Access Point Deep Packet Inspection (AP-DPI)

Access Point Deep Packet Inspection (AP-DPI) System

The DPI is a powerful network appliance that enables the interception and real-time monitoring of internet applications, protocols, traffic data and meta-data. Although primarily a law-enforcement or intelligence gathering system, it can also be successfully deployed as an effective data retention or content filtering platform that is capable of deep packet inspection over fixed line and mobile networks. The DPI can correlate the flow of traffic between different protocol layers, for example, SIP-RTP, RADIUS-IP, GTP-C and GTP-U sessions, and is not limited to capturing data on the packet level. Unlike most deep packet inspection products, the DPI is able to extract protocol data and appplication meta-data from over 1000 protocols – in real-time. It leverages bleeding edge technologies and proprietary know-how to decode application sessions, decapsulate tunneling protocols, detecting encrypted protocols and reassemble TCP/IP flows. As a result, it can extract relevant data such as e-identities, timestamps, network addresses and application identifiers, phone numbers, URLs as well as selected content. The end-result being a much deeper inspection of real-time network data. Because the AP-DPI is fully integrated into LIMS, captured data can be processed in real-time and immediately secured and mediated before delivery to an authorized law-enforcement or intelligence agency. The hand-over interfaces are fully compliant with both ETSI and 3GPP standards which makes the AP-DPI a cost-effective, flexible turn-key solution.

Features

  • Deep Packet Inspection in fixed and mobile networks
  • Real-time Monitoring of IP-based applications & protocols
  • Supports more than 1000 protocols and applications
  • Target-based interception
  • IPDR generation
  • Key-word filtering
  • 1G and 10G Ethernet ports
  • Up to 20 Gbps
  • Central management by Utimaco LIMS
 

Protocols

  • Signature-based detection of hundreds of protocols and applications
  • Full decoding of various protocols and real-time interception of application data
  • Correlation of data between flows and protocol layers
  • Automatic decapsulation of tunnelling protocols
  • TCP/IP reassembly
  • Flow buffering in memory
  • Detection of encrypted protocols
 

Standards

  • ETSI TS 102 232-1/2/4/5
  • 3GPP TS 33.108

Benefits

  • 100% transparent, fully passive
  • Turn-key solution
  • Fully integrated in LIMS
  • Cost-effective
 

Lawful Interception

  • Target-based interception of IP data and application data
  • IP address, IP address range, port number
  • MAC address, MPLS label, VLAN tag
  • Email address
  • SIP-URI, TEL-URL
  • IMSI, IMEI, MSISDN
  • Application user ID
  • URL
  • Keywords incl. wildcards
  • Standards-based delivery
 

Data Retention

  • Real-time metadata extraction of various protocols
  • Correlation of metadata from different protocol layers
  • Central collection by Data Retention Suite (DRS)

Related Posts

About The Author

LiveZilla Live Chat Software