SlideShare a Scribd company logo

Imsi filtering exa24160

Download as PPTX, PDF
Christian Ferenz
Christian Ferenz

This document discusses Cubro's IMSI filtering solution implemented by a European mobile operator to filter signaling and user plane traffic for specific IMSIs, MSISDNs, or IMEIs while addressing challenges of high traffic volumes, mixed 3G and 4G technologies, and scalability. The solution uses Cubro tapping, aggregation, and filtering devices to separate, filter, load balance, and correlate signaling and user plane traffic across multiple sites and send matched traffic to monitoring tools. Key components are the EXA32100 for filtering, load balancing, and distributing traffic to EXA24160 Sessionmasters for IMSI filtering and output to analyzers.

1 of 23
IMSI, MS-ISDN & IMEI Filtering with Cubro EXA24160 Sessionmaster EXA24160 Deployment example at a European Mobile Operator May 2018 www.cubro.com
Purpose of this presentation This presentation explains the concept of IMSI Filtering using Cubro products. It describes the entire Cubro solution from layer 1 tapping, aggregation, load-balancing to traffic correlation as implemented by a European mobile operator.
Project Goals • Due to high traffic volume the monitoring of all user plane traffic does not make sense. – And by law it is not allowed without specific order from authority or agreement of the user. • However, for trouble-shooting a full call monitoring/tracing is vital. Requires both, signalling and user data of a specific customer. • Therefore, the customer requires an on- demand IMSI filtering solution that correlates signalling and user plane.
Challenges • Find all signalling and user- plane traffic of a specific IMSI, MSISDN or IMEI. – Total traffic volume several hundred Gbps – Mixed technology (3G & 4G) • Security – Highly sensitive information – strict rules to access data – User agreement to activate monitoring (user support portal) • Scalability – Due to massive traffic growth scalability is a must
Terms • IMSI … International Mobile Subscriber Identity – The IMSI is used to identify the user of a cellular network and is a unique identification associated with all cellular networks. The IMSI is usually provisioned in the SIM card. • MSISDN … Mobile Station International Subscriber Directory Number (=Telephone Number) – MSISDN is a unique number identifying a subscriber in a mobile network. Simply put, it is the mapping of the telephone number to the SIM card in a mobile/cellular phone. The MSISDN together with IMSI are two important numbers used for identifying a mobile subscriber. A SIM has a unique IMSI that does not change, while the MSISDN can change in time, i.e. different MSISDNs can be associated with the SIM. • IMEI … International Mobile Equipment Identity – The IMEI is a unique number that identifies mobile devices (=hardware identification). The IMEI number is used by a mobile network to identify valid devices and therefore can be used for stopping a stolen phone from accessing that network.
IMSI Filtering • Throughout this presentation the term IMSI Filtering means filtering out signalling plane and user plane traffic of a specific user/call. • This specific user can be identified by: – IMSI – MSISDN – IMEI
Deployment Overview vEPC Site 1 vEPC Site 2 vEPC Central Site Tapping Aggregation Tapping Aggregation Tapping Aggregation Filtering Load-Balancing IMSI Filtering Traffic Distribution Monitoring Tools
Layer 1 Tapping at Site 1 and 2 • Cubro MTP TAP – 4 MTP Links in 1/3 U 19” – supports 40G and 100G – totally passive and secure Monitoring outputs 8 x 40G 4 x 40G live traffic to Packetmaster EX20400 for Aggregation
Aggregation at Site 1 and 2 • Cubro Packetmaster EX20400 – 20 x 40G plus 4 x 40G/100G ports via QSFP/QSFP28 – 2,4Tbps throughput! – Aggregation, Filtering, Load-balancing – Managed via WebGUI and Cubro Vitrum 8 x 40G inputs from MTP TAPs 4 x 100G Load-balanced outputs total traffic load about 240Gbps • EX20400 aggregates all incoming vEPC traffic of site 1 and 2 (user and signaling) and load-balances it by means of five tuple hashing. – Filtering is not used  have all traffic available at Central Site. Transport Network to Central Site
Central Site – Concept Overview • Incoming interfaces (as per May 2018) – 4 x 100G from Site 1 (vEPC 1) – 4 x 100G from Site 2 (vEPC 2) – 8 x 100G from Central Site (vEPC C) • Total incoming traffic is approx. 400Gbps. – Signalling (S11, GN-c, …) and User (GN-u and S1-U). • Requirements – Aggregate, Filter (Forward & Drop) and Load-balance • Forward all signalling traffic to more than one output port for different analysing systems including Cubro IMSI Filtering system. – Total signalling is about 50Mbit/s • Drop non-required user traffic (e.g. drop all traffic with DSCP=0) – After drop filtering approx. 180Gbps remains (400Gbps incoming in total) » All DSCP=0 packets are dropped • Load-balance remaining user traffic to Cubro IMSI Filtering system – Each IMSI Filter unit gets approx. 45Gbps user traffic
