Um Adm V82 35 Ius

s
LIOS
Lawful Interception Operation System
User Manual Administrator

A30828-X9410-B082-35-7619
Version 8.2
Issue 35
Confidential
Issued by
Program- and Systems Engineering
Siemensstrasse 88-92, A-1211 Vienna
Copyright Siemens AG 2007
SIEMENS AKTIENGESELLSCHAFT
All Rights Reserved.
LIOS V8.2 User Manual Administrator

Issue 35
Copyright 2007 Siemens AG sterreich (Siemens Austria)

Reproduction and redistribution only permitted with the written consent of SAG
PSE SMC.
Issued by the Program and System Engineering division,
SMC CI unit
Siemensstrasse 92
A-1211 Vienna
All hardware and software names used are trade names and/or trade marks
belonging to the respective manufacturers.
Technical modifications possible.
Technical specifications and features are binding only insofar as
they are specifically and expressly agreed upon in a written contract.
2/185
A30828-X9410-B082-35-7619

Issue 35
Table of Contents
0
GENERAL INFORMATION....................................................................................7
0.1
References .............................................................................................................................7
0.2
Abbreviations..........................................................................................................................7
0.3
List of Figures .......................................................................................................................10
0.4
List of Tables ........................................................................................................................12
INTRODUCTION .................................................................................................14
1.1
Documentation overview ......................................................................................................14
1.2
LIOS manuals.......................................................................................................................14
1.3
Target group and structure of this manual ...........................................................................14
SYSTEM DESCRIPTION ....................................................................................15
2.1
The Siemens Lawful Interception solution............................................................................15
2.2
LIOS......................................................................................................................................18
Active monitoring in fixed and mobile (wireless) networks .....................................................................18
2.2.1
LIOS general features...........................................................................................................22
2.2.2
LIOS components .................................................................................................................23
2.2.3
LIOS interfaces .....................................................................................................................24
2.2.4
Data safety............................................................................................................................25
2.2.5
LIOS user roles.....................................................................................................................25
WORKING WITH LIOS........................................................................................27
3.1
3.1.1
3.1.1.1
3.1.1.2
3.1.1.3
3.1.1.4
3.1.2
3.1.2.1
3.1.2.2
3.1.3
3.1.3.1
3.1.3.2
3.1.3.3
3.1.4
The LIOS GUI.......................................................................................................................27

The LIOS main page.............................................................................................................27
Header ..................................................................................................................................28
Navigation menu...................................................................................................................29
Application commands bar ...................................................................................................29
Work area (table) ..................................................................................................................29
Wizards, input forms and output forms.................................................................................30
Shifting items between lists ..................................................................................................30
Push buttons.........................................................................................................................31
Working with filter forms .......................................................................................................31
General filtering functions .....................................................................................................31
Filtering by date and time .....................................................................................................32
Filter push buttons ................................................................................................................33
IP address verification ..........................................................................................................33
3.2
3.2.1
3.2.2
User Administration ..............................................................................................................33

User filter...............................................................................................................................35
User data wizard...................................................................................................................36
3.3
3.3.1
3.3.2
User Administration: Groups ................................................................................................38

Group filter ............................................................................................................................40
Group data form....................................................................................................................40
3.4
3.4.1
3.4.2
3.4.3
3.4.4
3.4.5
3.4.5.1
3.4.5.2
Host Administration: NEs......................................................................................................42

Communication Settings.......................................................................................................44
NE activation.........................................................................................................................45
NE filter .................................................................................................................................46
Export....................................................................................................................................46
Setting up NEs......................................................................................................................47
Siemens EWSD and hiQ/E 9200..........................................................................................47
Siemens MSC.......................................................................................................................47
A30828-X9410-B082-35-7619
3/185

Issue 35
3.4.5.3
3.4.5.4
3.4.5.5
3.4.5.6
3.4.5.7
3.4.5.8
3.4.6
3.4.6.1
3.4.6.2
3.4.6.3
3.4.6.4
3.4.6.5
3.4.6.6
3.4.6.7
3.4.6.8
3.4.6.9
3.4.6.10
3.4.6.11
3.4.6.12
3.4.7
3.4.7.1
3.4.7.2
3.4.7.3
3.4.7.4
3.4.7.5
3.4.7.6
3.4.7.7
3.4.7.8
3.4.7.9
3.4.7.10
3.4.7.11
3.4.8
Siemens hiQ 4200 and 8000 ................................................................................................48

Alcatel S12............................................................................................................................48
Huawei C&C08 .....................................................................................................................48
Huawei GSM.........................................................................................................................48
Siemens IN@vantage...........................................................................................................48
Nortel (via LIM) .....................................................................................................................48
NE data wizard .....................................................................................................................48
General .................................................................................................................................49
LI Options .............................................................................................................................50
ETSI Network ID ...................................................................................................................50
LI NE passwords and specific parameters (for EWSD, hiQ/E9200) ....................................52
Parameters for X.25..............................................................................................................54
Parameters for IP (EWSD, hiQ/E9200, MSC SR11/SR12) ..................................................55
Parameters for IP (hiQ4200/8000) .......................................................................................55
Parameters for IP and MCs (Huawei C&C08) ......................................................................56
Parameters for IP (Huawei GSM).........................................................................................58
Parameters for IP (Siemens IN@vantage) ...........................................................................58
Authorization data (Nortel/LIM).............................................................................................60
Applications ..........................................................................................................................60
Application data wizard.........................................................................................................61
General application data.......................................................................................................61
OSI parameter ......................................................................................................................62
Passwords for EWSD and hiQ/E9200 FT..........................................................................63
Passwords for EWSD and hiQ/E9200 EFD.......................................................................63
Passwords for Alcatel S12 MMLCM ..................................................................................64
NE user IDs (MMLCM) .........................................................................................................64
NE user ID wizard.................................................................................................................65
Authorization data.................................................................................................................66
MMLCM authorization data...................................................................................................67
FT authorization....................................................................................................................68
FT Authorization form ...........................................................................................................68
Reset passwords ..................................................................................................................69
3.5
3.5.1
3.5.1.1
3.5.1.2
3.5.1.3
3.5.2
3.5.2.1
3.5.2.2
3.5.2.3
3.5.2.4
3.5.2.5
3.5.2.6
3.5.3
3.5.4
Host Administration: OS Servers..........................................................................................70

Setting up OS servers...........................................................................................................71
KCC LIM ...............................................................................................................................71
Mediation Device (Siemens IP) ............................................................................................71
Utimaco IMS .........................................................................................................................72
OS Server data wizard..........................................................................................................73
Communications parameters for LIM servers.......................................................................73
Parameters for Mediation Device (Siemens IP) ...................................................................74
Transport system and OS server user IDs (IMS) .................................................................75
OS server user IDs ...............................................................................................................75
MMLCM authorization data...................................................................................................77
IMS authorization data..........................................................................................................78
Activate/Deactivate OS servers............................................................................................79
OS server filter......................................................................................................................80
3.6
3.6.1
3.6.2
Host Administration: LIOS Servers.......................................................................................80

LIOS server data wizard .......................................................................................................82
Application data form ............................................................................................................84
3.7
3.7.1
Host Administration: NE Networks .......................................................................................85

NE network data form ...........................................................................................................87
3.8
3.8.1
3.8.2
3.8.2.1
3.8.2.2
3.8.2.2.1
3.8.2.2.2
LEA Administration ...............................................................................................................89

LEA filter ...............................................................................................................................90
LEA data wizard....................................................................................................................91
LEA identification ..................................................................................................................91
Profile types ..........................................................................................................................92
Siemens Fixed (EWSD, hiQ/E 9200) observation parameters.............................................93
Siemens Fixed (hiQ4200/8000) observation parameters.....................................................95
4/185
A30828-X9410-B082-35-7619

Issue 35
3.8.2.2.3
3.8.2.2.4
3.8.2.2.5
3.8.2.2.6
3.8.2.2.7
3.8.2.2.8
3.8.2.2.9
3.8.2.2.10
3.8.2.3
3.8.3
3.8.4
Siemens MSC observation parameters................................................................................96

Huawei GSM observation parameters..................................................................................97
Alcatel S12 observation parameters.....................................................................................98
Huawei Fixed ........................................................................................................................99
Huawei GSM observation parameters................................................................................100
Mediation Device (Siemens IP) observation parameters ...................................................101
Nortel Fixed (LIM) observation parameters ........................................................................102
Utimaco IMS observation parameters ................................................................................102
LEA communication parameters ........................................................................................105
Communication settings .....................................................................................................108
Check LEA modification......................................................................................................109
3.9
3.9.1
LEA Administration: CUGs .................................................................................................110

CUG data form....................................................................................................................111
3.10
3.10.1
3.10.2
3.10.3
3.10.3.1
3.10.3.1.1
3.10.3.1.2
3.10.3.1.3
3.10.3.1.4
3.10.3.1.5
0.1.1.1
About alarms ......................................................................................................................112

