6.3.1 General

33.1273GPPLawful Interception (LI) architecture and functionsRelease 18TS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

The present document specifies three options for EPC interception capabilities:

– Option A. Perform LI on the events specified in the current document in clauses 6.3.2.3.1, 6.3.3.3 and 6.3.4.3 using the capabilities specified below for stage 2 and in TS 33.128 [15] for stage 3.

– Option B. Perform LI on the events specified in TS 33.107 [11] clause 12 and clause 18.2.4 using the capabilities specified below in the present document for stage 2 and in TS 33.128 [15] for stage 3.

– Option C. Use TS 33.107 [11] and TS 33.108 [21] natively as defined in those documents.

For implementations that include EPS/5GS interworking, Option A shall be used.

For virtualised 4G implementations from Release 15 onwards (including combined 4G / 5G scenarios), 4G shall be virtualised based on the architecture in clause 5.6. For such implementations the LI architecture for 4G / LTE shall be implemented using an ADMF as defined in the present document (including LIPF and LICF split). However, equivalent reference points as specified in TS 33.107 [11] shall be used where appropriate (e.g. X2 is equivalent to LI_X2 in the present document and MDF is equivalent to MF/DF). Security and audit requirements as defined in clause 8 of the present document shall be applied to such 4G scenarios.