|
Design and consultancy for securing networks and IT systems to UK government standards.
We help our customers secure their networks from the ever growing threat of network attacks. Pervasive Internet access and dependency on high-speed data exchange make network systems not only the most valuable asset to an organisation, but also the most vulnerable.
| Analysis & design |
Review your network security with respect to architecture and protocols. |
| Threat analysis |
Discover how vulnerable your network is to attack. |
| Secure infrastructure |
In-house capability to design and deploy secure networks, for example, IPSec, SSL, and government approved solutions. |
| Wire speed data capture and analysis |
Data capture and analysis of network traffic to reassemble the original content.
|
| Lawful interception |
Lawful interception products, system development, and consultancy to meet UK and international requirements. |
| Equipment evaluation |
Evaluate the vulnerability of your network components using our test network. |
| New products |
Development of network security products to meet your requirements.
Integration of security features into an existing product. |
Delivering RIPA Compliance
|
| Customer |
Tier One Vendor |
| Challenge |
A Tier 1 ISP was planning a significant network upgrade, which would result in the total loss of its existing monitoring capability. Maintaining RIPA compliance was a critical factor to allow the upgrade to take place. In addition to the loss of existing capability the network upgrade resulted in the multiplication of monitoring points from the low tens to in excess of a hundred. The network upgrade was business critical, so the provision of this capability had to be scheduled within the operator's extensive roll-out plans, without affecting normal business operations.
In spite of maintaining a significant operation the ISP had critical space and power requirements, as the monitoring system had to be co-hosted with existing infrastructure. In addition, although the operator has a significant UK support network the scale of their network roll-out and new RIPA obligations made it infeasible for them to provide full 1st and 2nd line support for the new monitoring system.
As a major supplier of RIPA compliant systems and a Siemens communications centre of excellence Roke was tasked to:
- Work closely with the operator's systems team to track a rapidly evolving network design and confirm the network and service interception requirements;
- Define a solution to the operator's unique deployment of multi-vendor network equipment;
- Develop a sophisticated Business Continuity configuration, with in excess of three management and handover points and multiple remote tasking locations;
- Deploy a turn-key RIPA compliant solution, capable of being tasked by staff, with no technical experience or training;
- Provide a 24/7 365 support service (1st, 2nd and 3rd line) integrating with the operators existing support team.
|
| Approach |
Extensive systems experience through supporting Siemens and deploying UK monitoring systems allowed Roke to rapidly assemble and deploy an experienced team to develop a solution, meeting both customer and government deadlines. Roke worked closely with the operator's systems team and with the four vendors implementing the network roll-out, to deliver a programme meeting customer and government requirements; delivering in the following areas:
- System Analysis: The Roke systems team worked closely with the customer's security and technical teams to identify all aspects of the network, services and protocols that were key to the monitoring solution. This was a fast-moving process, as the solution was being developed in parallel to the customer's network design;
- System Design: Definition of the placement of the monitoring equipment and its associated network infrastructure. Close liaison was maintained throughout with the customer's systems team to track network changes;
- Implementation: Roke engineers enhanced the standard monitoring product to integrate closely with the operator's network equipment and business support systems, to maximise the efficiency of the customer's business processes (minimising OPEX);
- Security: Roke worked closely with the customer and the government security team to provide innovative networking and architectural solutions, to meet the customer's unique requirements;
- Installation: The Roke team worked closely with the customer's support staff to perform a joint roll-out of management sites and monitoring points;
- Support: As the customer has insufficient cleared technical staff Roke provides an integrated support service. 24/7 365 support is provided at 2nd and 3rd line, with shared responsibility for 2nd line operations.
|
| Benefits |
Key success factors for the customer were meeting their RIPA obligation, minimising CAPEX and OPEX, whilst having a minimal impact on normal business operations.
Roke was able to address these requirements in the following ways:
- Deployment of a dedicated and highly experienced team, who were able to successfully engage with the customer's technical and security team at the highest level;
- Building on Roke's best-of-breed RIPA compliant solution to rapidly include the additional features necessary to address the customer's unique requirements. This was achieved whilst retaining all of the features and benefits of the standard product; allowing the customer to capitalise on them as its service offering grows;
- As a member of the Siemens family the Roke is highly experienced in managing relationships in cross-functional multidisciplinary teams;
- Roke's experienced support team's provision of an integrated support solution, with shared responsibility for 2nd line operations.
Roke has delivered the following benefits to the customer's operation:
- Delivery of a fully compliant system within government deadlines allowed maximum cost recovery through government grants, minimising CAPEX and OPEX;
- Close integration with the customer's business processes ensure minimum impact to normal business operations, minimising OPEX;
- Use of a Warrant based management system, designed for use by non technical staff allows warrant handling by non-technical legal staff.
|
|
