vALIS: A Transition Path for Lawful Interception in Network Functions Virtualization
The AQSACOM™ Lawful Interception System (ALIS), is globally recognized as a premier solution managing Lawful Interception for voice and data networks, covering PSTN, GSM, GPRS, LTE, CDMA, WCDMA, VoIP, xDSL, Satellite, E-Mail, and more. To address the industry trend towards Network Functions Virtualization, AQSACOM™ has developed a virtual ALIS solution (vALIS) operating as a Virtual Network Function (VNF) over virtual machines running on commodity server hardware. Thus, carriers worldwide can take advantage of their server farms and virtualized computing and networking environments to operate Lawful Interception in a highly secure and scalable manner.
The vALIS solution is comprised of the following features:
- Software-based. The software is decoupled from underlying hardware infrastructure.
- Hardware agnostic. vALIS operates over common commodity hardware typically used in data centers.
- APIs for third-party software integration.
- Real-time, Proactive Failure Management. Resource utilization monitoring includes, for example, CPU, vCPU, virtual memory, virtual IO, etc., alarm correlation, and trend analyses.
- Flexible Hypervisor Support.
- Quality of Service in CPU and I/O resources. vALIS accounts for the data processing throughput requirements that LI regulations and the LEAs demand. QoS is currently being addressed within the ETSI NFV ISG and other forums.
- A wide array of Alarms and Statistics Reports. These include, for example, notification when a session is interrupted or running in a degraded condition, statistics such as the number of active interceptions in a given time interval, utilization of LI system resources, and logs for tracking of past LI events.
However, this is only a step towards true Network Functions Virtualization (NFV). AQSACOM™ is now working as an active player in the ETSI NFV Security Industry Specifications Group to iron out the steps and industry practices that will enable Lawful Interception to operate as a virtualized function over partially and fully virtualized networks.