Drop (DSCP=0) Signalling plane filters (VLAN IDs, IP Addresses, UDP Port 2123) User plane filters (VLAN IDs, IP Addresses, UDP Port 2152) Load-balancing by means of inner (user IP) Cubro IMSI Filtering System Cubro Mobile Probe Multiplication and Distribution Other Probes Other Probe Wireshark Server Multiplication and Distribution Central Site – Concept Overview EXA24160 EXA32100 EX20400 EX20400 Signalling User
Central Site – Connection Diagram 16 x 100G 4 x 100G from Site 1 4 x 100G from Site 2 8 x 100G local traffic 400Gbps in total • Filtering = Separation signalling and user plane • Drop non-required traffic (DSCP=0) • Load-balance user traffic by means of GTP inner IP 4 x 40G user plane load-balanced 4 x 40G user plane load-balanced Distribution 1 x 40G signalling plane Break-out Box converts MTP to LC 10G LC outputs to Monitoring Tools IMSI Filtering (Signalling & User)
Central Site – Filtering & load- balancing • Core element is the Cubro EXA32100 – 32 x 40G/100G ports (can also be used as 128 x 10G solution) – Filtering including GTP Layer; separates signalling and user traffic. – GTP Load-balancing based on inner (user) IP address; distribute user traffic evenly to the IMSI filtering solution. • Load-balancing S1-U traffic by means of GTP inner IP is the only feasible way to share user traffic between the different IMSI Filter boxes!
Sessionmaster EXA32100  Filtering including GTP layer – e.g. filter a full range if user IPs  Up to 8000 parallel filter rules  Aggregation  GTP Load-balancing by inner (user IP)  All ports activated  All software activated  Low power design  Jumbo Frames 16000 Bytes  24MB Buffer for overload protection Packet load 6,4 Tbps Ports 40 Gbit 32 QSFP Ports 100 Gbit 32 QSFP28 GUI WEB/CLI/GUI Packet buffer YES 24 MB Delay < 700 ns Dual Power YES 128 x 10 Gbit (with breakout) All ports activated, no extra charge
IMSI Filtering Overview • IMSI Filtering = ALL signalling and user packets of a call. • Requires to find signalling message that contains the IMSI. – Certain messages only include the IMSI information • PDP Context Request (3G) • Session Create Request (4G) • After finding these messages a correlation mechanism is required. – Find ALL signalling and ALL user traffic data that belong to this call • Send all correlated packets to an external analyser/probe.
Example - Session Create Message • Cubro EXA24160 Sessionmaster finds the message and ALL other packets that belong to this call
IMSI Filtering Concept • Every EXA24160 gets full signalling. – Reason: It is unknown which EXA24160 will receive the user traffic of a specific call • User data packets are distributed (load-balanced) among the EXA24160s  by adding EXA24160s the solution is extremely flexible in terms of traffic growth!!! Scalability. Signalling broadcast User Load-balanced (GTP inner IP) Signalling User
Sessionmaster EXA24160  2 x Octeon III CN7890 CPU (48 cores each)  consider as two independent units  4 x 40G ports and 24 x 10G ports per EXA24160  1U 19” dual power supply  Up to 120Gbps L4 filtering performance  Up to 120Gbps GTP inner IP filtering performance  Up to 120Gbps GTP inner IP Load-balancing  Up to 100G mobile data correlation (=IMSI Filtering)  Up to 100000 IMSIs in parallel  Up to 80Gbps keyword search performance  Up to 30 Gbps flow-aware REGEX performance GTP, Correlation and REGEX in one unit
Current traffic volume • Every EXA24160 needs to run the same configuration. – Unknown which EXA24160 gets the traffic. Thus it is also unknown where the traffic is sent out. • Keep the EXA24160 synchronized! User-plane: approx. 23Gbps per port(about 180Gbps in total) Signalling-plane: approx. 50Mbps per port Filtered outputs - connected to distribution layer (Cubro EX20400) to multiply traffic when needed and to connect parallel monitoring systems. Output bandwidth depends on the number of IMSIs filtered (up to 100000)
Why traffic distribution layer? • Full flexibility – just add new probes/analyzers – Straight forward way to multiply traffic. • Scalable – Cubro solution can easily grow when traffic increases; just add new EXA24160 when traffic goes beyond 200Gbps.
System Management • Central software that controls all units. – Keep configurations consistent. – Management of filter rules – Highly protected to avoid misuse – Security logs Output bandwidth monitoring IMSI filter setup
Summary • Future-proof (investment protected). – Just add EXA24160s when traffic grows. • Easy to use and straight forward to implement. • Flexible – add/remove probes/analyzers without affecting others. • Full solution from Layer 1 tapping to traffic correlation from a single vendor.
Thank you EMEA Cubro Network Visibility Ghegastraße 1030 Vienna, Austria Tel.: +43 1 29826660 Fax: +43 1 2982666399 Email: support@cubro.com Cubro US 337 West Chocolate Ave Hershey, PA 17033 Tel.:717-576-9050 Fax.: 866-735-9232 Email: support@cubro.com Cubro Asia Pacific 8, Ubi Road 2 #04-12 Zervex Singapore 408538 Tel.: +65-97255386 Email: jl@cubro.com North America APAC Japan Cubro Japan 8-11-10-3F, Nishi-Shinjuku, Shinjuku, Tokyo, 160-0023 Japan Email: japan@cubro.com

Recommended

190937694 csfb-call-flows
190937694 csfb-call-flows190937694 csfb-call-flows
190937694 csfb-call-flows
amakRF
 
WCDMA RF optimization
WCDMA RF optimizationWCDMA RF optimization
WCDMA RF optimization
basioni
 
