Technology specifics that are in motion…

January 8, 2009 on 10:17 am | By Peder | In Main | No Comments

Earlier this week the changes being seen from the impact of new regulations was mentioned.  What has been interesting to watch is the technology specifics that are in motion.  Technology for the support of Lawful Interception was often a circuit based such that clipping onto a phone line or Internet connection drove technology scaled to the performance of the one user.  As users moved to many devices and were mobile with thier communications, technology moved upstream interfacing to phone systems and network equipment that based upon awareness of the registered user selected appropriate information.  Today, relationships on the Internet are vast and dynamic and identity of a user is often not tied to a device or circuit.  As such systems must possess many new advanced analysis, inspection and capture capabilities in order to comply with the regulations.  Three notable technology requirements that really seem to clarify what I see in 2009 are: 10 Gigabit Ethernet, Full Content Capture and Protocol Specific User Identification.

 

Taking a look at 10 Gigabit Ethernet first, it seems off-hand as not new for 2009 but in this field I suggest that the meaning behind it really is.  For years we have seen 10GbE as coming, we have built systems that supported 10GbE and all marketed that we were first.  What is interesting is there really seems to be a migration from 10GbE is in the future or our network links are 10GbE but they really aren’t fully utilized to 10GbE means 10GbE.  What I mean by that is customer expectations and more importantly true need really deals with 10GbE means processing a fully utilized pipe and often bi-directionally for 20Gbps of unique data to inspect.  This has become a dramatic change in processing performance as DPI systems are essentially processing the data and moving from even uni-directional GigE or OC-48 systems to full duplex 10GbE is anywhere from an 8x to 20x processing increase from earlier generation systems in the DPI segment.  With large metro deployments in telcos, multiple 10GbE links are the norm not the exception.  This is where 2009 seems like a year of separating out the technology.

 

Full Content Capture is another area that directives and regulations appear to be driving change.  In the past, if content was seen of interest in a packet the desire was to capture it.  That evolved to if you see a session, or more specifically flow, that is of interest, capture the rest of it from here on out.  Now, the requests are that if you see information that identifies a flow of interest, make sure that the flow from the “start” of the conversation is captured.  In a sense, this is asking for systems to go back in time and record data.  As this is intersected with the 10GbE requirements this has led to large scale buffering systems to allow for arbitrary window sizes of time to be gathered such that it may be found of interest in the future.  This has led to very different architecture of solutions from the past and appears to be a new trend as we enter into 2009.

 

Protocol Specific User Identification is something that is old, but really speaks to the Internet age and the growth of protocols.  At its lowest level what I mean is looking at the content of an exchange with a web site and identifying the target based upon the credentials being passed.  As each and every web protocol or site establishes its own mechanism this leads to different methods for each.  Simply trying to do this for emails, within a specific region, can rapidly lead to dozens of variations. 

 

The interesting thing from a technology point of view is how vastly and fast the requirements throughout the world are changing in response to new regulations.  While the western world appears slower than other areas to pass such regulations the technology development continues to move along at a fast clip to keep up with global needs.  What will be interesting is how quickly these advanced capabilities spread across the landscape of customers and how the solutions will stand the test of time.