|all-speed Ethernet and optical fiber tap units||Innovative Design Delft|
Any Dutch ISP can have a government compliant system in approximately two weeks
For 7000 euro, any ISP, small or large, can acquire an FT-E10/100 unit and can, in approximately two weeks, have a working interception system that is compliant with Dutch Law. IDD will assist ISP personnel in setting up the system and in obtaining and exchanging X.509 certificates used for authentication with government systems. All FT-system units come with one year of maintenance, including gradual software updates and installation of these updates. All components are guaranteed to have minimal impact on normal operations of the ISP. If you have any questions, please don't hesitate to ask: firstname.lastname@example.org
Setup for medium and large ISPs
This section gives a general overview of what may be required to set up an FT-system to make a medium or large internet provider's network interceptable.
The connection archive is a server that maintains a database of all connections provided during six months (default). It keeps track of all current connections by communicating with the IP-assigning servers on the network and of all other connections that have to be stored for retrieval by Law Enforcement. When the Connection Archive is started, it initiates contacts with all IP-assigning servers it knows. After initiation by the Connection Archive, the IP-assigning servers keep the Connection Archive up to date with connection information. The Connection Archive continuously synchronizes all stored information to a backup server. If the primary Connection Archive fails, an operator can immediately revert to the backup Archive.
All common versions of DHCP and Radius are supported, also DHCP option 82 in it's various forms is included with the basic FT-x software.
This server has a permanent connection with the Connection Archive. When a warrant is received, an operator enters the required customer information into the Tap Manager. The Tap Manager keeps track of the operation of all tapping devices, such as the FT-x tap units and any mail-servers with tap-clients. The Tap Manager continuously synchronizes it's information with a backup server. If the primary tap server fails an operator can immediately revert to the backup server.
The actual tap unit. After startup the FT-x passively waits for polling requests of the initiating Tap Manager. On initialization, the tap unit receives all necessary information from the Tap Manager to tap the desired IP numbers, and to send the intercepted data to LEMF through the TIIT protocol. The FT-x tapping modules are highly secure units that start from a CDROM.
Because for example also BCC headers are needed by law the mail-server software will require a patch to copy to be tapped mail and send it to a shadow mail box. All shadow boxes are read by the FT-x system and contents are sent to law enforcement with TIIT encapsulation.
Feature list of the FT-x units
All tapping units and servers are currently based on a Dell 850 1U server with 2x 10/100/1000 Ethernet ports.
All tapping equipment comes with 1 year on site maintenance and gradual software updates. Contracts will be subject to our Conditions and Terms (Dutch)