Cs fallback feature
Cs fallback featureCs fallback feature
Cs fallback feature
Achmad Salsabil
 
LTE - Long Term Evolution
LTE - Long Term EvolutionLTE - Long Term Evolution
LTE - Long Term Evolution
Arief Gunawan
 
MPLS L2VPN (VLL) Technology
MPLS L2VPN (VLL) TechnologyMPLS L2VPN (VLL) Technology
MPLS L2VPN (VLL) Technology
Andy Juan Sarango Veliz
 
E2 e+call+setup+time+(cst)+enhacenments p3_benchmarking
E2 e+call+setup+time+(cst)+enhacenments p3_benchmarkingE2 e+call+setup+time+(cst)+enhacenments p3_benchmarking
E2 e+call+setup+time+(cst)+enhacenments p3_benchmarking
Otseakemhe
 
Drx in rrc idle
Drx in rrc idleDrx in rrc idle
Drx in rrc idle
Young Hwan Kim
 
Umts call-flows
Umts call-flowsUmts call-flows
Umts call-flows
sivakumar D
 

Recommended

190937694 csfb-call-flows
190937694 csfb-call-flows190937694 csfb-call-flows
190937694 csfb-call-flows
amakRF
 
WCDMA RF optimization
WCDMA RF optimizationWCDMA RF optimization
WCDMA RF optimization
basioni
 
Cs fallback feature
Cs fallback featureCs fallback feature
Cs fallback feature
Achmad Salsabil
 
LTE - Long Term Evolution
LTE - Long Term EvolutionLTE - Long Term Evolution
LTE - Long Term Evolution
Arief Gunawan
 
MPLS L2VPN (VLL) Technology
MPLS L2VPN (VLL) TechnologyMPLS L2VPN (VLL) Technology
MPLS L2VPN (VLL) Technology
Andy Juan Sarango Veliz
 
E2 e+call+setup+time+(cst)+enhacenments p3_benchmarking
E2 e+call+setup+time+(cst)+enhacenments p3_benchmarkingE2 e+call+setup+time+(cst)+enhacenments p3_benchmarking
E2 e+call+setup+time+(cst)+enhacenments p3_benchmarking
Otseakemhe
 
Drx in rrc idle
Drx in rrc idleDrx in rrc idle
Drx in rrc idle
Young Hwan Kim
 
Umts call-flows
Umts call-flowsUmts call-flows
Umts call-flows
sivakumar D
 
LTE Interference troubleshooting guide
LTE Interference troubleshooting guideLTE Interference troubleshooting guide
LTE Interference troubleshooting guide
Klajdi Husi
 
Lte outbound roaming_session
Lte outbound roaming_sessionLte outbound roaming_session
Lte outbound roaming_session
Samir Mohanty
 
Lte initial access
Lte initial accessLte initial access
Lte initial access
Poorna Chandra Obineni
 
Lte epc kp is and signalling (sf)
Lte epc kp is and signalling (sf)Lte epc kp is and signalling (sf)
Lte epc kp is and signalling (sf)
Cesar Cardozo Barrios
 
Complete umts call flow
Complete umts call flowComplete umts call flow
Complete umts call flow
sivakumar D
 
5g introduction_NR
5g introduction_NR5g introduction_NR
5g introduction_NR
Nitin George Thomas
 
LTE Location Management and Mobility Management
LTE Location Management and Mobility ManagementLTE Location Management and Mobility Management
LTE Location Management and Mobility Management
aliirfan04
 
Lte kpis, counters & amp; timers
Lte kpis, counters & amp; timers Lte kpis, counters & amp; timers
Lte kpis, counters & amp; timers
Abhishek Jena
 
IP Concept in LTE
IP Concept in LTEIP Concept in LTE
IP Concept in LTESofian .
 
4G Handovers || LTE Handovers ||
4G Handovers || LTE Handovers || 4G Handovers || LTE Handovers ||
4G Handovers || LTE Handovers ||
ankur tomar
 
Lte protocols
Lte protocolsLte protocols
Lte protocols
ece_narender
 
Huawei wcdma traffic counter
Huawei wcdma traffic counterHuawei wcdma traffic counter
Huawei wcdma traffic counterSARKHEEL
 
NSA Mobility Managment.pptx
NSA Mobility Managment.pptxNSA Mobility Managment.pptx
NSA Mobility Managment.pptx
ErayUyanik
 
3G basic good
3G basic good3G basic good
3G basic good
Jit Pal Dhanjal
 
UMTS/WCDMA Call Flows for Handovers
UMTS/WCDMA Call Flows for HandoversUMTS/WCDMA Call Flows for Handovers
UMTS/WCDMA Call Flows for Handovers
Justin MA (馬嘉昌)
 
LTE and EPC Specifications
LTE and EPC SpecificationsLTE and EPC Specifications
LTE and EPC Specifications
aliirfan04
 
3 lte mac_rrc(조봉열)
3 lte mac_rrc(조봉열)3 lte mac_rrc(조봉열)
3 lte mac_rrc(조봉열)
Dattaraj Pangam
 
4 lte access transport network dimensioning issue 1.02
4 lte access transport network dimensioning issue 1.024 lte access transport network dimensioning issue 1.02
4 lte access transport network dimensioning issue 1.02
saeed_sh65
 
