Taking a look at 10 Gigabit Ethernet first, it seems off-hand as not new for 2009 but in this field I suggest that the meaning behind it really is.  For years we have seen 10GbE as coming, we have built systems that supported 10GbE and all marketed that we were first.  What is interesting is there really seems to be a migration from 10GbE is in the future or our network links are 10GbE but they really aren’t fully utilized to 10GbE means 10GbE.  What I mean by that is customer expectations and more importantly true need really deals with 10GbE means processing a fully utilized pipe and often bi-directionally for 20Gbps of unique data to inspect.  This has become a dramatic change in processing performance as DPI systems are essentially processing the data and moving from even uni-directional GigE or OC-48 systems to full duplex 10GbE is anywhere from an 8x to 20x processing increase from earlier generation systems in the DPI segment.  With large metro deployments in telcos, multiple 10GbE links are the norm not the exception.  This is where 2009 seems like a year of separating out the technology.

Full Content Capture is another area that directives and regulations appear to be driving change.  In the past, if content was seen of interest in a packet the desire was to capture it.  That evolved to if you see a session, or more specifically flow, that is of interest, capture the rest of it from here on out.  Now, the requests are that if you see information that identifies a flow of interest, make sure that the flow from the “start” of the conversation is captured.  In a sense, this is asking for systems to go back in time and record data.  As this is intersected with the 10GbE requirements this has led to large scale buffering systems to allow for arbitrary window sizes of time to be gathered such that it may be found of interest in the future.  This has led to very different architecture of solutions from the past and appears to be a new trend as we enter into 2009.

Protocol Specific User Identification is something that is old, but really speaks to the Internet age and the growth of protocols.  At its lowest level what I mean is looking at the content of an exchange with a web site and identifying the target based upon the credentials being passed.  As each and every web protocol or site establishes its own mechanism this leads to different methods for each.  Simply trying to do this for emails, within a specific region, can rapidly lead to dozens of variations. 

The interesting thing from a technology point of view is how vastly and fast the requirements throughout the world are changing in response to new regulations.  While the western world appears slower than other areas to pass such regulations the technology development continues to move along at a fast clip to keep up with global needs.  What will be interesting is how quickly these advanced capabilities spread across the landscape of customers and how the solutions will stand the test of time.

As the world has begun to change or update regulations, such as those seen in the European Union with regards to data retention for the support of law enforcement DIRECTIVE 2006/24/EC OF THE EUROPEAN PARLIAMENT, these are driving significant new changes to the telecom landscape.  The extent of these regulations drives growth of interception technology at pace with the network growth itself.  The expense of these systems as well as the complexity of protection of the privacy of the data gathered is changing the technology requirements unlike what has been seen before.  The big questions this leads to is how fast can compliance be achieved and will this change the landscape of the class of companies that can support this scale of deployments?  Also, what impact will this have on the architecture of the telecom provider’s networks as data collection is not a small issue but core to even how the network could be architected to support such directives?  Will this lead to specific variants of technology, such as the thesis of some of the DPC specific vendors for technology designed exclusively for these directives or will the costs of such a large scale deployment require common infrastructure with the telco gear to drive down CAPEX and OPEX of supporting the directive?

In many ways, more questions than answers but clearly lots of change.

Read More: International Mandates : Changing the Way Law Enforcement Operates