cost less than $10k. I was pleasantly surprised.???
When compliance is on the line there is no room for doubt. When a lawful intercept request comes in at four o’clock in the morning and their after hours technical support needs to take care of the capture, they needed the assurance of documentation, technical support, and consistent updates that a commercial solution provides.
“The bottom line is we have received our response from the FCC,??? Slavin said. “We have been stamped and signed off as a ‘CALEA Compliant’ ISP and we are ready to respond in any of our markets to a lawful intercept request at the drop of a hat!???
In fact, Skyriver can act so quickly with a response to lawful intercept request Slavin said they would have no problem meeting even the four hour window they would be placed under during an Amber Alert requirement.
Lawful intercept was the initial reason Skyriver implemented Solera Networks’ appliance, but this is only one area where Solera Networks solutions improve a company’s network performance. With full capture, filter and playback capabilities combined with other standard network analysis tools, Solera Networks gives Skyriver a comprehensive historical engine to improve network security, enable network forensics and analysis, and improve overall network performance. In addition to reconstructing communications, Solera Networks solutions can be used to detect intrusions and determine sources of high bandwidth use or erratic activity.
“It’s my expectation that when using the device to perform network analysis, if there is an event, its going to really reduce our time to respond. It seems that we started out looking for a table knife but ended up getting a Swiss Army Knife. Because it provides a complete and accurate picture of network activity and performance, this is going to handle a lot more of our day to day networking needs than being a dumb box that just sits there, waiting for a specific lawful intercept request that may or may not happen any time soon,??? he said.
“From a capture prospective this is not only a CALEA compliance solution but also a robust and cost-effective solution,??? Slavin said. “We’ve really shifted from an ‘I wish I could’ perspective for our engineers to a ‘Hey, I know we can do this!’???