Lte resource grid
Lte resource gridLte resource grid
Lte resource grid
Achmad Salsabil
 
End to End volte ims sip call flow Guide - Mobile originating and Mobile term...
End to End volte ims sip call flow Guide - Mobile originating and Mobile term...End to End volte ims sip call flow Guide - Mobile originating and Mobile term...
End to End volte ims sip call flow Guide - Mobile originating and Mobile term...
Vikas Shokeen
 
Understand LPWA tetchnologies (Sigfox and LoRa)
Understand LPWA tetchnologies (Sigfox and LoRa)Understand LPWA tetchnologies (Sigfox and LoRa)
Understand LPWA tetchnologies (Sigfox and LoRa)
Robert Vivanco Salcedo
 
Vision one-customer
Vision one-customerVision one-customer
Vision one-customer
Marie-Agnès PONS
 

More Related Content

What's hot

LTE Interference troubleshooting guide
LTE Interference troubleshooting guideLTE Interference troubleshooting guide
LTE Interference troubleshooting guide
Klajdi Husi
 
Lte outbound roaming_session
Lte outbound roaming_sessionLte outbound roaming_session
Lte outbound roaming_session
Samir Mohanty
 
Lte initial access
Lte initial accessLte initial access
Lte initial access
Poorna Chandra Obineni
 
Lte epc kp is and signalling (sf)
Lte epc kp is and signalling (sf)Lte epc kp is and signalling (sf)
Lte epc kp is and signalling (sf)
Cesar Cardozo Barrios
 
Complete umts call flow
Complete umts call flowComplete umts call flow
Complete umts call flow
sivakumar D
 
5g introduction_NR
5g introduction_NR5g introduction_NR
5g introduction_NR
Nitin George Thomas
 
LTE Location Management and Mobility Management
LTE Location Management and Mobility ManagementLTE Location Management and Mobility Management
LTE Location Management and Mobility Management
aliirfan04
 
Lte kpis, counters & amp; timers
Lte kpis, counters & amp; timers Lte kpis, counters & amp; timers
Lte kpis, counters & amp; timers
Abhishek Jena
 
IP Concept in LTE
IP Concept in LTEIP Concept in LTE
IP Concept in LTESofian .
 
4G Handovers || LTE Handovers ||
4G Handovers || LTE Handovers || 4G Handovers || LTE Handovers ||
4G Handovers || LTE Handovers ||
ankur tomar
 
Lte protocols
Lte protocolsLte protocols
Lte protocols
ece_narender
 
Huawei wcdma traffic counter
Huawei wcdma traffic counterHuawei wcdma traffic counter
Huawei wcdma traffic counterSARKHEEL
 
NSA Mobility Managment.pptx
NSA Mobility Managment.pptxNSA Mobility Managment.pptx
NSA Mobility Managment.pptx
ErayUyanik
 
3G basic good
3G basic good3G basic good
3G basic good
Jit Pal Dhanjal
 
UMTS/WCDMA Call Flows for Handovers
UMTS/WCDMA Call Flows for HandoversUMTS/WCDMA Call Flows for Handovers
UMTS/WCDMA Call Flows for Handovers
Justin MA (馬嘉昌)
 
LTE and EPC Specifications
LTE and EPC SpecificationsLTE and EPC Specifications
LTE and EPC Specifications
aliirfan04
 
3 lte mac_rrc(조봉열)
3 lte mac_rrc(조봉열)3 lte mac_rrc(조봉열)
3 lte mac_rrc(조봉열)
Dattaraj Pangam
 
4 lte access transport network dimensioning issue 1.02
4 lte access transport network dimensioning issue 1.024 lte access transport network dimensioning issue 1.02
4 lte access transport network dimensioning issue 1.02
saeed_sh65
 
Lte resource grid
Lte resource gridLte resource grid
Lte resource grid
Achmad Salsabil
 
End to End volte ims sip call flow Guide - Mobile originating and Mobile term...
End to End volte ims sip call flow Guide - Mobile originating and Mobile term...End to End volte ims sip call flow Guide - Mobile originating and Mobile term...
End to End volte ims sip call flow Guide - Mobile originating and Mobile term...
Vikas Shokeen
 

What's hot (20)

LTE Interference troubleshooting guide
LTE Interference troubleshooting guideLTE Interference troubleshooting guide
LTE Interference troubleshooting guide
 
Lte outbound roaming_session
Lte outbound roaming_sessionLte outbound roaming_session
Lte outbound roaming_session
 
Lte initial access
Lte initial accessLte initial access
Lte initial access
 
Lte epc kp is and signalling (sf)
Lte epc kp is and signalling (sf)Lte epc kp is and signalling (sf)
Lte epc kp is and signalling (sf)
 
Complete umts call flow
Complete umts call flowComplete umts call flow
Complete umts call flow
 
5g introduction_NR
5g introduction_NR5g introduction_NR
5g introduction_NR
 
LTE Location Management and Mobility Management
LTE Location Management and Mobility ManagementLTE Location Management and Mobility Management
LTE Location Management and Mobility Management
 
Lte kpis, counters & amp; timers
Lte kpis, counters & amp; timers Lte kpis, counters & amp; timers
Lte kpis, counters & amp; timers
 
