Category: Blogs


How advanced mobile network capacity management benefits society


How advanced mobile network capacity management benefits society

Mobile telephony and data transfer are indispensable in society, not just residents, but entire industries nowadays depend on the correct, thus unperturbed, functioning of telecom networks. Failure of these networks due to calamities or targeted cyber-attacks can have major social disruption and economic consequences and harms the confidence of citizens, businesses, and governments in the vital (cyber) infrastructure. Uninterrupted access to 112/911 can therefore no longer be guaranteed in such situations. With great personal and social consequences.



In case of calamities and large-scale events, cell towers are quickly overloaded. Neighboring cell towers try to cope with the capacity shortage, which also overloads them. Due to this domino effect, the entire mobile network can be impacted by a local incident.

This took place, for example, during the attacks of 22 March 2016 in Brussels. Due to the overloading of a small number of cell towers, the entire Belgian telephone network was affected and the crisis center was temporarily unavailable.

The fire in the Dutch Vodafone data center of 4 April 2012 could also be considered, which resulted that even the entire Dutch cabinet was unavailable for a number of days.

These recent calamities have shown that the telecommunications network is highly susceptible to overload in unexpected situations and that the consequences of this overload after the cause has been removed often last long.

In addition to calamities, cyber-attacks can also have a major impact on the availability of the mobile network. By (DDOS) attacks on the mobile infrastructure, it is relatively easy to overload a part of the network and thus creates a domino effect that affects the entire network.

Failure of the mobile infrastructure has an impact on the access to the emergency services 112 / 911. After all, about 93% of the 112 calls in the Netherlands take place via the mobile phone. The unavailability of the 112 service might have potentially fatal consequences. The expectation is that other countries will have similar numbers. Despite the fact that the legislator has legally stipulated that telecom providers must make provisions that are necessary to guarantee uninterrupted access to 112 / 911, in practice, it appears that the uninterrupted access to 112 / 911 could not be guaranteed.

The consequences of national outages of a mobile network as a result of a regional overload situation and the subsequent domino effect on the mobile network, such as in Belgium after the attacks in Zaventem, not only resulted in the unavailability of the national crisis center, but also took away the ability of citizens to do 112 emergency notifications. The sharing of experiences, compassion by citizens through the usual means (social media) was also greatly reduced. This situation has irrevocably impacted the citizen’s confidence in the mobile (critical) infrastructure.

Implementing a solution which ensures a higher availability of the mobile critical infrastructure, either through providing a faster recovery after a failure or which could detect and reduce the impact of a disruption, prevent the domino effect, would not only greatly benefit mobile operators, but more importantly also our society.


Environmental and health benefits

Cell towers are a fundamental part of each mobile network. Placement of these cell towers is subject to permits and acceptance of society. The arguments against expansion or placement of new cell towers are often: landscape pollution, extra radiation, and environmental impact. Often valid arguments, but in decision making these arguments often outweigh the advantages of a readily accessible mobile network. Nevertheless, a technology that reduces the need for extra placement of cell towers will have an ecologically positive impact. Implementing advanced capacity management tooling within the mobile network of a telecom operator would result less need to over-dimension their mobile network infrastructure and therefore fewer cell towers and fewer possible negative effects.

The implementation of LIMA Network Protect not only contributes to the resilience of the mobile network and the resilience of the society, but it also reduces the possible environmental and health impact of the placement of cell towers.


LIMA Network Protect

LIMA Network Protect ensures higher availability of the mobile critical infrastructure, through ensuring a faster recovery after failure. LIMA Network Protect can provide a clear picture of the disruption through the built-in dashboard so that those responsible can act more efficiently. It will make the inherently vulnerable telecom network more robust without drastic changes to the network and would reduce the need for planned overcapacity of the mobile network, resulting in environmental and health benefits.

For more information about our LIMA Network Protect solution, please visit our LIMA Network Protect website.


Checks, balances, and measurements for your Lawful Interception IT…


Checks, balances, and measurements for your Lawful Interception IT Architecture

Lawful Interception (LI) architectures deployed in telecommunication networks consist of many complex building blocks which are connected and integrated together. If one of these building blocks fails for whatever reason, potential important and often crucial intercepted data can be lost. The result: insufficient proof in court and more important non-compliance with local regulation.