LIOS alarm concept ............................................................................................................112
Alarm states........................................................................................................................114
Alarm categories.................................................................................................................114
LI NE alarms .......................................................................................................................114
LI NE alarms from EWSD, hiE/Q9200 and Alcatel S12 .....................................................114
LI NE alarms from LIM........................................................................................................115
LI NE alarms from HiQ4200/8000 ......................................................................................116
LI NE alarms from IN@vantage..........................................................................................116
LI NE alarms from Mediation Device (Siemens IP) ............................................................116
LIOS alarms........................................................................................................................117
3.11
3.11.1
3.11.2
3.11.3
Alarm browser ....................................................................................................................119

Alarm browser: Alarms .......................................................................................................120
Alarm filter...........................................................................................................................123
Alarm browser: Alarm types................................................................................................124
3.12
3.12.1
MML Handling ....................................................................................................................127

MML command states ........................................................................................................127
3.13
3.13.1
3.13.2
MML console ......................................................................................................................127

How to enter an MML command ........................................................................................130
MML commands for LIOS administrators ..........................................................................131
3.14
3.14.1
MML browser ......................................................................................................................133

MML filter ............................................................................................................................133
3.15
3.15.1
3.15.2
3.15.3
EFD Administration.............................................................................................................135
Filter ....................................................................................................................................137
EFD data wizard .................................................................................................................137
Validate ...............................................................................................................................140
SPECIAL WORKING PROCEDURES...............................................................141
4.1
Ticket buffer management (only for EWSD and hiQ/E9200) .............................................141
4.2
Setting up closed user groups (CUGs) for LEAs on EWSD and hiQ/E9200 switches.......142
4.3
Configuring LI NE alarm filtering (lios.properties file).........................................................143
4.4
Configuring cyclic DB synchronization ...............................................................................144
4.5
Automatic DN synchronization following a Massive DN modification alarm.....................144
4.6
Upgrading the LIOS license................................................................................................144
4.7
Setting up a new EWSD or hiQ/E9200 NE in the LIOS system ........................................145
4.8
Handling an EWSD / hiQ/E9200 upgrade ..........................................................................145
4.9
Setting ETSI properties for NE ID (X.25 and E.164) ..........................................................146
4.10
Configuring maximum number of NE connections for EFD Administration .......................146
A30828-X9410-B082-35-7619
5/185

Issue 35
4.11
Setting active/passive FTP to LEAs and MCs (LIOS.properties file) .................................147
4.12
Switching parallel ticket sending on and off (LIOS.properties file) .....................................147
4.13
Switching support of LI management (HI1) notifications on and off (LIOS.properties file) 147
4.14
4.14.1
4.14.2
4.14.2.1
4.14.2.2
4.14.3
NTP Configuration for LIOS................................................................................................148

Multicast/Broadcast synchronization (automatic) ...............................................................148
Configuration check ............................................................................................................149
NTP server..........................................................................................................................149
NTP client ...........................................................................................................................150
Listing of NTP configuration files for LIOS..........................................................................150
4.15
Turning off the LIOS-proprietary time synchronization.......................................................152
4.16
Changing export format (field delimiter) in the LIOS.properties file ...................................152
4.17
Ticket time stamp conversion according to the time zone of the NE .................................152
SYSTEM CONFIGURATION .............................................................................154
5.1
5.1.1
5.1.2
Symmanager ......................................................................................................................154
Overview .............................................................................................................................154
Specifying size and number of internal buffers of the X.25 card ........................................154
5.2
Symmonitor.........................................................................................................................155
5.3
5.3.1
5.3.2
5.3.3
5.3.3.1
5.3.3.2
5.3.3.3
5.3.3.4
5.3.4
5.3.5
FTAM configuration ............................................................................................................155

Administering FTAM file transfer ........................................................................................155
Collecting X.25 configuration data......................................................................................156
Configuring Solstice X.25 software.....................................................................................157
Configuration of the X.25 link .............................................................................................157
Configuration of the LLC2 link ............................................................................................161
Administration of the X.25 routing table..............................................................................165
Activation of the X.25 configuration ....................................................................................167
Configuring the Solstice OSI software................................................................................168
Configuring the Solstice FTAM software ............................................................................175
5.4
5.4.1
5.4.2
5.4.3
5.4.4
5.4.4.1
5.4.5
Installing TopSec System (optional)...................................................................................177

Overview .............................................................................................................................177
Installation of administration software ................................................................................178
Initialization of TopSec Boxes ............................................................................................180
Administration of TopSec Boxes ........................................................................................181
Firmware update.................................................................................................................181
Switch to Plain Data Transfer .............................................................................................182
ANNEX 1: EXTERNAL ALARMING EMAIL AND SMS FORMATS ................184
6.1
Format of the alarm message for email..............................................................................184
6.2
Format of the alarm message for SMS ..............................................................................184
ANNEX 2: LIOS SUPPORTED NETWORK ELEMENTS ...............................185
6/185
A30828-X9410-B082-35-7619

Issue 35
General Information
0.1 References
[1] EWSD/Lawful Interception
Lending an ear to fixed network communication
A30828-X1130-V310-1-7618
Siemens AG
Munich 1999
[2] LIOS System Description
P30308-A9792-A082-*-7619
Siemens AG sterreich, PSE SMC CI
Vienna 2005
[3] ETSI ES 201 671 V2.1.1 (2001-09)
ETSI Standard
Telecommunications security;
Lawful Interception (LI);
Handover interface for the lawful interception of telecommunications traffic
[4] EWSD/Description of Output Data
Lawful Interception
Description of Contents of LI Records and of Call Content Connection
EWSD Version V17
P30308-A8225-V017-04-7617
Siemens AG
Munich 2004
[5] Symdriver-U User Guide
Edition 6.02, Symicron 1999
www.symicron.com
[6] TopSec
Anleitung TopSec Administrator
Version 3.02
Dezember 2002
Rohde & Schwarz
[7] OTOS / PIMS V1.1
Protocol-Independent Messaging System
User Manual
A30828-X9420-A011-1-7619
Siemens AG sterreich, PSE SMC CI
Vienna 2003
0.2 Abbreviations
AEQ
Application Entity Qualifier
AFI
Address Facility Identification
APQ
Application Program Qualifier
BIANCA
BInTec Advanced Network Communication Architecture
BRI
ISDN Basic Rate Interface
CC
Call Content
CDC
Call Data Channel
CGI
Common Gateway Interface
A30828-X9410-B082-35-7619
7/185

Issue 35
CHAP
Challenge Handshake Authentication Protocol
CLIP
Calling Line Identification Presentation
CMISE
Common Management Information Service Element [X.710]
COLP
COnnected Line identification Presentation
CP
Coordination Processor (EWSD)
CSV
Comma-Separated Values
CUG
Closed User Group
DB
DataBase
DBMS
Database Management System
DCE
Data Communication Equipment
DCF77
long wave time signal (D=Deutschland, C=long wave signal, F=Frankfurt, 77=frequency:
77.5 kHz)
DN
Directory Number
DNS
Domain Name System
DSP
Domain-Specific Part
DTE
Data Terminal Equipment
DTMF
Dual Tone Multi Frequency
EFD
Event-Forwarding Discriminator
EMN/OS
EWSD Management Network / Operations System
ETSI
European Telecommunications Standards Institute
EWSD
Electronic sWitching System Digital (Elektronisches WhlSystem Digital)
FDN
Foreign Directory Numbers
FT
File Transfer
FTAM
File Transfer Access and Management
FTP
File Transfer Protocol
GPRS
General Packet Radio Service
GSM
Global System for Mobile Communication
GTP
GPRS Tunnelling Protocol
GUI
Graphical User Interface
HDLC
High-level Data Link Control (OSI-Layer 2 Protocol)
HICEP
Hot InterCeption Event Processor
HLR
Home Location Register
HTML
Hypertext Mark-up Language
HTMLS
HTML Secure
HTTPS
Hyper Text Transfer Protocol (Secure)
IAP
Internet Access Provider
ICC
Interception Communication Center
IDI
Initial Domain Identifier
IIS
Internet Information Server
8/185
A30828-X9410-B082-35-7619

Issue 35
IMEI
International Mobile Equipment Identity
IMS
Interception Management System (by Utimaco)
IMSI
International Mobile Subscriber Identity
INB
INBand
IP
Internet Protocol
IRI
Intercept-Related Information (ETSI)
ISDN
Integrated Services Digital Network
ISO
International Systems Organization
LAC
Local Area Code
LAN
Local Area Network
LC
LIOS Client
LEA
Law Enforcement Agency
LEMF
Law Enforcement Montitoring Facility
LI
Lawful Interception
LID
Lawful Interception Data
LIIN
LI Identification Number
LIM
Lawful Interception Manager
LIOS
Lawful Interception Operation System
LS
LIOS Server
MAC
Media Access Control
MC
Monitoring Center
MD
Mediation Device
MML
Man Machine Language
MMLCM
MML Command Management
MSC
Mobile Switching Center
NE
Network Element
NSAP
Network Service Access Point
NT
ISDN Network Terminator
NTP
Network Time Protocol
OEM
Original Equipment Manufacturer
OS
Operating System
OSI
Open Systems Interconnection
PBX
Private Branch eXchange
PC
Personal Computer
PIMS
Protocol-Independent Messaging System
POTS
Plain Old Telephone System
PPP
Point to Point Protocol
PRI
ISDN Primary Rate Interface (S2M)
Q3
Interface name as defined in ITU-T Rec. M.3010
A30828-X9410-B082-35-7619
9/185