IP Concept in LTE
IP Concept in LTEIP Concept in LTE
IP Concept in LTE
 
4G Handovers || LTE Handovers ||
4G Handovers || LTE Handovers || 4G Handovers || LTE Handovers ||
4G Handovers || LTE Handovers ||
 
Lte protocols
Lte protocolsLte protocols
Lte protocols
 
Huawei wcdma traffic counter
Huawei wcdma traffic counterHuawei wcdma traffic counter
Huawei wcdma traffic counter
 
NSA Mobility Managment.pptx
NSA Mobility Managment.pptxNSA Mobility Managment.pptx
NSA Mobility Managment.pptx
 
3G basic good
3G basic good3G basic good
3G basic good
 
UMTS/WCDMA Call Flows for Handovers
UMTS/WCDMA Call Flows for HandoversUMTS/WCDMA Call Flows for Handovers
UMTS/WCDMA Call Flows for Handovers
 
LTE and EPC Specifications
LTE and EPC SpecificationsLTE and EPC Specifications
LTE and EPC Specifications
 
3 lte mac_rrc(조봉열)
3 lte mac_rrc(조봉열)3 lte mac_rrc(조봉열)
3 lte mac_rrc(조봉열)
 
4 lte access transport network dimensioning issue 1.02
4 lte access transport network dimensioning issue 1.024 lte access transport network dimensioning issue 1.02
4 lte access transport network dimensioning issue 1.02
 
Lte resource grid
Lte resource gridLte resource grid
Lte resource grid
 
End to End volte ims sip call flow Guide - Mobile originating and Mobile term...
End to End volte ims sip call flow Guide - Mobile originating and Mobile term...End to End volte ims sip call flow Guide - Mobile originating and Mobile term...
End to End volte ims sip call flow Guide - Mobile originating and Mobile term...
 

Similar to Imsi filtering exa24160

Understand LPWA tetchnologies (Sigfox and LoRa)
Understand LPWA tetchnologies (Sigfox and LoRa)Understand LPWA tetchnologies (Sigfox and LoRa)
Understand LPWA tetchnologies (Sigfox and LoRa)
Robert Vivanco Salcedo
 
Vision one-customer
Vision one-customerVision one-customer
Vision one-customer
Marie-Agnès PONS
 
Gtp load balancing 27.9.17
Gtp load balancing 27.9.17Gtp load balancing 27.9.17
Gtp load balancing 27.9.17
Tamanna Bhatia
 
Squire Technologies: Signal Transfer Point
Squire Technologies: Signal Transfer PointSquire Technologies: Signal Transfer Point
Squire Technologies: Signal Transfer Point
Squire Technologies
 
NFA - Middle East Workshop
NFA - Middle East WorkshopNFA - Middle East Workshop
NFA - Middle East Workshop
ManageEngine, Zoho Corporation
 
Vsat day-2008-idirect
Vsat day-2008-idirectVsat day-2008-idirect
Vsat day-2008-idirect
SSPI Brasil
 
TADSummit, The MONEH Innovation Showcase chaired by James Body, Telet Research
TADSummit, The MONEH Innovation Showcase chaired by James Body, Telet ResearchTADSummit, The MONEH Innovation Showcase chaired by James Body, Telet Research
TADSummit, The MONEH Innovation Showcase chaired by James Body, Telet Research
Alan Quayle
 
Intelligent Network Services through Active Flow Manipulation
Intelligent Network Services through Active Flow ManipulationIntelligent Network Services through Active Flow Manipulation
Intelligent Network Services through Active Flow Manipulation
Tal Lavian Ph.D.
 
IXIA VISIBILITY ARCHITECTURE Eliminating Blind spots
IXIA VISIBILITY ARCHITECTURE Eliminating Blind spotsIXIA VISIBILITY ARCHITECTURE Eliminating Blind spots
IXIA VISIBILITY ARCHITECTURE Eliminating Blind spots
Cisco Russia
 
Re-inventing the Wireless Network | 2019 Tri-State Technology Conference Pres...
Re-inventing the Wireless Network | 2019 Tri-State Technology Conference Pres...Re-inventing the Wireless Network | 2019 Tri-State Technology Conference Pres...
Re-inventing the Wireless Network | 2019 Tri-State Technology Conference Pres...
Internetwork Engineering (IE)
 
FS S5800 Series 48xGigabit SFP with 4x10GbE SFP+ Switch
FS S5800 Series 48xGigabit SFP with 4x10GbE SFP+ Switch FS S5800 Series 48xGigabit SFP with 4x10GbE SFP+ Switch
FS S5800 Series 48xGigabit SFP with 4x10GbE SFP+ Switch
Katherine Wang
 
2020 Smart Transportation Solution
2020 Smart Transportation Solution2020 Smart Transportation Solution
2020 Smart Transportation Solution
IEI Integration Corp.
 
