Lowering the Total Cost of Ownership for Lawful Intelligence Solutions

Racks of network servers and other computer hardware along a long white hallway

The convergence of communication data with other types of digital traffic – notably media content – and the continued adoption of 5G networks is creating massive data flows around lawful interception subjects of interest. Both mobile and fixed connections commonly carry large flows of media content, such as on-demand video, that dwarf the more valuable data sought by investigators. In the typical raw mediation feed from a target device, that flood of media content tends to bloat intercepted data volumes while providing little or no actionable intelligence.

As the volume of data from a mediation feed increases, so does the cost and complexity of transmitting, analyzing, and retaining it. For example, passing the contents of an intercepted feature film from a communication service provider (CSP) to a law enforcement agency (LEA) or other authority is a poor use of the required bandwidth, and that feature film also likely wastes valuable investigative resources while yielding few new insights. When combined with the rising costs of data storage and regulatory requirements for redundancy and duration, retaining large volumes of low-value data can prove very costly.

Curating the Data Flows

The SS8 platform helps optimize intercepted data using the Xcipio intelligent filtering solution, which separates the high-volume, low-value streaming video that commonly comprises as much as 80% of traffic. Using Packet Header Information Reporting (PHIR), it analyzes packet IP headers to identify data payloads associated with streaming services such as Hulu and Netflix so they can be treated as a distinct category. That content can then be excluded from analytics entirely to avoid obscuring evidence within the entire data set or set aside to be viewed later. Xcipio filtering can also send an analyst a report summarizing the metadata associated with the content, such as the duration of the media and the time and place it was consumed, rather than the full, raw content.

In addition to offering this filtering solution through Xcipio itself, the platform’s cloud-native architecture and standardized interfaces allow it to be deployed independently as a containerized microservice. This “grey box” approach makes it possible to incorporate Xcipio’s PHIR functionality with mediation solutions from other providers, helping extend the life of current tools and address the cost and complexity of transmitting, analyzing, and retaining mixed data.

Reducing the Burdens of Transmission

The data links from CSPs to LEAs are an inescapably limited resource, and regulatory requirements for data redundancy and high availability add even further to connectivity costs. Rising traffic volumes are already requiring additional expenses to scale up mediation and monitoring services, and many LEAs simply do not yet have the capability for multi-gigabit data delivery.

Regardless of whether the CSP or LEA bears the cost of the connections themselves, both must provide and support the related internal infrastructure, including the scale-up of security functions. The costs of cryptographic defenses, VPNs, encryption, firewalls, intrusion detection systems, and other network security apparatus is dependent on traffic volumes, which is a financial incentive for all parties to use bandwidth judiciously. The Xcipio filtering solution and summary reporting capability allows analysts to decide whether it is worth transmitting the entire intercepted media content to gain additional investigative leads.

Building Efficiencies in Data Retention

In addition to the increasing complexity of transmitting and consuming lawfully intercepted data, mandates for data retention mean storage costs are rising too (and in the case of cloud storage, the costs of retrieval as well). Xcipio filtering can be a valuable tool for LEAs considering how to reduce excess fat in their databases. This is especially true given the common requirement for separate, redundant backups during mandated retention periods, which causes storage costs to multiply quickly.

Further, the SS8 platform provides an alternative, short-term buffering solution that helps take transient pressure off lawful intelligence infrastructure. For example, if a CSP to LEA link is overwhelmed or unreliable, Xcipio’s Retained Data Delivery (XCRDD) tool prioritizes the data in order to transmit critical intercepted information first and the remainder later, when bandwidth is available, without packet loss. Combined, SS8’s solutions help find and act on the most important data, working together to make investigators more effective.

Streamlining the Analysis of Intercepted Data

Improving the signal-to-noise ratio in intercepted data is a clear advantage from the analyst’s perspective. The ability to exclude irrelevant content improves efficiency, making it possible to scale investigations using technology instead of headcount. In addition to focusing them on the need-to-know information, SS8’s platform also gives investigators powerful data fusion capabilities to improve analysis and draw new insights.

SS8’s MetaHub platform unifies diverse sets of raw data, combining communications data with other sources such as OSINT, location intelligence, surveillance, and automated number plate recognition systems to enrich potential evidentiary findings. MetaHub allows complex, multi-dimensional querying against this body of refined and enriched data to yield insights that cost-effectively advance investigations.

With 5G driving ever-increasing data volumes – and storage prices – SS8’s filtering, buffering, and fusion solutions are essential for CSPs and LEAs seeking to lower the total cost of ownership, and carbon footprint, of their mediation or monitoring platform while improving investigative results.

About David Anstiss

David Anstiss Head Shot - SS8 Networks

David Anstiss is Director of Solution Engineering at SS8 Networks. He has been with SS8 since 2015 and has significant experience in critical network architecture technology and advanced data analytics. He currently works as part of the Technical CTO Group under the leadership of Dr. Cemal Dikmen and is responsible for leading engagement with both intelligence agencies and Communication Service Providers (CSPs) around the world. He has been instrumental in helping them transition to 5G, defining system requirements to meet regulatory compliance. As a member of ETSI, he represents SS8 to ensure the adoption of cloud-native infrastructure is met with industry best practices and to guarantee that compliance of lawful interception is maintained. Learn more about David here on his LinkedIn profile.

About Rory Quann

Rory Quann headshot v2Rory Quann is Head of International Sales at SS8 Networks and brings with him over 10 years of experience in the Lawful Interception and Data Analysis industry. Prior to joining SS8 in 2013, Rory worked for BAE System Applied Intelligence where he was focused on large scale Government deployments of Intelligence Solutions. Rory has held multiple positions in the Lawful Intelligence space ranging from Deployment Engineer, System Consultant, and Sales Engineer focusing on Country-wide Passive deployments. Rory is a Certified Microsoft MCSA Engineer and EMC Certified deployment Engineer. You can learn more about Rory on his LinkedIn profile by clicking here.

About SS8 Networks

As a leader in Lawful and Location Intelligence, SS8 helps make societies safer. Our commitment is to extract, analyze, and visualize the critical intelligence that gives law enforcement, intelligence agencies, and emergency services the real-time insights that help save lives. Our high performance, flexible, and future-proof solutions also enable mobile network operators to achieve regulatory compliance with minimum disruption, time, and cost. SS8 is trusted by the largest government agencies, communications providers, and systems integrators globally.

Intellego® XT monitoring and data analytics portfolio is optimized for Law Enforcement Agencies to capture, analyze, and visualize complex data sets for real-time investigative intelligence.

LocationWise delivers the highest audited network location accuracy worldwide, providing active and passive location intelligence for emergency services, law enforcement, and mobile network operators.

Xcipio® mediation platform meets the demands of lawful intercept in any network type and provides the ability to transcode (convert) between lawful intercept handover versions and standard families.

To learn more, contact us at info@ss8.com.

Follow Us LinkedIn       Or X @SS8

SS8 Newsletter

LATEST WEBINAR

THE DATA SILO DILEMMA FOR LAW ENFORCEMENT

How to Ingest, Filter and Query 5G Volumes

Webinar Presented by Kevin McTiernan

CLICK HERE to watch!