Regulation of Interception of Communications and Provision of Communication-Related Information Act, 2002 (Act 70 of 2002)Directives in Respect of Different Categories of Telecommunications Service Providers made in terms of The Regulation of Interception of Communications and Provision of Communication-Related Information Act, 2002 (Act No. 70 of 2002)Schedule C : Directive for Internet Service Providers in terms of Section 30(7)(a) read with Section 30(2) of the Regulation of Interception of Communications Information Act, 2002 (Act No. 70 of 2002)Part 3 : Detailed Security, Functional and Technical Requirements of the Facilities and Devices for Lawful Interception9. Security Requirements |
9.1 | Interception provisioning terminals must be housed in areas with access controls implemented to limit access by authorised staff only. Provisioning terminals may be accessible remotely across a network, in which case an encrypted communication channel is to be used. |
9.2 | Logical access control must be implemented on the provisioning terminals; at minimum, a password that is changed monthly is required. |
9.3 | The provisioning terminal must be configured to provide detailed togs of both successful and failed access attempts to the terminal. |
9.4 | The provisioning terminal and mediation device must be secured through means of a network firewall. The rule set on the firewall must explicitly deny all externally originated communication sessions unless it is from the interception centre (IC). |
9.5 | The provisioning terminals should have appropriate virus protection, and the virus protection chosen should be updated as often as is reasonably possible. |
9.6 | The communication link between the mediation device and the IC for the delivery of intercept related information (ie. H12) and intercepted content (i.e. H12) must be encrypted using an IPSEC based link encryption software or device working in ESP mode. The encryption algorithm to be used is either 168-bit EDE mode Triple DES or 192-bit CBC mode AES. |