PLNOG 17 - Artur Kane - DDoS? You shall not pass!
PLNOG 17 - Artur Kane - DDoS? You shall not pass!PLNOG 17 - Artur Kane - DDoS? You shall not pass!
PLNOG 17 - Artur Kane - DDoS? You shall not pass!
PROIDEA
 
Lipa sipto overview
Lipa sipto overviewLipa sipto overview
Lipa sipto overview
AmareshPrasadGrahach
 
PLNOG 8: Peter Ashwood-Smith - Shortest Path Bridging IEEE 802.1aq
PLNOG 8: Peter Ashwood-Smith - Shortest Path Bridging IEEE 802.1aqPLNOG 8: Peter Ashwood-Smith - Shortest Path Bridging IEEE 802.1aq
PLNOG 8: Peter Ashwood-Smith - Shortest Path Bridging IEEE 802.1aq
PROIDEA
 
pdfslide.net_ims-basics-standardization-ims-components-and-ip-multimedia-subs...
pdfslide.net_ims-basics-standardization-ims-components-and-ip-multimedia-subs...pdfslide.net_ims-basics-standardization-ims-components-and-ip-multimedia-subs...
pdfslide.net_ims-basics-standardization-ims-components-and-ip-multimedia-subs...
AliAlwesabi
 
Monitor and manage everything Cisco using OpManager
Monitor and manage everything Cisco using OpManagerMonitor and manage everything Cisco using OpManager
Monitor and manage everything Cisco using OpManager
ManageEngine
 
Basic 5G.pdf
Basic 5G.pdfBasic 5G.pdf
Basic 5G.pdf
AnkushJuneja7
 
6Tisch telecom_bretagne_2016
6Tisch telecom_bretagne_20166Tisch telecom_bretagne_2016
6Tisch telecom_bretagne_2016
Pascal Thubert
 

Similar to Imsi filtering exa24160 (20)

Understand LPWA tetchnologies (Sigfox and LoRa)
Understand LPWA tetchnologies (Sigfox and LoRa)Understand LPWA tetchnologies (Sigfox and LoRa)
Understand LPWA tetchnologies (Sigfox and LoRa)
 
Vision one-customer
Vision one-customerVision one-customer
Vision one-customer
 
Gtp load balancing 27.9.17
Gtp load balancing 27.9.17Gtp load balancing 27.9.17
Gtp load balancing 27.9.17
 
Squire Technologies: Signal Transfer Point
Squire Technologies: Signal Transfer PointSquire Technologies: Signal Transfer Point
Squire Technologies: Signal Transfer Point
 
NFA - Middle East Workshop
NFA - Middle East WorkshopNFA - Middle East Workshop
NFA - Middle East Workshop
 
VNM2
VNM2VNM2
VNM2
 
Vsat day-2008-idirect
Vsat day-2008-idirectVsat day-2008-idirect
Vsat day-2008-idirect
 
TADSummit, The MONEH Innovation Showcase chaired by James Body, Telet Research
TADSummit, The MONEH Innovation Showcase chaired by James Body, Telet ResearchTADSummit, The MONEH Innovation Showcase chaired by James Body, Telet Research
TADSummit, The MONEH Innovation Showcase chaired by James Body, Telet Research
 
Intelligent Network Services through Active Flow Manipulation
Intelligent Network Services through Active Flow ManipulationIntelligent Network Services through Active Flow Manipulation
Intelligent Network Services through Active Flow Manipulation
 
IXIA VISIBILITY ARCHITECTURE Eliminating Blind spots
IXIA VISIBILITY ARCHITECTURE Eliminating Blind spotsIXIA VISIBILITY ARCHITECTURE Eliminating Blind spots
IXIA VISIBILITY ARCHITECTURE Eliminating Blind spots
 
Re-inventing the Wireless Network | 2019 Tri-State Technology Conference Pres...
Re-inventing the Wireless Network | 2019 Tri-State Technology Conference Pres...Re-inventing the Wireless Network | 2019 Tri-State Technology Conference Pres...
Re-inventing the Wireless Network | 2019 Tri-State Technology Conference Pres...
 
FS S5800 Series 48xGigabit SFP with 4x10GbE SFP+ Switch
FS S5800 Series 48xGigabit SFP with 4x10GbE SFP+ Switch FS S5800 Series 48xGigabit SFP with 4x10GbE SFP+ Switch
FS S5800 Series 48xGigabit SFP with 4x10GbE SFP+ Switch
 
2020 Smart Transportation Solution
2020 Smart Transportation Solution2020 Smart Transportation Solution
2020 Smart Transportation Solution
 
PLNOG 17 - Artur Kane - DDoS? You shall not pass!
PLNOG 17 - Artur Kane - DDoS? You shall not pass!PLNOG 17 - Artur Kane - DDoS? You shall not pass!
PLNOG 17 - Artur Kane - DDoS? You shall not pass!
 
Lipa sipto overview
Lipa sipto overviewLipa sipto overview
Lipa sipto overview
 
PLNOG 8: Peter Ashwood-Smith - Shortest Path Bridging IEEE 802.1aq
PLNOG 8: Peter Ashwood-Smith - Shortest Path Bridging IEEE 802.1aqPLNOG 8: Peter Ashwood-Smith - Shortest Path Bridging IEEE 802.1aq
PLNOG 8: Peter Ashwood-Smith - Shortest Path Bridging IEEE 802.1aq
 
pdfslide.net_ims-basics-standardization-ims-components-and-ip-multimedia-subs...
pdfslide.net_ims-basics-standardization-ims-components-and-ip-multimedia-subs...pdfslide.net_ims-basics-standardization-ims-components-and-ip-multimedia-subs...
pdfslide.net_ims-basics-standardization-ims-components-and-ip-multimedia-subs...
 
