Are you conforming to CALEA?

[Mark Morrissey <mark.morrissey15 () PCC EDU>]

My school has executed a project to help ensure that we meet the definition
of a private network for the purposes of CALEA. However, since most of us
may not know if we are truly exempt from CALEA for some time, we are
interested to know what steps have been taken by those schools that have
decided that they will be CALEA compliant now.

We are, of course, most interested in schools that have networks similar to
ours. Our network connects several main campuses and training centers in the
greater Portland (OR) metropolitan area. We have two separate connections
out to our upstream ISP and have a classic DMZ and front-line firewall setup
(with all the usual redundancy and failover). We own our border routers and
the fiber from our ISP terminates in our equipment.

Since at some point in the future, we may have to comply with CALEA
requirements, I am interested in hearing from schools with a similar
connection to their upstream ISP who have opted to comply with CALEA now. I
am particularly interested in the infrastructure deployed to comply with
CALEA and how that was architected. We feel that if we do have to comply
with CALEA at a later date that it will only be at our ingress/egress point.

Please feel free to send comments to me directly or post on list. If you
send me comments directly, please indicate if I can share some or all of the
information in a summary back to the list.

I am, of course, aware that CALEA is not the only regulation that affects
our technical infrastructure, but it is the current 800lb gorilla  :-)

Thank you all in advance.

--mark
-----------------------
Mark Morrissey
Information Security Manager
Portland Community College, Portland, Oregon
mark.morrissey15 () pcc edu
Desk: 503-977-4896  Mobile: 503-969-5631