Both telecommunication operators and LEA’s have an increased demand to determine if the end-to-end communication and IT technology chain is acting according to requirements and standards. Hence the need for a comprehensive but cost-efficient monitoring and measurement solution was born. A solution reducing the complexity for all stakeholders in the domain whilst creating the unfailingly and consistently data you need for compliance (Network Operators) and guarantee to receive the right data (LEA’s).

Group 2000 has a long history regarding providing innovative and sustainable compliance solutions like LIMA Élite.

LIMA Élite was built around an existing monitoring and measurement platform used to simulate targets as the modems act as normal phones. Various actions are supported by the platform, like connecting to the right network and technology. Support for dialing, sending SMS and retrieving websites via the mobile connection was added to  complete the functionality of the existing platform. A new backend system orchestrates all tests and also acts as a law enforcement monitoring facility (LEMF) to validate the output of the LI environment.

Furthermore, we correlate the intercepted data with the right action taken and to verify that the interception is working. All relevant ID’s are embedded in the technology and functionality in order to ensure that correlation is done in a perfect way independently of the execution of the actions to support long delays in delivery of the intercepted data.

The LIMA Élite backend supports many input formats, like ETSI-232, LEMF specific export formats, ETSI-671, and many others. To support the flexibility in configurations of the backend, the software makes use of flexible and easy to configure open source technology like Docker.

The modularity of LIMA Élite solution also opens chances for other derived, however, useful solutions, which might be topic for a follow-up blog.

For more information about our LIMA Élite solution, please visit our LIMA Élite website.



ETSI – The importance of effective standardization


ETSI – The importance of effective standardization

Group 2000 has been an active member of the European Telecommunications Standards Institute (ETSI) for over ten years.

As a technology supplier, we strongly believe that standardization is crucial for creating intelligent security solutions for law enforcement, intelligence agencies, telecom providers and internet service providers. Standardization and active collaboration across the industry makes it possible to combine platforms and solutions from multiple technology vendors, enabling better end-to-end security solutions.

In the field of Lawful Interception, the work of ETSI’s Technical Committee Lawful Interception (TC-LI) has proven to be very effective. The participants are government organizations, telecommunication providers, and technology vendors. Group 2000 actively participates in this committee, covering all aspects of interception and working closely together with other ETSI committees and with the 3rd Generation Partnership Project (3GPP).

The interoperability that is a core element of Group 2000’s strategy and our LIMA product portfolio is based on the adoption of these ETSI and 3GPP standards. The successful implementation of these standards enables lower integration costs and a faster time-to-market for our customers.

Group 2000 will continue to actively participate in and contribute to the ETSI TC-LI standardization efforts and promote the standardization efforts in the years to come!








From idea to product – CRMP


From idea to product – CRMP

Group 2000 is a company with years of experience in Network Management Solutions. Group 2000 needs to update and maintain their Network Management product suite constantly in order to keep up with the technology innovations and the security related items. Next to the impact on our existing products, these market movements also hold the possibility for new products. In this article Group 2000 will show how an idea is formed into a product. This blog is intended for more technical inclined readers and will not contain commercial information.

The product mentioned in this article is called “Cell Recovery Management Platform” (in short CRMP) and might soon enrich our network management suite portfolio. Network Management within Group 2000 means integration with various vendors (for example Nokia or Huawei) in a customer network. The vendors follow ETSI specifications so therefore Group 2000 needs to have in-depth knowledge (of ETSI specifications) in order to translate the individual use cases to vendor specific commands that need to be send into the customers network.

The initial idea for a new product came from a disaster that occurred a few years back when the mobile networks from multiple operators were disturbed for a long period of time. One of the striking things was that the impacted network area was far greater than the disaster area. This was caused by the handover behavior of cell phones when they lost the connection to the network.

Some time ago Group 2000 was in the phase of creating a product called LIMA Network Protect that required in depth knowledge concerning the process of cell phones setting up (and terminating) a connection to an operator network. This knowledge was gathered by investigating numerous (versions of) ETSI specifications. It was during that investigation that we found a way to potentially solve the problem that was mentioned earlier.

