Sensage for Telco

Telecommunication and Internet Service Providers are at the center of many investigations of cybercrime and cyber-terrorism. Their subscriber call detail records (CDR) and Internet Protocol Data Records (IPDR) provide forensic clues to law enforcement agencies who are investigating fraud, theft, terrorism, drug trafficking, child pornography and other crimes.

Regulations in the EU and emerging laws in the US demand two related capabilities: to store large amounts of xDR for long durations, and to rapidly find highly specific data in the log files. Read more about the specific solution Sensage offers for big data retention and management. 

What data is mandated?

Investigators may need to tap a variety of retained data: calling party, called party, date and time, call duration, result of the call, its transmission route, internet connection data, call type (voice, text, etc.), location of mobile communications equipment, transmission faults, billing and other information.

CDR/IPDR requirements may include details of internet email and internet telephony services, but not call content. Examples of the active and proposed regulations include

• The European Council swiftly issued Directive 2006/24/EC of the European Parliament as a result of attacks in Madrid and London (2004/2005) when cell phone calls were used to detonate bombs in both attacks. Telco and publicly available communications service providers in all 27 member states must collect CDRs for forensic analysis by law enforcement agencies for a specific period and dispose retained data according to the Directive.

• In the US, a similar requirement is poised to become law. H.R. 1981 introduces mandatory IPDR retention – including “temporarily assigned network addresses that the provider assigns to each account” (Sec. 4). This bill, known as the “Protecting Children From Internet Pornographers Act of 2011,” aims to use Retained Communication Data to help reduce child exploitation. It’s likely that agencies could use the mandated IPDRs for other investigative purposes unrelated to pornography.

• In addition, CDR/IPDRs can provide forensic analysis of a data breach. Notification for these is currently governed by 46 state laws, and is likely to be specified soon by national legislation in several competing bills.

With six to 24 months of retention required, this represents billions of records and terabytes of total data to maintain and manage. Sensage provides a scalable, high performance event data management and analysis platform featuring:

• Diverse data collection - captures and centrally aggregates all event records from all relevant sources including telephony, email messaging, web traffic and custom applications
• Efficient management - parses and stores event data in a highly compressed format to reduce storage requirements.
• High-speed, online analysis - rapid, pinpoint search through Terabytes of data, correlating across event source types.
• Scalable performance - exceptional data load and query performance that can be easily expanded.

In close partnership with EMC, Sensage delivers open solutions used by dozens of leading communications providers across the globe to capture, retain and analyze CDR/IPDR data at any detail level, all customized for their unique environments.

Sensage also partners with leading integrators and resellers who service Telco and Service Providers worldwide.