Feeds

How do spooks build surveillance rigs? In Oz they TENDER for it

Federal Police seek kit capable of swallowing Euro-standard intercepts

Beginner's guide to SSL certificates

Australia's Federal Police force (AFP) has issued a tender for deep packet inspection (DPI) kit capable of processing data encapsulated by the European Telecommunications Standards Institute's ETSI 102 232 format for lawfully-intercepted communications.

Why does the AFP need to listen to telecoms intercepts? Aside from the fact its a policing outfit, the Force's “About” page says “The nature of the AFP and what is required of it, has changed significantly in recent years. The AFP has responded to a rapidly changing environment and this has required a greater focus on national and international operations.”

Some of those international operations are peace-keeping missions in Pacific nations where rule of law has broken down. Others concern terrorism and cyber-crime, matters that would make listening to telecom interceptions from abroad quite useful.

After reading the tender Vulture South is leaning towards the force needing kit capable of listening in on its own networks and processing data from outside sources, based on the following list of requirements the successful tenderer will be required to demonstrate:

  • The appliance must analyse flows at 10 Gbps
  • The appliance must be able to accept TCP/IP as an input
  • The appliance must be able to receive IPv4
  • The appliance must be able to receive IPv6
  • The appliance must be able to identify services
  • The appliance must be able to identify applications (Layer 7)
  • It is recommended that the appliance can be expanded to higher speeds
  • The appliance should be able to accept a network flow encapsulate as ETSI 102 232 as an input
  • The appliance should be able to accept PCAP captures as an input
  • The appliance should be able to separate flows based on multiple inputs of MPLS
  • The appliance should be able to separate flows based on multiple inputs of VLAN
  • The appliance should identify Anti-Virus
  • The appliance should identify Malware
  • The appliance should identify Communication Applications
  • The appliance should identify Mobile Applications
  • The appliance should extract and store metadata
  • The appliance should de-capsulate tunnelling protocols
  • The appliance should detect different types of encryption
  • The appliance should filter based on keywords
  • The appliance should filter based on protocols
  • The appliance should filter based on applications
  • The appliance should filter based on IP lists
  • The appliance should filter traffic based on port lists

The tender also calls for the chosen appliance to possess the ability to create logs and to log filtered data, plus a requirement “not drop packets, both malformed or corrupt”.

Over to you, readers. Is the AFP rolling its own PRISM or just taking care of business? The tender is here if you want to read more for yourself. ®

Protecting against web application threats using SSL

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Apple CEO Tim Cook: TV is TERRIBLE and stuck in the 1970s
The iKing thinks telly is far too fiddly and ugly – basically, iTunes
Huawei ditches new Windows Phone mobe plans, blames poor sales
Giganto mobe firm slams door shut on Microsoft. OH DEAR
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
Show us your Five-Eyes SECRETS says Privacy International
Refusal to disclose GCHQ canteen menus and prices triggers Euro Human Rights Court action
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.