Issue 35
RAI
Remote Administration Interface
RAS
Remote Access Service
RMI
Remote Method Invocation (Java)
RPPW
Replay-Protected PassWord
SuB
Systemunabhngige Betriebsfhrung
SVC
Switched Virtual Connection
SWSG
SoftWare SafeGuarding
TCP
Transmission Control Protocol
TZ
Technologiezentrum
URL
Uniform Resource Locator
WAN
Wide Area Network
WS
WorkStation
X.25
OSI Recommendation for WAN Networks
0.3 List of Figures

Figure 2-1: Lawful Interception concept (overview).....................................................................................16
Figure 2-2: LIOS network configuration for monitoring of fixed, mobile and next-generation networks
(example).....................................................................................................................................................18
Figure 2-3: LIOS network configuration for Internet and e-mail monitoring (example) ...............................19
Figure 2-4: Network configuration with LIOS as an umbrella system (example) ........................................20
Figure 2-5: Active monitoring in intelligent networks ...................................................................................21
Figure 2-6: LIOS network configuration for PBX monitoring (example) ......................................................22
Figure 2-7: LIOS components and connections ..........................................................................................23
Figure 2-8: LIOS with external interfaces ....................................................................................................25
Figure 2-9: LIOS operation model with operator groups .............................................................................26
Figure 3-1: LIOS main page organization ................................................................................................28
Figure 3-2: List form example......................................................................................................................30
Figure 3-3: Filter form: top section...............................................................................................................31
Figure 3-4: Filter form: bottom section.........................................................................................................32
Figure 3-5: User Administration...................................................................................................................34
Figure 3-6: User Administration user filter................................................................................................35
Figure 3-7: User data wizard general and security information................................................................36
Figure 3-8: User data wizard user role .....................................................................................................36
Figure 3-9: User data wizard operator rights and group memberships....................................................37
Figure 3-10: User data wizard external alarming (optional page) ............................................................38
Figure 3-11: User Administration Groups.................................................................................................39
Figure 3-12: User Administration, group filter..............................................................................................40
Figure 3-13: Group data form, general information and group members....................................................41
Figure 3-14: Host Administration, NEs ........................................................................................................42
Figure 3-15: Host Administration, NEs Communication Settings.............................................................44
Figure 3-16: Host Administration, NE activation..........................................................................................45
Figure 3-17: Host Administration, NE filter ..................................................................................................46
Figure 3-18: NE data wizard General .......................................................................................................49
Figure 3-21: NE data wizard LI NE passwords and specific parameters (EWSD and hiQ/E9200) .........52
Figure 3-22: NE data wizard transport system/X.25.................................................................................54
Figure 3-23: NE data wizard transport system / IP...................................................................................55
Figure 3-24: NE data wizard transport system / IP (hiQ4200/8000) ........................................................55
Figure 3-25: NE data wizard Communication properties (Huawei C&C08) .............................................56
Figure 3-26: NE data wizard Call content routing properties (Huawei C&C08) .......................................56
10/185
A30828-X9410-B082-35-7619

Issue 35
Figure 3-27: NE data wizard Authorization data (Huawei C&C08) ..........................................................57

Figure 3-28: NE data wizard transport system / IP (Huawei GSM)..........................................................58
Figure 3-29: NE data wizard transport system / Siemens IN@vantage...................................................59
Figure 3-30: NE data wizard Authorization Data (Nortel via LIM) ............................................................60
Figure 3-31: NE data wizard Applications ................................................................................................60
Figure 3-32: Application data wizard general data ...................................................................................61
Figure 3-33: Application data wizard OSI.................................................................................................62
Figure 3-34: Application data wizard file group password........................................................................63
Figure 3-35: Application data wizard EFD NE password .........................................................................63
Figure 3-36: Application data wizard access password (S12) .................................................................64
Figure 3-37: Application data wizard NE user IDs (MMLCM) ..................................................................64
Figure 3-38: Application data wizard NE user ID .....................................................................................65
Figure 3-39: Application data wizard authorization data ..........................................................................66
Figure 3-40: Application data wizard MMLCM authorization data............................................................67
Figure 3-41: Application data wizard FT authorization .............................................................................68
Figure 3-42: Application data wizard FT Authorization form ....................................................................68
Figure 3-43: Reset passwords NE passwords form ...............................................................................69
Figure 3-44: Host Administration, OS Servers ............................................................................................70
Figure 3-45: OS Server data wizard General ...........................................................................................73
Figure 3-46: OS Server data wizard Communication Parameters (LIM)..................................................73
Figure 3-47: NE data wizard, transport system - Mediation Device (Siemens IP) ......................................74
Figure 3-48: OS server data wizard Transport system and OS server user IDs (IMS)............................75
Figure 3-49: OS server data wizard OS server user IDs (IMS)................................................................76
Figure 3-50: OS server data wizard MMLCM authorization data (IMS) ...................................................77
Figure 3-51: OS server data wizard MMLCM authorization data form (IMS) ...........................................78
Figure 3-52: OS server data wizard IMS authorization data (IMS) ..........................................................78
Figure 3-53: Activation/Deactivate OS servers ...........................................................................................79
Figure 3-54: Host Administration, OS filter..................................................................................................80
Figure 3-55: Host Administration, LIOS Servers .........................................................................................81
Figure 3-56: LIOS server data wizard General section ............................................................................83
Figure 3-57: LIOS server data wizard transport systems .........................................................................83
Figure 3-58: LIOS server data wizard Applications ..................................................................................84
Figure 3-59: Application data form ..............................................................................................................84
Figure 3-60: Host Administration, NE Networks..........................................................................................86
Figure 3-61: NE network data form, NE network.........................................................................................87
Figure 3-62: NE network data Access to NE network form ....................................................................88
Figure 3-63: LEA Administration..................................................................................................................89
Figure 3-64: LEA filter..................................................................................................................................91
Figure 3-65: LEA data wizard LEA identification ......................................................................................91
Figure 3-66: LEA data wizard profile types ..............................................................................................92
Figure 3-67: LEA data wizard EWSD and hiQ/E9200 observation parameters.......................................93
Figure 3-68: LEA data wizard hiQ4200/8000 observation parameters ....................................................95
Figure 3-69: LEA data wizard MSC observation parameters...................................................................96
Figure 3-70: LEA data wizard Huawei GSM observation parameters......................................................97
Figure 3-71: LEA data wizard Alcatel S12 observation parameters.........................................................98
Figure 3-72: LEA data wizard Huawei Fixed observation parameters .....................................................99
Figure 3-73: LEA data wizard HI2 processing server...............................................................................99
Figure 3-74: LEA data wizard Huawei GSM observation parameters................................................... 100
Figure 3-75: LEA data wizard Mediation Device (Siemens IP) observation parameters ...................... 101
Figure 3-76: LEA data wizard Nortel Fixed (LIM) observation parameters ........................................... 102
Figure 3-77: LEA data wizard Utimaco IMS observation parameters ................................................... 102
Figure 3-78: LEA data wizard IMS, IRI records per FTAM/X.25 ........................................................... 103
Figure 3-79: LEA data wizard IMS, IRI records per FTAM/IP ............................................................... 104
Figure 3-80: LEA data wizard IMS, IRI records per FTP....................................................................... 105
Figure 3-81: LEA data wizard transfer protocol..................................................................................... 105
Figure 3-82: LEA data wizard FTAM selectors...................................................................................... 106
Figure 3-83: LEA data wizard transport system (IP) ............................................................................. 107
Figure 3-84: LEA data wizard transport system (X.25) ......................................................................... 108
Figure 3-85: Communication Settings form (LEAs).................................................................................. 109
Figure 3-86: Check LEA modification ....................................................................................................... 109
A30828-X9410-B082-35-7619
11/185

Issue 35
Figure 3-87: LEA Administration: CUGs................................................................................................... 110

