Feeds

How do spooks build surveillance rigs? In Oz they TENDER for it

Federal Police seek kit capable of swallowing Euro-standard intercepts

Choosing a cloud hosting partner with confidence

Australia's Federal Police force (AFP) has issued a tender for deep packet inspection (DPI) kit capable of processing data encapsulated by the European Telecommunications Standards Institute's ETSI 102 232 format for lawfully-intercepted communications.

Why does the AFP need to listen to telecoms intercepts? Aside from the fact its a policing outfit, the Force's “About” page says “The nature of the AFP and what is required of it, has changed significantly in recent years. The AFP has responded to a rapidly changing environment and this has required a greater focus on national and international operations.”

Some of those international operations are peace-keeping missions in Pacific nations where rule of law has broken down. Others concern terrorism and cyber-crime, matters that would make listening to telecom interceptions from abroad quite useful.

After reading the tender Vulture South is leaning towards the force needing kit capable of listening in on its own networks and processing data from outside sources, based on the following list of requirements the successful tenderer will be required to demonstrate:

  • The appliance must analyse flows at 10 Gbps
  • The appliance must be able to accept TCP/IP as an input
  • The appliance must be able to receive IPv4
  • The appliance must be able to receive IPv6
  • The appliance must be able to identify services
  • The appliance must be able to identify applications (Layer 7)
  • It is recommended that the appliance can be expanded to higher speeds
  • The appliance should be able to accept a network flow encapsulate as ETSI 102 232 as an input
  • The appliance should be able to accept PCAP captures as an input
  • The appliance should be able to separate flows based on multiple inputs of MPLS
  • The appliance should be able to separate flows based on multiple inputs of VLAN
  • The appliance should identify Anti-Virus
  • The appliance should identify Malware
  • The appliance should identify Communication Applications
  • The appliance should identify Mobile Applications
  • The appliance should extract and store metadata
  • The appliance should de-capsulate tunnelling protocols
  • The appliance should detect different types of encryption
  • The appliance should filter based on keywords
  • The appliance should filter based on protocols
  • The appliance should filter based on applications
  • The appliance should filter based on IP lists
  • The appliance should filter traffic based on port lists

The tender also calls for the chosen appliance to possess the ability to create logs and to log filtered data, plus a requirement “not drop packets, both malformed or corrupt”.

Over to you, readers. Is the AFP rolling its own PRISM or just taking care of business? The tender is here if you want to read more for yourself. ®

Security for virtualized datacentres

More from The Register

next story
Ex-US Navy fighter pilot MIT prof: Drones beat humans - I should know
'Missy' Cummings on UAVs, smartcars and dying from boredom
Facebook, Apple: LADIES! Why not FREEZE your EGGS? It's on the company!
No biological clockwatching when you work in Silicon Valley
The 'fun-nification' of computer education – good idea?
Compulsory code schools, luvvies love it, but what about Maths and Physics?
Doctor Who's Flatline: Cool monsters, yes, but utterly limp subplots
We know what the Doctor does, stop going on about it already
'Cowardly, venomous trolls' threatened with TWO-YEAR sentences for menacing posts
UK government: 'Taking a stand against a baying cyber-mob'
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
Sysadmin with EBOLA? Gartner's issued advice to debug your biz
Start hoarding cleaning supplies, analyst firm says, and assume your team will scatter
Don't bother telling people if you lose their data, say Euro bods
You read that right – with the proviso that it's encrypted
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.