Prerequisites for Implementing Lawful Intercept
Lawful intercept implementation requires that these prerequisites are met:
-
Cisco NCS 5500 Series Router is used as content Intercept Access Point (IAP) router in lawful interception operation.
-
Provisioned Router—The router must be already provisioned.
Tip
For the purpose of lawful intercept taps, provisioning a loopback interface has advantages over other interface types.
-
Management Plane Configured to Enable SNMPv3—Allows the management plane to accept SNMP commands, so that the commands go to the interface (preferably, a loopback interface) on the router. This allows the mediation device (MD) to communicate with a physical interface.
-
VACM Views Enabled for SNMP Server—View-based access control model (VACM) views must be enabled on the router.
-
Provisioned MD—For detailed information, see the vendor documentation associated with your MD.
-
QoS Peering— QoS peering must be enabled on the router for Lawful Intercept to work.
Note
The Lawful Intercept feature has no intersection with the QoS feature on the router. Enabling the QoS peering profile with hw-module profile qos ingress-model peering command on all the required line cards, allows QoS and Lawful intercept to allocate hardware resources.
-
The MD uses the CISCO-TAP2-MIB to set up communications between the router acting as the content IAP, and the MD. The MD uses the CISCO-IP-TAP-MIB to set up the filter for the IP addresses and port numbers to be intercepted.
-
The MD can be located anywhere in the network but must be reachable from the content IAP router, which is being used to intercept the target. MD should be reachable only from global routing table and not from VRF routing table.