Monitor and manage everything Cisco using OpManager
Monitor and manage everything Cisco using OpManagerMonitor and manage everything Cisco using OpManager
Monitor and manage everything Cisco using OpManager
 
Basic 5G.pdf
Basic 5G.pdfBasic 5G.pdf
Basic 5G.pdf
 
6Tisch telecom_bretagne_2016
6Tisch telecom_bretagne_20166Tisch telecom_bretagne_2016
6Tisch telecom_bretagne_2016
 

Recently uploaded

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
Product School
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Product School
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Product School
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 

Recently uploaded (20)

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 

Imsi filtering exa24160

  • 1. IMSI, MS-ISDN & IMEI Filtering with Cubro EXA24160 Sessionmaster EXA24160 Deployment example at a European Mobile Operator May 2018 www.cubro.com
  • 2. Purpose of this presentation This presentation explains the concept of IMSI Filtering using Cubro products. It describes the entire Cubro solution from layer 1 tapping, aggregation, load-balancing to traffic correlation as implemented by a European mobile operator.
  • 3. Project Goals • Due to high traffic volume the monitoring of all user plane traffic does not make sense. – And by law it is not allowed without specific order from authority or agreement of the user. • However, for trouble-shooting a full call monitoring/tracing is vital. Requires both, signalling and user data of a specific customer. • Therefore, the customer requires an on- demand IMSI filtering solution that correlates signalling and user plane.
  • 4. Challenges • Find all signalling and user- plane traffic of a specific IMSI, MSISDN or IMEI. – Total traffic volume several hundred Gbps – Mixed technology (3G & 4G) • Security – Highly sensitive information – strict rules to access data – User agreement to activate monitoring (user support portal) • Scalability – Due to massive traffic growth scalability is a must
  • 5. Terms • IMSI … International Mobile Subscriber Identity – The IMSI is used to identify the user of a cellular network and is a unique identification associated with all cellular networks. The IMSI is usually provisioned in the SIM card. • MSISDN … Mobile Station International Subscriber Directory Number (=Telephone Number) – MSISDN is a unique number identifying a subscriber in a mobile network. Simply put, it is the mapping of the telephone number to the SIM card in a mobile/cellular phone. The MSISDN together with IMSI are two important numbers used for identifying a mobile subscriber. A SIM has a unique IMSI that does not change, while the MSISDN can change in time, i.e. different MSISDNs can be associated with the SIM. • IMEI … International Mobile Equipment Identity – The IMEI is a unique number that identifies mobile devices (=hardware identification). The IMEI number is used by a mobile network to identify valid devices and therefore can be used for stopping a stolen phone from accessing that network.
  • 6. IMSI Filtering • Throughout this presentation the term IMSI Filtering means filtering out signalling plane and user plane traffic of a specific user/call. • This specific user can be identified by: – IMSI – MSISDN – IMEI
  • 7. Deployment Overview vEPC Site 1 vEPC Site 2 vEPC Central Site Tapping Aggregation Tapping Aggregation Tapping Aggregation Filtering Load-Balancing IMSI Filtering Traffic Distribution Monitoring Tools
  • 8. Layer 1 Tapping at Site 1 and 2 • Cubro MTP TAP – 4 MTP Links in 1/3 U 19” – supports 40G and 100G – totally passive and secure Monitoring outputs 8 x 40G 4 x 40G live traffic to Packetmaster EX20400 for Aggregation
  • 9. Aggregation at Site 1 and 2 • Cubro Packetmaster EX20400 – 20 x 40G plus 4 x 40G/100G ports via QSFP/QSFP28 – 2,4Tbps throughput! – Aggregation, Filtering, Load-balancing – Managed via WebGUI and Cubro Vitrum 8 x 40G inputs from MTP TAPs 4 x 100G Load-balanced outputs total traffic load about 240Gbps • EX20400 aggregates all incoming vEPC traffic of site 1 and 2 (user and signaling) and load-balances it by means of five tuple hashing. – Filtering is not used  have all traffic available at Central Site. Transport Network to Central Site
  • 10. Central Site – Concept Overview • Incoming interfaces (as per May 2018) – 4 x 100G from Site 1 (vEPC 1) – 4 x 100G from Site 2 (vEPC 2) – 8 x 100G from Central Site (vEPC C) • Total incoming traffic is approx. 400Gbps. – Signalling (S11, GN-c, …) and User (GN-u and S1-U). • Requirements – Aggregate, Filter (Forward & Drop) and Load-balance • Forward all signalling traffic to more than one output port for different analysing systems including Cubro IMSI Filtering system. – Total signalling is about 50Mbit/s • Drop non-required user traffic (e.g. drop all traffic with DSCP=0) – After drop filtering approx. 180Gbps remains (400Gbps incoming in total) » All DSCP=0 packets are dropped • Load-balance remaining user traffic to Cubro IMSI Filtering system – Each IMSI Filter unit gets approx. 45Gbps user traffic
