On 5/10/07, Jared Mauch <[email protected]> wrote:
If you're not offering VoIP services, your life may be easier as
you will only need to intercept the data. Depending on your environment
you could do this with something like port-mirroring, or something
more advanced. There are a number of folks that offer TTP (Trusted
third-provider) services. Verisign comes to mind. But using a TTP
doesn't mean you can hide behind them. Compliance is ultimately your
(the company that gets the subponea) responsibility.
Here's a question that's come up around here. Does a CALEA intercept
include "hairpining" or is it *only* traffic leaving your network?
I'm of the opinion that a CALEA intercept request includes every bit
of traffic being sent or received by the targeted individual, but
there is strong opposition here that thinks only internet-related
traffic counts.
- Jared (IANAL!)
--
Jason 'XenoPhage' Frisvold
[email protected]
http://blog.godshell.com