Figure 3-88: LEA Administration: CUG parameters ................................................................................. 111
Figure 3-89: Changes of alarm states ...................................................................................................... 114
Figure 3-90: Alarm browser, Alarms......................................................................................................... 120
Figure 3-91: Alarm details ........................................................................................................................ 122
Figure 3-92: Alarm filter ............................................................................................................................ 123
Figure 3-93: Alarm browser: Alarm types ................................................................................................. 124
Figure 3-94: Alarm type details Alarm type filter .................................................................................... 125
Figure 3-95: Alarm type filter .................................................................................................................... 125
Figure 3-96: MML command states.......................................................................................................... 127
Figure 3-97: Selection form ...................................................................................................................... 128
Figure 3-98: MML console........................................................................................................................ 128
Figure 3-99: MML console, NE/OS server response................................................................................ 130
Figure 3-100: MML console, Prompt form ................................................................................................ 131
Figure 3-101: MML browser ..................................................................................................................... 133
Figure 3-102: MML filter ........................................................................................................................... 134
Figure 3-103: EFD Administration ............................................................................................................ 135
Figure 3-104: EFD Administration filter ................................................................................................. 137
Figure 3-105: EFD data wizard common EFD data .............................................................................. 138
Figure 3-106: EFD data wizard parameters for EWSD and hiQ/E9200 ................................................ 139
Figure 5-1: X.25 Administration Tool of the Solstice X.25 software Main window ................................ 157
Figure 5-2: Solstice X.25 software X.25 Link Link Editor window ......................................................... 158
Figure 5-3: Solstice X.25 software Addressing Parameters window ................................................... 159
Figure 5-4: Solstice X.25 software Closed User Group and Facilities window.................................... 159
Figure 5-5: Solstice X.25 software Throughput Class and Window Size window ............................... 160
Figure 5-6: Solstice X.25 software Timers and Counters window ....................................................... 161
Figure 5-7: Solstice X.25 software: LLC2 Link Link Editor window ..................................................... 162
Figure 5-8: Solstice X.25 software: LLC2 Link Closed User Group and Facilities window ................. 163
Figure 5-9: Solstice X.25 software: LLC2 Link Closed User Group and Facilities window ................. 164
Figure 5-10: Solstice X.25 software Throughput Class and Window Size window ............................. 165
Figure 5-11: X.25 Routing Table Definition of the default route. ........................................................... 166
Figure 5-12: X.25 Routing Table Definition of host routes .................................................................... 167
Figure 5-13: OSI Administration Tool main window (Solstice OSI software).......................................... 168
Figure 5-14: Window Stack Manager of Solstice OSI software.............................................................. 169
Figure 5-15: Window Device Configuration of Solstice OSI software..................................................... 169
Figure 5-16: Window Application Selectors in Solstice OSI software..................................................... 170
Figure 5-17: Stack Manager in Solstice OSI software Configuration of Transport over CONS .......... 171
Figure 5-18: Stack Manager in Solstice OSI software Configuration of CONS .................................... 172
Figure 5-19: Window Network Layer Addresses of Solstice OSI software............................................. 172
Figure 5-20: Route Manager window Prefix Routes.............................................................................. 173
Figure 5-21: Remote X.25 Features window .......................................................................................... 174
Figure 5-22: Route Manager window Host Routes ............................................................................... 174
Figure 5-23: Remote X.25 Features window .......................................................................................... 175
Figure 5-24: FTAM Configuration Tool of Solstice FTAM software main window ............................... 176
Figure 5-25: Local Initiator Configuration of Solstice FTAM software .................................................... 176
Figure 5-26: Hardware Configuration overview of LIOS........................................................................... 178
Figure 5-27: Configuration of the TopSec Administration Tool ................................................................ 179
Figure 5-28: Default Configuration of the TopSec Boxes......................................................................... 180
Figure 5-29: Device Table with all configured TopSec Boxes.................................................................. 181
Figure 5-30: Jobs form of the TopSec Administration .............................................................................. 182
Figure 5-31: Device Configuration of TopSec Box for plain data transfer................................................ 183
0.4 List of Tables

Table 3-1: NE Networks sub-application .....................................................................................................85
Table 3-2: NE LI alarms from EWSD, hiE/Q9200 and Alcatel S12 .......................................................... 115
Table 3-3: NE LI alarms from LIM ............................................................................................................ 116
Table 3-4: NE LI alarms from hiQ4200/8000............................................................................................ 116
12/185
A30828-X9410-B082-35-7619

Issue 35
Table 3-5: LI NE alarms from IN@vantage .............................................................................................. 116

Table 3-6: LI NE alarms from Mediation Device (Siemens IP)................................................................. 116
Table 3-7: LIOS alarms ............................................................................................................................ 119
Table 5-1: Configuring Solstice X.25 software: X.25 Link ........................................................................ 156
Table 5-2: Configuring Solstice X.25 software: LLC2 Link ....................................................................... 156
Table 5-3: Default parameters for the administration of TopSec Boxes .................................................. 179
Table 5-4: Parameters for a new TopSec Box ......................................................................................... 180
Table 5-5: Parameter table for changing to plain data transfer................................................................ 182
Table 7-1: LIOS supported network elements....................................................................................... 185
A30828-X9410-B082-35-7619
13/185

Issue 35
Introduction
Lawful Interception Operation System (LIOS) provides services and applications for the operation of
Lawful Interception (LI) on network elements of different vendors (see Annex 2: LIOS supported
network elements). For an introduction to LI, see [1], for an introduction to LIOS, see [2].
1.1 Documentation overview

The LIOS documentation is made up of the following:
LIOS manuals. Presentation and explanation of the LIOS system, LIOS applications and their
functions; introduction of LIOS user roles and their tasks.
LIOS online help. In-detail description of windows, the forms provided for data input, individual fields
and parameters, and data input format.
Project-specific configuration documents (Handover Document). Description of the individual
configuration of LIOS in the users project, e.g. which MML commands are allowed on the MML
console, and how installation and cabling are implemented.
Hardware and standard software manuals. Documentation of the products from other
manufacturers used in the LIOS system. They are the original manuals from these manufactures.
For a summary of the authorized versions of the hardware and software products used,
functional limitations, error corrections and notes to the user, refer to the Handover Document.
1.2 LIOS manuals

The structure of the LIOS manuals reflects the different LIOS user roles (administrator, operator,
supervisor).
User manuals
For each user role there is a separate manual:
User Manual Operator,
User Manual Administrator,
User Manual Supervisor.

Installation Manual
Provides information about the installation of LIOS.
LIOS Troubleshooting Guide
Helps a LIOS administrator to deal with system troubles.
1.3 Target group and structure of this manual

This manual addresses LIOS administrators. It is organized as follows:
Chapter 1: Introduction
Chapter 2: System description
Chapter 3: Working with LIOS
Chapter 4: Special working procedures
Chapter 5: System configuration
Chapter 6: Annex 1: external alarming email and SMS formats
Chapter 7: Annex 2: LIOS supported network elements
14/185
A30828-X9410-B082-35-7619

Issue 35
System description
Throughout the world, legislation and standardization in the field of lawful interception are now compelling
network operators to use call-processing equipment, which enables all types of telecommunication to be
monitored or recorded as required.
Interception was originally done by tapping telephone lines. This, however, was awkward and, since the
build-up of the connection to the law enforcement monitoring facility (LEMF) was often accompanied by
cracking noises, it did not always pass unnoticed.
Meanwhile efforts have been made by switch manufacturers to integrate the interception function in the
hardware and software of the switch e.g. the Lawful Interception (LI) feature. Although expert personnel
could well be aware of the possibility of monitoring taking place, there is no way of finding out which
subscribers are being monitored. Also a wide variety of technical problems have been solved: for
example, now there are no more nailed-up connections or leased lines the necessary monitoring
connections are set up dynamically.
Monitoring Internet traffic is different: the Internet is a more complex network, involving a greater variety
of devices. For efficient monitoring, passive taps and data collectors (combined in groups) are placed at
several locations and the required data is extracted by means of IP triggers.
2.1
The Siemens Lawful Interception solution
The Siemens Lawful Interception solution comprises network elements (for fixed, mobile, nextgeneration, enterprise networks, Internet traffic and e-mail), LIOS (see Chapter 2.2) and the Siemens
Monitoring Center.
LIOS (Lawful Interception Operation System) combined with the LI feature of telecommunications
switches is a state-of-the-art solution for efficient and discreet lawful interception. It offers high flexibility
as regards network organization, geographical locations, and switch types. At the same time it meets the
strictest legal requirements. LIOS and LI adhere to the guidelines on security made by international
standardization bodies (e.g. ETSI). The Siemens Lawful Interception solution includes the Siemens
Monitoring Center, which takes over most of the monitoring work from LEAs.
The LI feature is integrated in the hardware and software of switches. It makes possible a smooth and
discreet functioning of lawful interception on switches and in the telecommunications network. LIOS as a
management system provides functions and a GUI for convenient administration of lawful interception by
the personnel in charge.
LIOS offers the possibility of moving the administration of Lawful Interception away from switches and
setting it up at a central site. LIOS is connected to switches over the telecommunications or IP network.
The flow of information is automatically routed from monitored communication channels to the law
enforcement monitoring facility (LEMF) without affecting normal network operation.
A30828-X9410-B082-35-7619
15/185

