Community discussions

 
ccsdias
just joined
Topic Author
Posts: 3
Joined: Mon Jun 04, 2007 9:54 am
Location: UK
Contact:

Data Retention Directive

Fri Nov 23, 2012 4:32 am

Dear Mikrotik users,

I'm a Hotspot Provider here in London, using only routerboards and a external radius server for the hotspots and I would like to comply with the EU Data retention directive.
I saw some articles about calea, but I'm not sure how to do the following setup:

I would like to have all my hotspots sending the data logs to a centralized server in my office and that's the part where i have no clue how to configure.
Is there a way to send the data captured by calea to a remote server? How can I identify from which hotspot the data is coming from?
Which kind of server can I use to receive and store the data from calea?
If anyone have done it already or know how to do I would be very thankful for your help.

Thanks to all in advance and I see you in Zagreb.
 
User avatar
TheWiFiGuy
Member
Member
Posts: 351
Joined: Thu Nov 24, 2011 7:26 pm
Location: UK

Data Retention Directive

Sat Nov 24, 2012 1:36 am

Theres more laws than that to contend with, and if you think storing that data on a server in your office is the way to go you may be in for a shock. Sorry, cant help you with this one - conflict of interest.
----------------------
Mikrotik Consultant.
MTCNA, MTWCE, MTCTCE, MTCRE, MTCINE
 
ccsdias
just joined
Topic Author
Posts: 3
Joined: Mon Jun 04, 2007 9:54 am
Location: UK
Contact:

Re: Data Retention Directive

Sat Nov 24, 2012 3:27 am

Dear TheWiFiGuy, I'm trying to find an IP solicitor for guidance on the data protection and data retention laws, but so far didn't find one that does both.
What did you mean by "conflict of interest", do you also provide hotspots in London?
Can you please tell me only what other laws do I need to comply?

Thanks for your help.
 
Ivoshiee
Member
Member
Posts: 471
Joined: Sat May 06, 2006 4:11 pm

Re: Data Retention Directive

Sat Nov 24, 2012 5:25 am

We need to store the IP connection session logs for about a year or so to comply, if I am not terribly mistaken. Out of the box I see no such capabilities within ROS. Surely someone has implemented their own means to achieve that with ROS as well. If it is not done yet then there should be a Mikrotik WIKI page for that.
 
User avatar
TheWiFiGuy
Member
Member
Posts: 351
Joined: Thu Nov 24, 2011 7:26 pm
Location: UK

Data Retention Directive

Sat Nov 24, 2012 11:39 am

Ccsdias : just google wifi laws , pick a wifi provider from list and youll see all the laws you need to contend with.
----------------------
Mikrotik Consultant.
MTCNA, MTWCE, MTCTCE, MTCRE, MTCINE
 
glucz
Member Candidate
Member Candidate
Posts: 123
Joined: Wed Jun 06, 2007 10:25 pm

Re: Data Retention Directive

Wed Nov 28, 2012 3:09 pm

Well .. first of all decide what you want to log. I think the data retention directive talks about a lot of garbage like logging all emails (?) - which as a hotspot provider you will not be able to do for example.

The only thing you can directly log are login, logout times and originating IP. Since your customers go through NAT, even if you get a fraud notice you will still have 50-100 customers who had been online and no way to know who had been responsible.

You can generate log events in firewall based on port accesses, L7 matches ... which might give you a way to trace back actions to specific internal IP addresses that could be traced back to actual users. However as I wrote you need to decide what to log to be able to set up the L7 patterns and port numbers to watch.

Mikrotik can log to a remote syslog server. If you go to search.cpan.net, you can search for syslog server modules and even get some example perl code. However you will have to write the guts of the server to fit your specific needs... that is decide how to process the log lines that you have coming in. Usually the logs lines are in some dump format containing several blocks of information. Different log events may generate differently formatted log lines, so once you have these coming in can you decide how you want to parse them and how you want to store them.

Storage is an entirely other matter if you have 20-30-50 serves and are logging a lot of actions. You could have 5-10 000 events coming in every minute, so you may want to figure out a compression scheme or drop similar events within the same 5 minutes time window. Then of course this needs to be easily researchable, so you might want to use a database.

GL
 
ccsdias
just joined
Topic Author
Posts: 3
Joined: Mon Jun 04, 2007 9:54 am
Location: UK
Contact:

Re: Data Retention Directive

Thu Nov 29, 2012 2:22 am

Thanks all for the replies, I think the Idea of storing data in my office was not well thought. Just need to find the right solution and use a server in a data center.
Glucz, this law is quite confusing, from what I read so far it doesn't say we must store the data all the time, but only when we receive a notice from the authorities, but to be on the safe side and to avoid losing business for bigger hotspot providers I decided to find a solution for my company.
With my Aradial radius server I'm already keeping logs from my customers activities such as local IP address, MAC address, userID, time of login and logout, now I just need to log the web activity of the users.
I spoke with someone from Solarwinds about Log & Event Manager solution which seems more affordable to me as small hotspot provider and apparently has a very good compression scheme which also would save me a lot on data center storage.
I think that the idea that you have to retain the data all the time for 6 or 12 months without been asked to so by the Authorities is also scaremongering tactics being used by some larger hotspot providers, so they can differentiate themselves from small providers.
Do you know if the Solarwinds Log & Event Manager solution would work with Mikrotik? Or do you know anyone who has used it?

Thanks

Claudio

Who is online

Users browsing this forum: No registered users and 77 guests