Group 2000 encourages employees to develop their own ideas. The process for these new ideas is that they are logged and pitched (internally) to see if the idea has any potential. The initial steps for our new product CRMP were taken. Next will be the creation of some high level documentation that can be used to determine the market potential for such a product. After these phases it is time to work out the requirements of the product so that each of the relevant use cases is supported and the product is compliant to the Group 2000 standards. During this requirements phase we identified a series of challenges that needed to be addressed.

As earlier mentioned, one of the features for a Network management product is the need to support various vendors. Due to the relatively long lifetime of a network element our product will encounter a broad range of different software versions in customer networks. In order to limit the impact and still be flexible enough to support the different setup between operators, group 2000 has chosen for the separation of concerns (SoC) principle. By implement according to the SoC principle, the Group 2000 software has a base that supports the use case and standard features and some small sections/modules (called provisioning modules) that encapsulate the vendor specific code. The result is a stable base product that has separate small provisioning modules which are impacted when the product encounters a different software version or even a new vendor.

The provisioning modules are also the entry points into the customer’s network and that means high security requirements and support for multiple connection methods like SSL, SFTP, SSH etc. Next to the method that is used to setup a connection, the product also needs to support parallelism in order to speed up a use case by opening multiple connections to the same network element.

Although Group 2000 software is highly configurable this particular product requires another level of configuration. Group 2000 wants this product to constantly fine-tune the settings on the customer’s network. One of the challenges is the varying performance of the network elements. The fastest network element responds in a matter of seconds while the slowest takes about 6 minutes to respond to a command. Normally there is no need to perform a second use case while the first use case isn’t finished but that would mean that the product is ‘inoperable’ for at least 6 minutes. That is not acceptable and to overcome this problem the product is going to use an “event driven process chain” (EPC) that is capable of maintaining events over different use cases. Also the EPC should be capable to react in a preconfigured manner to events that are sent from the network to the product. This feature enables the product to adjust the setup behavior of cell phones in the same area.

These are just a few technical items that need to be addressed in the requirements and of course in the product. Besides technical items there were also a series of commercial challenges, some of those could be addressed in the prototyping phase, others through desk research and interviews with potential customers. One particular challenge which significantly could impact the commercial success of the product was the Net Neutrality legislation as it was implemented in various countries. With the recent harmonization of the net neutrality regulation in Europe, introduction of CRMP now actually facilitates the new net neutrality regulation.

The next phase is the prototyping phase in which a subset of the requirements are build. The subset of the requirements is determined by some standard criteria’s like time and costs but, more importantly, features that are either technically challenging or identified as interesting for the market.

After the prototype and the market exploring, Group 2000 has a solid understanding concerning the costs, risks, effort and market potential of creating such a product. If the product still has enough potential then a new product is born and is added to Group 2000’s product portfolio.



How Cell Barring would help in preventing failing communications…

How Cell Barring would help in preventing failing communications at the moments that matter

We don’t notice how dependent we have become on our mobile networks, until they fail. Only then, we notice that it’s not for granted being able to communicate anywhere, anytime.  Such moments make us realize just how vulnerable we are. This is easy to overlook when the signal reception deteriorates on New Year’s Eve, when everybody wants to convey their best wishes at the same time. A power failure that causes a cell tower to breakdown, which in turn overloads another nearby mast, is generally resolved quickly as well.

However, what if there is a huge calamity, like an earthquake or a flood? The network traffic during the tsunami in Japan was fifty to sixty times larger than usual. Even if the infrastructure itself wouldn’t have been damaged, the increased demand on the mobile communication system would have caused the network to fail. In a situation where the emergency services need to be reachable, this is an absolute disaster.

How do we make the network accessible again? By excluding a part of the calls in the area surrounding the calamity: this is what we call a ‘cell barring’. First-aid workers and others, who need the mobile network the most, are prioritized by immediate and accurate network interventions. During the recent terrorist attacks in Brussels, users (including emergency services) were requested not to call, but rather to use WhatsApp instead: Under the given circumstances this was not the most useful means of communication, however it was the only way the network could cope.

The usage of LIMA Network Protect, a powerful tool from Group 2000, for managing critical networks and cell barring would have prevented this. By deploying this tool, we help mobile network operators in creating future-proof ‘smart cities’ that communicate resilient and prevent failing communications.