Issue 35
NE
LI admin
Telecommunications
network
IRI records
Judge
IRI records
Communication
content
LEMF
Figure 2-1: Lawful Interception concept (overview)
What the Siemens Lawful Interception solution offers
Interception of telecommunications in fixed, mobile and next-generation networks: voice,

facsimile, data, SMS, Internet traffic and e-mail. LI always supplies the complete content of the
communication to and from a monitored subscriber. Monitoring of all types of subscribers and
services available in the network, e.g. POTS, ISDN, coin-box telephones, GSM, UMTS, GPRS and
VoIP.
Monitoring in enterprise networks (private branch exchanges: PBX Siemens HiPath); see
Monitoring of enterprise networks in Chapter 2.2.
Transfer of call content and IRI records to LEMFs. A LEMF can be provided with both
communication content and IRI records, or only with IRI records (for statistical monitoring).
A subscriber can be monitored by several LEAs simultaneously. Call content and IRI records
can be transmitted to several LEMFs with numerous options available. So each LEA can have its
own settings, e.g. HI3 signaling method (UUS/sub addressing), ticket output format
(ETSI/ASCII/native).
Monitoring of FDNs (foreign directory numbers). FDNs are telephone numbers or their first
digits in transit traffic. NE lines are monitored for the FDNs specified. It is thus possible to observe
all subscribers from or to whom connections are set up via a monitored NE i.e. subscribers
assigned to other NEs or other network providers (e.g. mobile-network subscribers) provided that
calling- and called-line numbers are transmitted in the signaling.
A mobile-network subscriber on MSC can be identified through

- MSISDN (mobile subscriber ISDN number),
- IMSI (international mobile subscriber identification) or
- IMEI (international mobile equipment identity).
Active monitoring in intelligent networks. The following features are supported:

- NTS (Number Translation Services)
- FPH (Freephone)
- PRM (Premium Rate)
- UAN (Universal Access Number)
- VPN (Virtual Private Network Services) Number Portability Services
- LNP (Local Number Portability)
16/185
A30828-X9410-B082-35-7619

Issue 35
- SNP (Service Number Portability)

- VCC (Virtual Card Calling)
- PCS (Personal Communication Services)
- PPS (Prepaid Services)
Monitoring of special features, e.g. call diversion and malicious-call identification.
Clandestine functioning. LI works without being noticed by subscribers and telephone company
employees, even NE administrators. The only persons aware of it are LIOS personnel and LEA
officials.
Siemens Monitoring Center (MC). This is a comprehensive system offered to law enforcement
agencies; it takes over most of the monitoring work from them, i.e. receiving, processing, evaluating
and storing of intercepted information.
A30828-X9410-B082-35-7619
17/185

Issue 35
2.2
LIOS
While the LI feature covers the overall concept of lawful interception, LIOS deals with its administration
and the forwarding of intercept-related information. The intercepted information itself (call content) does
not reach LIOS; it is routed by the NE directly to the appropriate law enforcement monitoring facility
(LEMF).
LIOS embedding in different networks
LIOS can access different switch types and versions, even of different makes, at the same time. This
allows LI administration (= observation handling) from one uniform GUI.
Active monitoring in fixed and mobile (wireless) networks
This covers PSTN (Public Switched Telephone Network), GSM (Global System for Mobile
Communications) and NGN (Next-Generation Network).
Next-Generation network
LI administration
IRI records and alarms

LI admin.
Mobile
switch
IRI records
IRI records and
alarms
LI admin.
Mobile
network
HI2
(IRI records)
Fixed
network Fixed-
NGN switch
Target of
interception
HI3
HI3
Target of
interception
HI3 (Communication content)
network
switch
Target of interception
LEMF
Figure 2-2: LIOS network configuration for monitoring of fixed, mobile and next-generation networks
(example)
Roles assumed by LIOS

LI administration
IRI mediation
IRI record routing
Alarm handling
18/185
Activation, deactivation and modification of interception measures

and management of switch and LEMF interfaces.
IRI delivery in the types and formats requested by LEMFs.

IRI records are received from switches and routed to LEMFs.
Alarm messages received from switches are forwarded to the
personnel concerned.
A30828-X9410-B082-35-7619

Issue 35
Monitoring of Internet traffic and e-mail

This is done through a passive tapping solution: data collectors (combined in groups) are placed at
several locations and the relevant data is extracted by means of IP triggers (filters) and passive taps (see
Figure 2-3). The data is transferred to a mediation device and routed to the LEMF (LIOS is not involved in
routing of the intercepted data). A LIOS operator specifies IP triggers, which are configured on data
collectors via a mediation device.
Passive tap
IP network
Data
collector
LI administration
LI admin.
Communication
content
HI2/HI3
Mediation device
LEMF
Figure 2-3: LIOS network configuration for Internet and e-mail monitoring (example)

LI administration
Alarm handling
A30828-X9410-B082-35-7619

and management of mediation device and LEMF interfaces
Alarm messages are collected from MDs and forwarded to the
personnel concerned.
19/185

Issue 35
LIOS acting as an umbrella system

To allow uniform LI administration in heterogeneous networks, LIOS functioning as an umbrella system
can be combined with interception operation systems of other manufacturers (foreign OS). The
advantages of LIOS can be made use of throughout the network. Figure 2-4 shows LIOS accessing
different hosts in different ways. Some hosts (e.g. Siemens EWSD) are accessed directly, others via a
foreign OS (e.g. Nortel switches via KCC Lawful Interception Manager (LIM)).
LIOS acting as an
umbrella system
LI admin. and HI2*
HI2
HI2*
LI admin. and HI2
Foreign interception
operation system
LI admin. and HI2
LEMF
HI3
HI3
HI3
* mutually
exclusive
HI2 routes
Telecommunications network
Figure 2-4: Network configuration with LIOS as an umbrella system (example)

LI administration
IRI mediation
Umbrella function
20/185

IRI records are received from foreign LI management systems and
routed to LEMFs.
Provision of a uniform GUI to LI personnel
A30828-X9410-B082-35-7619

Issue 35
Active monitoring in intelligent networks

In an intelligent network (IN), switching and the services of a communications network are performed
separately: by service-neutral switching nodes (Service Switching Points, SSPs) and by a central service
control node (Service Control Point, SCP), respectively. The IN@vantage platform includes special
services for prepaid telephony, the integration of third-party services and provisioning of virtual private
networks. LI administration covers both the IN@vantage switch and the Fixed network/NGN switch.
HI2
LEMF
LI admin.
LI admin.
Alarms
IRI records and

alarms
HI3
IN network
IN@vantage
INAP
Fixednetwork
NGN switch switch
Figure 2-5: Active monitoring in intelligent networks

Note: INAP (Intelligent Network Application Part) is the Interface between SCP and SSP

LI administration
IRI mediation
IRI record routing
Alarm handling
A30828-X9410-B082-35-7619

and management of switches (Fixed network, NGN, IN@vantage)
and the LEMF interfaces.
IRI delivery in the types and formats requested by LEMFs.

IRI records are received from switches and routed to LEMFs.
Alarm messages received from switches (Fixed network,
NGN and IN@vantage) are forwarded to the personnel
concerned.
21/185

Issue 35
Monitoring of enterprise networks (PBX Siemens HiPath)

LIOS is the system-integrated lawful interception solution for Siemens HiPath. It deals with the
administration of interception measures and the generation and forwarding of IRI records. The
communication content lines are managed by LIOS, but the communication content itself does not reach
LIOS; it is routed from the HiPath switch directly to the respective law enforcement monitoring facility
(LEMF).
HI2
LIOS-HP
LI-BASE
CAP
HI3
LEMF
CAP PC
CSTA
HiPath
HI3
HiPath
CSTA
Figure 2-6: LIOS network configuration for PBX monitoring (example)

LIOS-HP communicates with switches and manages LI through LI-BASE and CAP (common
administration platform). LIOS-HP, LI-BASE and CAP run on the same machine, the CAP PC. For the
communication with switches, CSTA is used.

LI administration
IRI record generation and routing
(HI2)
Management of HI3 interface
2.2.1
IRI records are generated based on the interception event

information received from switches and sent to LEMFs.
LIOS invokes the duplication of the content of communication
and its routing to LEMFs.
LIOS general features
LI administration (= observation handling).

Simultaneous handling of different NE types. LIOS can simultaneously handle NEs of different
types and versions and belonging to different providers (network operators). LIOS normally accesses
NEs directly, for some NE types an umbrella solution with foreign OSs is recommended.
IRI record routing. LIOS receives IRI records from NEs or foreign OSs and routes them to LEMFs; a
record of receipt and delivery is kept in the LIOS database.
LIOSLEMF IRI interface. IRI records are transferred to LEMFs through the LIOSLEMF IRI
interface, which is a Handover Interface Port 2 (HI2 for intercept-related information) according to
ETSI. It meets all requirements laid down in the ETSI Standard ES 201 671 V2.1.1 (2001-09). The
LIOSLEMF IRI interface can be readily adapted to meet national requirements. It includes the
delivery and, if required, conversion of IRI records (to meet technical and national requirements).
IRI record conversion. If a LEMF requests IRI records in a format different from the one provided by
a switch directly or via a foreign OS , IRI record conversion is possible. LIOS can convert IRI
records into different formats, e.g. ETSI V2.1 format (i.e. according to ETSI Standard ES 201 671
V2.1); also conversion into ASCII format is possible. In case of Siemens hiQ 4200/8000 switches,
22/185
A30828-X9410-B082-35-7619

