Home > Wireless LAN > Other Topics > CALEA Compliance - Wire taps and historical logs

CALEA Compliance - Wire taps and historical logs

Background

Customers sometimes ask whether they can comply with local telecommunications laws when using a Meraki system.  

The short answer: Meraki Enterprise WLAN solutions allow customers to fully comply with CALEA by using bridge-mode to assign IP addresses from the customer's own DHCP server.  Meraki's solution is, from the CALEA point of view, identical to any other wireless LAN provider, including Cisco and Aruba.

The long answer: While requirements vary significantly from country to country, they typically fall into one of two buckets: wire tapping and historical logging.  In the U.S., the set of laws governing wire taps is known as CALEA.

Carrier Edition "Intercept" Features

The Meraki Carrier Lawful Intercept was discontinued with the introduction of Enterprise Edition.

Wire Taps

In this scenario, a law enforcement agency asks a service provider to record all data that a specific user sends and receives for some duration of time in the future.  The ability to comply with such a request is what is generally referred to as “CALEA Compliance.”  

By using their own DHCP server, the customer can correlate IP addressees with specific customers, which is the key to being able to perform a wire tap.

Note that the service provider still needs to have their own wire tapping hardware, sold by companies like SS8.  This hardware is often quite expensive.In practice, this solution is really only suitable for large telcos.  Smaller telcos, or those using distributed backhaul, cannot easily comply.

Historical Logs

In this scenario, the FBI might want a service provider to tell them who was downloading illegal content from a specific URL for some time in the past.  The FBI gives the service provider an IP address and a time, and wants to know who it was.

Service Providers have been receiving subpoenas like this for many years.  In general, compliance has not been too difficult - the service provider just looks at his DHCP logs.  Even small service providers ($10M/year) get several subpoenas like this per month.

The service provider uses their own logs to provide information to the law enforcement agency.

You must to post a comment.
Last modified
13:37, 16 Feb 2015

Tags

Classifications

This page has no classifications.

Explore Meraki

You can find out more about Cisco Meraki on our main site, including information on products, contacting sales and finding a vendor.

Explore Meraki

Contact Support

Most questions can be answered by reviewing our documentation, but if you need more help, Cisco Meraki Support is ready to work with you.

Open a Case

Ask the Community

In the Meraki Community, you can keep track of the latest announcements, find answers provided by fellow Meraki users and ask questions of your own.

Visit the Community