  • 11. Drop (DSCP=0) Signalling plane filters (VLAN IDs, IP Addresses, UDP Port 2123) User plane filters (VLAN IDs, IP Addresses, UDP Port 2152) Load-balancing by means of inner (user IP) Cubro IMSI Filtering System Cubro Mobile Probe Multiplication and Distribution Other Probes Other Probe Wireshark Server Multiplication and Distribution Central Site – Concept Overview EXA24160 EXA32100 EX20400 EX20400 Signalling User
  • 12. Central Site – Connection Diagram 16 x 100G 4 x 100G from Site 1 4 x 100G from Site 2 8 x 100G local traffic 400Gbps in total • Filtering = Separation signalling and user plane • Drop non-required traffic (DSCP=0) • Load-balance user traffic by means of GTP inner IP 4 x 40G user plane load-balanced 4 x 40G user plane load-balanced Distribution 1 x 40G signalling plane Break-out Box converts MTP to LC 10G LC outputs to Monitoring Tools IMSI Filtering (Signalling & User)
  • 13. Central Site – Filtering & load- balancing • Core element is the Cubro EXA32100 – 32 x 40G/100G ports (can also be used as 128 x 10G solution) – Filtering including GTP Layer; separates signalling and user traffic. – GTP Load-balancing based on inner (user) IP address; distribute user traffic evenly to the IMSI filtering solution. • Load-balancing S1-U traffic by means of GTP inner IP is the only feasible way to share user traffic between the different IMSI Filter boxes!
  • 14. Sessionmaster EXA32100  Filtering including GTP layer – e.g. filter a full range if user IPs  Up to 8000 parallel filter rules  Aggregation  GTP Load-balancing by inner (user IP)  All ports activated  All software activated  Low power design  Jumbo Frames 16000 Bytes  24MB Buffer for overload protection Packet load 6,4 Tbps Ports 40 Gbit 32 QSFP Ports 100 Gbit 32 QSFP28 GUI WEB/CLI/GUI Packet buffer YES 24 MB Delay < 700 ns Dual Power YES 128 x 10 Gbit (with breakout) All ports activated, no extra charge
  • 15. IMSI Filtering Overview • IMSI Filtering = ALL signalling and user packets of a call. • Requires to find signalling message that contains the IMSI. – Certain messages only include the IMSI information • PDP Context Request (3G) • Session Create Request (4G) • After finding these messages a correlation mechanism is required. – Find ALL signalling and ALL user traffic data that belong to this call • Send all correlated packets to an external analyser/probe.
  • 16. Example - Session Create Message • Cubro EXA24160 Sessionmaster finds the message and ALL other packets that belong to this call
  • 17. IMSI Filtering Concept • Every EXA24160 gets full signalling. – Reason: It is unknown which EXA24160 will receive the user traffic of a specific call • User data packets are distributed (load-balanced) among the EXA24160s  by adding EXA24160s the solution is extremely flexible in terms of traffic growth!!! Scalability. Signalling broadcast User Load-balanced (GTP inner IP) Signalling User
  • 18. Sessionmaster EXA24160  2 x Octeon III CN7890 CPU (48 cores each)  consider as two independent units  4 x 40G ports and 24 x 10G ports per EXA24160  1U 19” dual power supply  Up to 120Gbps L4 filtering performance  Up to 120Gbps GTP inner IP filtering performance  Up to 120Gbps GTP inner IP Load-balancing  Up to 100G mobile data correlation (=IMSI Filtering)  Up to 100000 IMSIs in parallel  Up to 80Gbps keyword search performance  Up to 30 Gbps flow-aware REGEX performance GTP, Correlation and REGEX in one unit
  • 19. Current traffic volume • Every EXA24160 needs to run the same configuration. – Unknown which EXA24160 gets the traffic. Thus it is also unknown where the traffic is sent out. • Keep the EXA24160 synchronized! User-plane: approx. 23Gbps per port(about 180Gbps in total) Signalling-plane: approx. 50Mbps per port Filtered outputs - connected to distribution layer (Cubro EX20400) to multiply traffic when needed and to connect parallel monitoring systems. Output bandwidth depends on the number of IMSIs filtered (up to 100000)
  • 20. Why traffic distribution layer? • Full flexibility – just add new probes/analyzers – Straight forward way to multiply traffic. • Scalable – Cubro solution can easily grow when traffic increases; just add new EXA24160 when traffic goes beyond 200Gbps.
  • 21. System Management • Central software that controls all units. – Keep configurations consistent. – Management of filter rules – Highly protected to avoid misuse – Security logs Output bandwidth monitoring IMSI filter setup
  • 22. Summary • Future-proof (investment protected). – Just add EXA24160s when traffic grows. • Easy to use and straight forward to implement. • Flexible – add/remove probes/analyzers without affecting others. • Full solution from Layer 1 tapping to traffic correlation from a single vendor.
  • 23. Thank you EMEA Cubro Network Visibility Ghegastraße 1030 Vienna, Austria Tel.: +43 1 29826660 Fax: +43 1 2982666399 Email: support@cubro.com Cubro US 337 West Chocolate Ave Hershey, PA 17033 Tel.:717-576-9050 Fax.: 866-735-9232 Email: support@cubro.com Cubro Asia Pacific 8, Ubi Road 2 #04-12 Zervex Singapore 408538 Tel.: +65-97255386 Email: jl@cubro.com North America APAC Japan Cubro Japan 8-11-10-3F, Nishi-Shinjuku, Shinjuku, Tokyo, 160-0023 Japan Email: japan@cubro.com