Issue 35
LIOS converts CALEA-compliant CDC messages to ETSI-compliant IRI records. LIOS can handle filenaming methods according to ETSI and country-specific requirements.
Communication with NEs and foreign OSs from a command console for diagnosis and troubleshooting purposes.
LI database synchronization. If the LI database of an NE or a foreign OS on the one hand and the
LIOS database on the other are out of step, they can be automatically synchronized.
Summary suspension of interception measures on NEs or foreign OSs. If an NE or a foreign OS
is overloaded or needs servicing or upgrading, LIOS can summarily suspend (= temporarily cancel) all
interception measures created there. Once the NE or foreign OS is available again, LIOS can
automatically restore all interception measures (resume).
Convenient graphical user interface. Web applications for all LIOS users (MS Internet Explorer).
Various filters support information retrieval. Wizards within applications lead the user through the
steps of standard working procedures. A comprehensive online help is provided.
Security. To prevent misuse, LIOS has been supplied with powerful security features, e.g. a
sophisticated user role model, encryption technology, comprehensive logging, security hardening, IP
Sec and security certificates.
Automatic handling of expired passwords. For the communication with NEs, passwords are
needed. Some of these passwords expire after a certain time. LIOS automatically replaces an expired
password with a new one (cyclic password exchange).
EFDs (event-forwarding discriminators) are used for the automatic sending of IRI records and alarms
from some NE types (Siemens EWSD/hiE9200) to the LIOS server. EFDs concerning lawful
interception can be set up and administered on NEs from LIOS directly, through a Q3 interface.
Not all NE types and foreign OSs support all features listed here.
2.2.2
LIOS components
LIOS
Remote LIOS clients
IRI records
IP/ISDN/X.25
IRI-records
E-mail, CD, floppy . . .
LIOS server
IP or IP/ISDN
LEMF
LAN
PSTN/NGN
IRI records
IP/ISDN/X.25
Call content
LI admin
LIOS server
LIOS client
Intercepted object
NEs
Figure 2-7: LIOS components and connections

LIOS server
The LIOS server maintains the connection with the telecommunications network and houses the LIOS
database. It communicates with NEs and also foreign OSs (see Figure 2-4), receives IRI records from
A30828-X9410-B082-35-7619
23/185

Issue 35
NEs and foreign OSs and routes them to LEMFs. If the connection to a LEMF is broken, IRI records can
be delivered by e-mail, CD or floppy. The LIOS server acts as a Web server for LIOS clients and
accommodates all LIOS user software. The LIOS server is always set up in a high-security area.
Owing to its scalable architecture, LIOS can be configured to fit network size. If a network has a great
number of NEs, more observations can be set up and more IRI records must be expected. LIOS servers
can be added to cope with the extra load and to keep system performance high. How far LIOS can be
expanded also depends on the number of ports on NEs and the type of connection.
LIOS clients
LIOS users work on LIOS clients. LIOS clients are regular PCs with standard software and a Web
browser. LIOS users log in on a LIOS client, and communicate with the LIOS server from a Web browser
through HTTPS; the data entered by the users is processed by the LIOS server.
Depending on the needs of a network provider, LIOS clients can be set up within the LIOS high-security
area (centralized) or they can be set up anywhere remote (decentralized). This means that LIOS users
can work hundreds of miles away while security is still maintained (owing to user authentication and
HTTPS).
LIOS standard system and LIOS single system
In a LIOS standard system, servers and connections are duplicated (redundancy concept) if one fails,
the other can take over (hot standby). On customer request, LIOS can be supplied as a single system
(only one LIOS server) although at the expense of reliability.
2.2.3
LIOS interfaces
For optimum integration of LIOS in a telecommunications network, several external interfaces are
provided.
Remot
LIOS
Externa alarmin
throug PIMS
LIOS
Cloc
E-mai
SMS
GU
GPS radio
DCF7
NTP
GU
Externa
Operato
HI
EO
LE M
INI
INI
INI
INI
INI
INI
INI
INI
Foreign interception
operation system
NE
Mediation
24/185
IN
NE
A30828-X9410-B082-35-7619

Issue 35
Figure 2-8: LIOS with external interfaces
Interfaces to LIOS clients (see LIOS clients in Chapter 2.2.2)
Interfaces to LEMFs, NEs, Siemens Mediation Devices, IN@vantage and foreign OSs (see
Chapter 2.2.1, LIOS general features)
The external operator interface (EOI) is a command line interface enabling external LI operators to
access LIOS and to manage LIOS functions. The communication protocol used is HTTPS. An
external operator can work with a graphical user interface of another manufacturer or with a
command-line tool.
External alarming through PIMS (Protocol-Independent Messaging System). Systems like LIOS
often operate in a closed area without anybody near. This makes alarming especially important. Apart
from that, it can be useful for LEA personnel to be informed about LIOS activities.
Through PIMS, personnel in charge can be alerted any time and anywhere by SMS or e-mail.
Alarms can be classified according to subject and importance. PIMS can be configured to forward
alarms of different types to different recipients and to use a specific service (SMS or e-mail) for each
recipient. If a recipient wishes to be alerted by e-mail instead of SMS or vice versa, this can easily be
changed, without LIOS being affected.
Time synchronization by means of NTP (Network Time Protocol) or a DCF77 or GPS radio clock. All
LIOS machines receive the same time. NEs and foreign OSs can have different times they are not
synchronized.
2.2.4
Data safety
In a standard LIOS system, LIOS servers and connections are duplicated if one fails, the other can
take over (see LIOS standard system and LIOS single system in Chapter 2.2.2).
LIOS is always equipped with a software RAID; on request, a hardware RAID can be provided.
The LIOS database is synchronized with the databases of NEs and foreign OSs, either automatically
on a regular basis or triggered by hand (not for all NE types).
Watchdog feature: prematurely terminated processes are automatically restarted.
In case the connection from the LIOS server to a LEMF breaks, an alternative way of delivering IRI
records to the LEMF (e.g. through e-mail, CD-ROM or floppy disk) is provided.
Alarms issued by NEs (not of all types) and by LIOS provide information about irregularities (see
Chapter 3.10).
If an NE is unable to send IRI records to LIOS (e.g. because of a connection break), it writes them to
an IRI record buffer file, which can be retrieved by LIOS as soon as the connection has been reestablished, or through another connection. (This feature is available for Siemens EWSD/hiE9200.)
2.2.5
LIOS user roles
A role is assigned to each LIOS user. Each role operator, supervisor and administrator entails its
distinct rights and duties. This renders misuse very difficult and guarantees optimum security and
secrecy.
The difference of user rights and duties is also reflected in the user documentation there is a separate
manual for each user role. Users will not know the details of the work related to the other user roles; apart
from that, they will not be lumbered with information irrelevant to their work.
Remark about LIOS user roles. Customers requirements differ from country to country. Therefore, in
practical operation, not all persons working with LIOS have to exactly fit in one of those user roles. For
instance, the rights related to all three user roles can be given to a privileged person, or the rights of LIOS
operators can be divided among several types of LIOS operators.
A30828-X9410-B082-35-7619
25/185

Issue 35
LIOS operator
LIOS operators are responsible for the handling of interception measures (LI administration) and
occasionally also of LEMF data (e.g. creating or modifying LEMF objects). They are alerted to
irregularities by a comprehensive alarming system. They can communicate with NEs and foreign OSs
from a command console for locating the origin of possible system misbehavior and for providing a
remedy. If entitled to, they can also temporarily cancel (suspend/resume) all observations set up on an
NE (or foreign OS) or remedy LI database discrepancies. The scope of work of the individual operator will
depend on the rights assigned by the LIOS administrator. LIOS operators work under the supervision of a
LIOS supervisor.
LIOS operator tasks can also be performed by external operators (see Chapters 2.2.2 and 2.2.3).
For reasons of security, LIOS operators can be organized into operator groups (each operator has to be a
member of one or several groups). Observations belong to the group, observation-related alarms (group
alarms) are conveyed to the group. Every action, however, is logged individually.
Different rights can be given to different groups. For instance, a selection of NEs can be accessed by one
group, another selection by another, as is shown in the following figure.
Operator
A
Operator
B
Operator
C
Operator
D
LIOS user group X

NE 1
NE 2
NE 3
LIOS user group Y

NE 4
NE 5
Figure 2-9: LIOS operation model with operator groups

If a LIOS operator wishes to take over an observation from another group, a password is needed.
LIOS supervisor
As a safeguard against misuse, the LIOS supervisor inspects actions of LIOS administrators and
operators and surveys all data traffic to and from NEs, foreign OSs and LEMFs. A LIOS supervisors work
is assisted by alarms, logs and powerful tools for their handling. He is responsible for deleting sensitive
information (e.g. log entries concerning expired observations) after a certain time.
If connection problems hinder IRI record transfer to a LEMF, the LIOS supervisor can invoke re-sending
attempts or, if this also fails, he can initiate IRI record delivery by an alternative way (e.g. e-mail, CDROM or floppy disk).
LIOS administrator
The LIOS administrator manages LIOS users and LIOS operator groups; this includes the apportionment
of rights. He is responsible for the administration of the entire LIOS system and of the connections to
NEs, foreign OSs and LEMFs; this also includes the setting up of EFDs (event-forwarding discriminators)
on NEs of certain types. The LIOS administrator has several means of trouble-shooting, e.g.
communicating with NEs and foreign OSs from a command console. He has to react to alarms received
from NEs and foreignOSs.
26/185
A30828-X9410-B082-35-7619

