The last decade has seen an explosion of virtualized deployments for cost saving and flexible deployment scenarios. Virtualization enables Service Providers to quickly deploy 5G and IoT services and to deploy a multitude of new services. However the impacts on compliance, law enforcement requirements, and standards are becoming evident. New challenges are being encountered in the following three areas:
- Securing the new virtual environments from intrusion
- The requirement to transport large amounts of virtual network traffic and comply with law enforcement requests
- The requirement to increase targeting due to more deployed devices across emerging services
Securing the Virtual Environment
Services such as 5G will be deployed primarily on virtual infrastructure including new Law Enforcement centric mediation components such as the Administration and Management Function (ADMF), Mediation Delivery Function 2 (MDF2) and Mediation and Delivery Function 3 (MDF3) components. These components utilize sensitive targeting information and the virtual instances or containers can be dynamically distributed in multiple regional datacenters as the network scales.
The primary challenges facing Service Providers is limiting access to the sensitive information present in the dynamically deployed mediation elements noted above, to only authorized personnel. Also Service Providers need to ensure the virtual image or container for Lawful Interception cannot be cloned or abstracted without authorization.
Transporting Large Amounts of Traffic to Law Enforcement
5G virtual deployments will enable a significant increase in subscriber and potential target traffic. It is anticipated to be a multiple of 200x 4G traffic per target. Additionally, virtualized services such as Mobile Edge Computing (MEC) require MDF3 instances to be deployed at the edge of the network, to avoid backhauling traffic to the network core.
To address the above challenges, Service Providers need to look at new network transport solutions in order to aggregate and securely deliver law enforcement related traffic at the virtualized 5GC rates. Additional buffering and or filtering capabilities can be introduced to mitigate the impact of delivering high volumes of traffic to Law Enforcement agencies.
Virtualization Impacts on Service Provider Targeting
Virtualization will enable many new technologies, driving a large increase in the number of devices being deployed and supported on 5G. These include IoT, autonomous vehicles, gaming, virtual reality and many newer emerging services. The number of deployed devices is expected to grow from 10 to 100x.
More services and devices will result in more targeting by Law Enforcement. Targeting can also be impacted by the transition from physical 4G to virtual 5G networks, which will require Service Providers to provision a subscriber target twice, once in both networks.
Additionally, requests for a targets real-time location information are likely to increase as Law Enforcement seeks to take advantage of the deployment of virtual 5G related Pico, Micro, and Macro cells. These provide access to the more accurate location information that these distributed base stations can provide.
Compliance Conclusion
As more and more virtualized networks are rolled out and leveraged, the above-mentioned compliance concerns will need to be addressed. The traffic volumes per target will be more than we have ever encountered before, close to 10x within a year and 50x within 3 years. Lawful Intercept solutions will need to scale, not only to handle the data volumes and the increased diversity of devices, but also to collect the required LEAs information from multiple datacenters and networks at once.
So, what a true scalable end-to-end solution will do ironically sounds simple, but it isn’t. Compile and analyze a targets information and provide it to the requesting LEA faster.
For more information, visit www.ss8.com or follow us on Twitter @SS8 or LinkedIn.
About SS8 Networks
SS8 provides Lawful Intelligence platforms. They work closely with leading intelligence agencies, communication providers, law enforcement agencies and standards bodies and their technology incorporates the methodologies discussed in this blog. Xcipio® is already proven to meet the very high demands of 5G and provides the ability to transcode (convert) between lawful intercept handover versions and standard families. Intellego® XT natively supports ETSI, 3GPP and CALEA handovers, as well as national variants. Intellego XT’s MetaHub component is a best-in-class data analytics tool. Both product portfolios are used worldwide for the capture, analysis and delivery of data for the purposes of criminal investigations.