The official UK Government Global Security Event


The official UK Government Global Security Event

The Security and Policing Home Office Event, the official UK Government Global Security Event, will be held from March 7th till March 9th, 2017 at the Farnborough International Exhibition and Conference Centre, Hampshire, UK. Established over 30 years ago and having a global influence, this Home Office event is the corner-stone of the security calendar and is the only ‘closed’ event of its kind.

It is the premier platform for relevant UK suppliers to showcase the very latest equipment, training and support, to police services, Government departments, organizations and agencies from the UK and overseas. A key focus is to demonstrate the opportunities presented by innovative cutting edge technology. The Home Office is committed to working with partners in industry and academia to develop and collaborate on the products and services needed to cut crime, prevent terrorism, detect illegal immigration and promote growth. Being able to share needs whilst gaining a better understanding of the capabilities available is a critical part of this initiative. Security & Policing provides a platform for professionals from the UK and across the world to engage with the very highest level of security expertise and the latest technology.  It provides the level of industry engagement needed to enable UK Government to procure and deliver its national security priorities.

Group 2000 is one of the exhibitors at Security and Policing 2017. Group 2000 is an innovative solution provider which helps governments, intelligence agencies, telecommunication operators and large corporations in implementing surveillance infrastructures, solving their security matters and increasing the resilience of their critical infrastructures. Our people and technology help you to enable safer societies and protect mission critical IT and telecommunication infrastructures. You will find the Group 2000 booth at no. B15. For more information about Group 2000 visit their website



Spies in the boardroom


Spies in the boardroom

Cell phone, mobile device, smartphone… whatever you call the device, it’s one of the most prevalent tools for both personal and professional success, helping people stay connected, attend meetings, work on the go.

While many mobile device users may not think too long or hard about how the device makes the call unless it can’t find a signal you should be aware while using your phone in the next boardroom meeting.

In an article published a while ago by Popular Science, secure mobile phone vendor and manufacturer ESD America announced that its engineers and customers had detected 17 phony cell phone towers, also known as inceptors or IMSI catchers across the country using its CryptoPhone 500, an Android-based mobile phone that includes native voice and message encryption. While the inceptors may look legit, they are anything but: Cell towers could allow attackers to eavesdrop on calls and text messages or even possibly infect the devices connecting to it with malware.

According to Popular Science, though standard mobile devices may not detect a threat. Another sign is that standard carrier towers will be named whereas inceptors will not be. An interceptor or fake tower can force the decryption of devices connecting to it, allowing the tower to spy on and even hijack phone calls, text messages and other means of communications.

Imagine this happening while you are in your boardroom having the most important conference call with your entities around the globe to discuss your strategy.

I can almost read the headline in the news “Multi billion corporation CEO resigns after espionage”.

Mobile phones seek out radio signals and connect to the nearest cell tower, and each phone has to prove its authenticity to the tower it is connecting to. That’s where IMSI catchers, collect the IMSI identification numbers of the SIM cards used in cell phones. Cell phone towers nearby, regardless of whether the towers are fake or real, log the device’s IMSI.

This is where the tapping starts and you won’t even know about it.

Now, what to do to counter this irritating threat that you can’t even in the most secure room in your company make a phone call or send a message!

LIMA Intrusion Detector is Group 2000’s solution for detecting anomalies in the mobile network.

The LIMA Intrusion Detector solution consists of the Command & Control Center and one or more sensor devices. These sensor devices are setup in a geostationary setup; e.g. attached to buildings or structures and they are able to provide a (static) overview of all mobile cells in range. Using this static overview, the sensor devices in combination with the Command& Control Center application will be able to detect ‘anomalies’ within the area covered. In most cases these anomalies will be a kind of devices like IMSI Catchers. But also jammers and the use of so called (legal) femto cells for corporate use will be detected.

The LIMA Intrusion Detector will be delivered with a GUI that will easily be able to depict the cells in range and pinpoint / highlight the anomalies clearly.

Particularly for knowledge-intensive organizations like yours it is key to protect your company assets in order to prevent industrial espionage by other companies operating in the same domain or governmental bodies of foreign countries. The leakage of confidential information might e.g. result in the loss of your competitive advantage. As mentioned mobile communications by your employees can easily be eavesdropped without their knowledge through the use of IMSI catcher devices. LIMA Intrusion detector helps protecting your company assets by alerting your organization immediately when an IMSI catcher has been detected.

Want to know more, send me a message and let’s get in touch!