Issue 35
3 Working with LIOS

The LIOS client is a PC with MS Windows operating system.
You can access LIOS functions from a Web browser Internet Explorer (version 5.5 or higher). Start the
Web browser, move the mouse pointer to the URL line and type the URL of one of the LIOS servers in
your LIOS:
https://<LIOS server>/lios
For <LIOS server> you can enter the name or the IP address.
Save the URL of the default LIOS server as home page and that of the other as bookmark. When
prompted, enter your LIOS user ID and password. The LIOS main page is displayed.
If your password has expired, enter the old password and a new password, and then confirm the new
password.
If the LIOS client is connected to the LIOS server through an ISDN link, ensure that the link is up. For
details consult the Sun Solaris and the Windows XP documentation.
3.1 The LIOS GUI

Notice regarding Web browser handling
For opening a new LIOS window, always use the Open new browser command (navigation menu). Do
not use commands and shortcuts provided by the Web browser.
If it is necessary to return to a previous LIOS page, please use the appropriate command provided on
the LIOS GUI (Back command in the application commands bar or Previous, Cancel and Close push
buttons). Do not use the Back command provided by the Web browser (tool bar or right mouse key).
Exception: To navigate through LIOS online help pages, you may use the Back command of the Web
browser.
For updating the screen content, select Refresh from the application commands bar or select the Refresh
icon (
).
Notice regarding pop-ups

LIOS also uses pop-ups to communicate with the user (e.g. the prompt window of the MML console).
Make sure that the Web browser you are using allows pop-ups from the LIOS server.
3.1.1
The LIOS main page
The LIOS main page is made up of header, navigation menu, application commands bar and work area.
A30828-X9410-B082-35-7619
27/185

Issue 35
Header
Application
Commands
bar
Navigation
menu
Work
area
Figure 3-1: LIOS main page organization
3.1.1.1 Header
The header in the top section of the LIOS main page shows you under which LIOS user role and name
you are logged in. To log out properly, click on the Logout command. The word Online on the right
informs you that the connection to the LIOS server is active.
The header also shows your current position on the LIOS website, i.e. which LIOS application and subapplication is open.
On the right there are two fields that show the range of records (size of record set) that has been read
from the database. You can specify the size of a set of records in the Filter form, Maximum number of
rows pull-down list.
The commands on the right have the following effects:
Count. The total of records is calculated and displayed in a separate window.
! (left arrow). The previous set of records is read from the database.
" (right arrow). The next set of records is read from the database.
(arrow back to first page). The records of the first page are retrieved from the database.
Functioning of Next " and Previous !
Since there may be a great amount of data to be read (loaded) from the database, which can take
some time, you have the option to specify how many data records should be read at a time (see
3.1.3.1, maximum number of rows).
Next and Previous start a new database query, through which the next or previous set respectively is
read from the database, following the sorting order specified. Since the data contained in the database
may have changed since the last query, the set of records read may not be exactly adjacent to the set
of records last read.
An example should illustrate this. You have specified that the 30 newest data records should be read
(Filter form, Maximum number of rows pull-down list). After some time you press Next, intending to
view the next 30 data records. The 30 data records next to the newest 30 data records are read from
the database. If, however, in the meantime new records have been written to the database, these new
records are now considered by the system as part of the 30 newest records. Consequently data
records that were then among the 30 newest but are no longer so will be displayed again.
28/185
A30828-X9410-B082-35-7619

Issue 35
3.1.1.2 Navigation menu

The navigation menu on the left lists the LIOS applications and sub-applications available for the user
logged in. To start an application or sub-application, click on the respective menu item. The application
data will be displayed in the work area, application-specific commands will be available.
The choice of applications reflects your LIOS user role (operator, supervisor or administrator) and the
scope of the LIOS system you are working with. If applications described here are not available to you,
they are not part of your LIOS system or you have not been given authorization to work with them.
Open new browser. A new LIOS main page is opened in another instance of the Web browser. In
this way you can have each LIOS application open multiple times. For each such application instance
a filter can be defined. So you can work with LIOS from several Web browser instances at the same
time, you can even have the same application open several times, thus viewing the application data in
different ways. You can store one of these filter settings for each LIOS application for later use.
Change password. A form appears where you can change your LIOS user password. You have to
know your password (old password) before you can change it. Type the new password into the New
password and the Confirm new password input fields.
Help. General help is provided.
About. Information about LIOS program version, licence, copyright and configuration mode is
displayed.
3.1.1.3 Application commands bar
The application commands bar contains application-specific commands, a link to a filter, and general
commands like Refresh, Print, Export and Help, which are available in every application. The latter are
described here.
General application commands
Refresh. The data is read from the database and the table is updated.
Print. A printer-friendly HTML page reflecting the data currently displayed is generated. A Print form is
displayed where you can edit printing options and start the printing operation.
Export. According to the result of filter setting records are exported as a text file in CSV (commaseparated values) format; this means, commas are used as separators (field delimiters). If no filter is
used all records from database will be exported to a maximum number of records. The maximum
number is specified in the LIOS properties file and can be changed by the Administrator. If a
parameter of a record has no value, the field remains empty. Empty fields are rendered through two
consecutive commas. (Also TXT format with tab stops as separators is supported.)
Exporting data does not mean removing it from the LIOS database.
If after exporting you import the data in a spreadsheet application (e.g. MS Excel), it should
automatically be presented as a table. If this is not so (e.g. all data crammed into one column), it
means that the spreadsheet application expects another separator (field delimiter) than the one
provided with the exported data. Remedy: Change the separators in the spreadsheet application (for
MS Excel: Data/Text to columns) or in the Windows settings (Windows Control Panel->Regional
Options->Numbers->List Separator). If you think that LIOS should generally provide a different
separator, you can change the export format (see 4.16).
Help. Application-specific online help is provided.
3.1.1.4 Work area (table)
The work area is normally occupied by a table, which contains the records that are managed through a
particular application.
It is also used for the display of wizard pages and of error, warning and information messages.
A30828-X9410-B082-35-7619
29/185

Issue 35
Table handling
To perform an action on a single record, select the appropriate icon in the Actions column on the right. To
find out the meaning of an icon, move the cursor to the icon; an explaination will appear in a text bubble.
To view the details of a record, select the ID (hyperlink) in the first column.
To perform an action on more than one record, select the checkboxes on the left and then choose the
appropriate command from the application commands bar at the top.
For reasons of ergonomics and system performance, the table contents are not automatically updated. If
the data kept in the database has changed, the Refresh icon ( ) appears at the bottom left. To update
the table contents, click on the Refresh icon or select Refresh from the application commands bar. (Do
not use the refresh functions provided by the Web browser itself.)
Quick sorting: If you click on a column heading, the table is sorted by the content of this column, in
ascending order; this is indicated by an upward arrow ( ). If you click on the same column heading again,
the table is sorted by the content of the column in descending order (downward arrow ). Quick sorting
does not work with all columns.
Generation time information: Below every table there is a line telling you when the data was read from
the LIOS database and the table was generated (Generated on: <date> <time>) scroll down if
necessary.
Leaving the LIOS system. To log out properly, click on the Logout command in the header.
3.1.2
Wizards, input forms and output forms
A wizard is a sequence of forms that leads the user through the steps of data input.
Read-only fields
Read-only fields look the same as regular fields. It is possible to copy the content of a read-only field to
the clipboard (copy/paste). If a form serves only to view data, all fields are read-only.
Hyperlinks ()
Some output fields are equipped with a hyperlink () to detailed information. If you, for instance, click on
an arrow next to a LEA name field, details of the LEA are displayed.
3.1.2.1 Shifting items between lists
Figure 3-2: List form example

To shift items between the lists, use the arrow push buttons:
30/185
>
Selected items are shifted to the right.
>>
All items are shifted to the right.
A30828-X9410-B082-35-7619

Issue 35
<
Selected items are shifted to the left.
<<
All items are shifted to the left.
You can select more than one item from a list by using the mouse in combination with the Ctrl and Shift
keys.
Ctrl: Selection of more than one item.
If you select an item while you are holding down the Ctrl key, the item will be selected in addition to the
items selected already. If you click on a selected item while you are holding down the Ctrl key, the item
will be unselected.
Shift (!): Selection of a range of items.
Select one item, then hold down the Shift key and select another item. The two items including the range
between them will be highlighted (selected).
3.1.2.2 Push buttons
Previous. The previous page of a wizard is displayed. The data you may have entered in the current
page is preserved.
Next. The next page of a wizard is displayed; make your input first.
Finish. The Finish button appears in a single input form and in the last page of a wizard. Your input is
accepted and the form is closed.
OK. Your input is accepted and the form is closed. The OK button appears in some forms.
Refresh. The content of the form is updated.
Close. The form is closed. The Close button is provided when no input is possible, e.g. in connection
with a View command.
Cancel. Your input is discarded and the form is closed
Help. Online help is provided
3.1.3
Working with filter forms
LIOS provides various filter forms to support information retrieval. In this section general filtering functions
(i.e. functions that are common to most LIOS filter forms) are presented and explained. Applicationspecific fields are dealt with together with the respective applications.
3.1.3.1 General filtering functions
Figure 3-3: Filter form: top section

