scope:

The present document provides a study of the virtual functions which are required to support LI in ETSI NFV based virtualised networks. The present document identifies the set of capabilities, interfaces, functions and components which can be utilized by the virtualised applications (VNFs) to provide Lawful Interception. The present document identifies top to bottom (Virtualised Application through NFV layer through hardware platform) LI architectures and identifies within the scope of ETSI NFV, capabilities, interfaces, functions and components required to support these architectures.

The present document has 3 primary objectives:

1) Identify and define 1 or more NFV reference LI architectures, including administration functions, virtual points of interception, mediation functions and other LI functions. This is intended to provide a common reference architecture which can be used to identify functional split across the Virtualised Network Functions application layer (e.g. 3GPP Network), NFV software platform layer (ETSI NFV) and Hardware Platform layer.

2) Identify potential NFV solutions which provide the capabilities, interfaces, functions and components to meet the identified LI architectures. This is intended to identify all of the elements and interconnection relationships needed to perform LI in a virtualised network. These will form the basis for future normative standardization in both ETSI NFV and other bodies such as 3GPP utilizing ETSI NFV to virtualise their network functions.

3) Document deployment scenarios examples for each of the identified reference LI architectures. This is intended to show specific examples for different types of interception (e.g. on switch/function vs probe based) in specific technology deployment scenarios (e.g. 3GPP).