Resilient communications


Resilient communications

We don’t notice how dependent we have become on our mobile networks, until they fail. Only then, we notice that it’s not obvious being able to communicate anywhere, anytime. Those moments make us realize just how vulnerable we are. That is still to overlook when the signal reception drastically deteriorates on New Year’s Eve, when everybody wants to convey their best wishes at the same time. A power failure that causes a mast to breakdown, which in turn overloads another nearby mast, is generally resolved quickly as well.

However, what if there is a huge calamity, like an earthquake or a flood? The network traffic during the tsunami in Japan was fifty to sixty times larger than usual. Even if the infrastructure itself hasn’t been damaged, the increased demand on the mobile communication system causes the network to fail. In a situation where the emergency services should also be reachable, this is an absolute disaster.

How do we make the network accessible again? By excluding a part of the calls in the area surrounding the calamity: ‘cell barring’. First-aid workers and others, who need the mobile network the most, are prioritized by immediate and accurate network interventions. During the recent terrorist attacks on Brussels, users, including emergency services, received the request not to call, but to use WhatsApp: under the given circumstances this was definitely not the most useful means of communication.

Using LIMA Network Protect would have prevented this: a powerful tool from Group 2000, for managing critical networks and cell barring. By deploying this tool, we get future-proof ‘smart cities’ that communicate resilient.



Why your phone doesn’t work during terrorists attacks


Why your phone doesn’t work during terrorists attacks

When terrorists attack, cell phone networks fail. They go down during disasters, attacks and even at big events. What causes the network overload?

In the fog of disaster, hundreds of thousands of people trying to call their loved ones, police forces, fire departments, first aid support, everybody has a reason to communicate with the first thing they have in their hand, their cell phone…

Mobile networks simply clogged up as telecom providers coped with a massive and unexpected surge. In the aftermath of natural disasters, terrorist attacks, and anomalous incidents worldwide, telecommunications networks simply can’t cope with the sharp increase in call volume. Mobile networks have bandwidth that is more than sufficient 99% of the time. However, when disaster strikes, the decentralized nature of the network means that whole geographic regions can be knocked out by increased call volume.

Group 2000 has developed a solution where Mobile Network Operators control their networks with a simple push of a button to keep communication lines open at all times where it is most needed.

LIMA Network Protect is a modular solution that can protect the mobile network against overload situations caused by disasters and other planned or unplanned events. It does this by barring at cell level. LIMA Network Protect is a complete solution for Network and Subscriber Barring Control that is built around a central management system. It integrates all necessary network equipment, databases and includes a Graphical User Interface to visualize the network and affected areas. Cells can be bared at access class level enabling the operator to differentiate between the barring of private subscribers and emergency services.



Making Europe’s external frontiers and stadiums more secure


Making Europe’s external frontiers and stadiums more secure

Group 2000 is launching an effective tool for further securing Europe’s external frontiers with the introduction of LIMA Biometric Identity Surveillance.

This new generation of 3D facial recognition represents the next step forward. The system not only looks at the characteristics ‘on the surface’, but also at bone structures in the skull which are unique to every individual. There is simply any point in acquiring a new identity through plastic surgery any more. A facial scan can be carried out on everyone crossing the border and a check conducted against existing photo databases of people who have previously been detained for terrorism or human trafficking or are otherwise undesirable.

With the current refugee problem the system can also be crucial in establishing the identity of people who arrive at Europe’s external frontiers. A facial scan which cannot be falisified can be readily linked to existing databases and blacklists. People with malevolent intentions can therefore be identified more quickly than with the current labour-intensive registration system, which is not completely reliable.

For example, if evidence is lacking because the identity papers have been ‘lost’ between arrival at the airport and the asylum application, the LIMA facial scan carried out on all passengers at the gate can be decisive in determining what steps are taken, since the scan shows which faces arrived on which flights. In the case of a positive match the original airline can return the person concerned back to where they came from.

The system can also help with the ongoing problem of football hooligans who are subject to stadium bans. It has repeatedly shown that there are serious flaws in enforcing these stadium bans.
By installing the 3D camera system at the entrance gates, it is possible to check entirely automatically, quickly and accurately for every visitor whether that person is on the blacklist.

We are constantly working on new high-tech solutions to make society as safe as possible.