Time frame. Period of time, including the present moment, when data records were created.
From To. From <date> <time> and To <date> <time> mark the beginning and the end respectively
of the time period when data records were created.
Input format: generally dd.mm.yyyy and hh:mm:ss, but there is a high input tolerance.
For details about filtering by date and time, see 3.1.3.2.
A30828-X9410-B082-35-7619
31/185

Issue 35
The main section of a filter form contains application-specific fields.
Figure 3-4: Filter form: bottom section

Order by. Records are sorted according to the column name you select.
Ascending/descending. Radio buttons. Records are sorted in ascending (A -> Z) or descending
(Z -> A) order.
Maximum number of rows. Specify how many records will be loaded from the database at a time
(see also Functioning of Next " and Previous ! in Section 3.1.1.1).
3.1.3.2 Filtering by date and time
To filter by date and time you can do the following:
Select a time frame or
Specify a beginning (From) point and an end (To) point or
First select a time frame and then edit beginning or end point.
Time frame in this context always marks a time period that includes the present moment.
Possible time frames are today, today & yesterday, this week, this week & last week, this month,
this month & last month, this quarter and this year.
If you select a time frame, the From and To input fields are automatically adapted (the To input fields
remain empty because, naturally, the time frames provided go beyond the present moment). You can
however refine the filter settings by editing the values of the From and To fields.
If you wish to include all items up to a certain point of time, fill in the To fields and leave the From fields
empty.
If you wish to include all items not older than a certain point of time, fill in the From fields and leave the To
fields empty.
Flexible input format
Generally speaking, the input format is dd.mm.yyyy and hh:mm:ss. There, however, is a considerable
input tolerance e.g. if your input is incomplete, it is automatically completed to agree with your
presumable intention.
Input made by the user
Completion made automatically
Time, but no date.
The current date is automatically inserted.
Date, but no time

in the From fields: The time is automatically set to 00:00:00.
in the To fields: The time is automatically set to 23:59:59.
Date has only one value.
The value is recognized as a day number in a month

the current month and year are automatically inserted.
Date has two values (separated

by a delimiter).
The values are recognized as day and month numbers

the current year is automatically inserted.
Time has only one value.
The value is recognized as an hour minutes and
32/185
A30828-X9410-B082-35-7619

Issue 35
seconds are automatically set to 00.

Time has two values (separated
by a delimiter).
The values are recognized as hour and minute numbers

seconds are automatically set to 00.
Date and time without leading

zeros.
Leading zeros are automatically inserted.
Delimiters:
The delimiters (separators) used by LIOS itself are dots (.) for the date and colons (:) for the time.
However, you can also enter other delimiters (? / , . ; : - _ \) or leave a space, only within a field the
delimiter must be the same.
In the Maximum number of rows pull-down list you can specify how many records will be loaded from the
database at a time.
3.1.3.3 Filter push buttons
Finish. Your input is accepted and the form is closed.
Reset. The filter is reset, which means that the default settings are applied.
Load. Filter settings that have been saved are activated.
Save. For each LIOS sub-application, you can save personal filter settings. To activate saved filter
settings, press Load.
Cancel. Your input is discarded and the filter form is closed.
Help. Online help is provided.
3.1.4
IP address verification
An IP address (Internet Protocol address) is a unique number, similar in concept to a telephone number,
used by network devices (routers, telecom switches, computers, time-servers, ...) attached to a network
to refer to each other when sending information through a LAN (Local Area Network) or a WAN (Wide
Area Network) or the Internet for example. IP version 4 (IPv4) is the current standard protocol for the
Internet. IP addresses consist of 32 bits (for more details see RFC 791). IPv4 addresses are commonly
expressed as a dotted quad: four octets (8 bits) separated by dots. LIOS supports IP version 4 and the IP
address classes A, B and C. IP version 6 will also be supported by LIOS, but no application is available at
present. Some IP addresses are used for multicast, broadcast or loopback traffic. These IP addreses can
not be used for switch and LEA configuration and will be checked by LIOS:
"
224-255.x.x.x not allowed
"
127.x.x.x not allowed
"
127.0.0.1 allowed
3.2 User Administration

The LIOS User Administration enables you to
manage LIOS users
give each LIOS user a particular user role: administrator, supervisor and operator
assign user rights to LIOS operators
assign LIOS operators to operator groups (Groups sub-application)
activate external alarming (PIMS) for individual LIOS users
LIOS users have to assume one of the following user roles:
LIOS administrator,
LIOS supervisor,
LIOS operator.
A30828-X9410-B082-35-7619
33/185

Issue 35
As an optional feature, LIOS makes it possible to integrate external operators, who can access LIOS
through an external operator interface. The user administration for external operators is the same as that
for LIOS operators.
LIOS operators can be organized into LIOS operator groups; observations and group alarms belong to a
LIOS operator group and not to an individual operator. Also the authorization for the communication with
NEs and OSs through MML is given to LIOS operator groups (see NE user IDs in Section 3.4.7).
When you start the User Administration, the data displayed reflects the default filter settings. If you wish
to see another selection of data, select the Filter command from the application commands bar. A filter
form appears, where you can specify criteria for the data to be displayed.
Figure 3-5: User Administration

Application commands
New user. The user data wizard (see 3.2.2) is started, where you can enter the data for the new user
to be set up.
A LIOS operator with observation manager rights must be made a member of all operator groups.
Delete users. Selected users are deleted.
Before you can use this command, you must select one or more user records. Records will only be
deleted upon confirmation.
If a LIOS operator still has observations assigned to him, a message is displayed to this effect, but
deletion is nevertheless possible observations belong to the LIOS operator group and not to the
individual operator.
A LIOS operator who has invoked suspend NE/OS server cannot be deleted before the
corresponding resume NE/OS server operation has finished.
If you are the only LIOS administrator, you cannot delete your own user record (nor can you change
your own LIOS user role).
A record of a deleted user is still kept in the LIOS database. The user name has the string _DEL_
plus a sequential number appended to it.
Filter. A filter form (Figure 3-6) is displayed, where you can specify which users should be displayed,
and define sorting options.
Select/unselect all. All records in the table are selected (checkboxes in the first column) or, if all have
been selected previously, they are unselected.
For the commands Refresh, Print, Export and Help see general application commands in Section
3.1.1.3.
34/185
A30828-X9410-B082-35-7619

Issue 35
Table
The table provides you with an overview of user information; it does not contain all details. For a detailed
view, click on the user name (hyperlink) in the first column.
Table columns
User name. Name of LIOS user
Operator/External operator/Supervisor/Administrator. A check mark in the respective column
indicates the user role (an external operator is a LIOS operator who works from a system other than
LIOS).
Alarming state. A check mark means that external alarming is active for the particular user. To show
the Alarming state of an external alarm is an optional feature (depends on the LIOS license).
Actions. These actions affect only the individual record.
Modify user. The user data wizard (see 3.2.2) is started, where you can modify the user
record. The user name cannot be changed the corresponding field is read-only.
Copy user. The user data wizard is started. It contains the values of the selected user record.
You can modify these values at least you have to enter a new user name.
Delete user. The user record is deleted.
Activate/deactivate external alarming. Toggle switch. External alarming is activated or
deactivated.
3.2.1
User filter
If you wish to reduce the number of records to be displayed, you can define a filter. If a field is empty or
not selected, it has no influence on the filtering process.
Figure 3-6: User Administration user filter

User name. Only records are displayed whose names match the string entered. Wild cards (* and
?) are accepted.
Remark. Only records are displayed where a remark added matches the string entered. Wild cards
(* and ?) are accepted.
Show users:
Not deleted. All non-deleted LI users are displayed.
Deleted. All deleted LI users are displayed. A deleted users name is marked by _DEL_ plus a
sequential number appended to it.
For a description of general filtering functions (i.e. functions that are common to most LIOS filter forms)
and push buttons see 3.1.3.1.
A30828-X9410-B082-35-7619
35/185

Issue 35
3.2.2
User data wizard
To start the user data wizard, select new user, modify user or copy user.
General and security information
Figure 3-7: User data wizard general and security information

User name. Name of the LIOS user (case-sensitive). Maximum length: 25 characters. ASCII
characters.
Remark. Optional parameter. ASCII characters. Maximum length: 60 characters.
Password. Specify the password the user has to enter, and communicate it to the user.
Confirm password. Retype the password.
Checkboxes:
Change on first login. The user will have to change the password at the first login.
Password never expires.
User role
Figure 3-8: User data wizard user role

Select one of the option buttons provided, depending on the role the user is to assume.
Internal operator. LIOS operator.
External operator. LIOS operator who works from a system other than LIOS.
Supervisor. LIOS supervisor.
Administrator. LIOS administrator.
If you are the only LIOS administrator, you cannot change your own LIOS user role.
OPERATOR RIGHTS AND GROUP MEMBERSHIPS
This page is provided only for setting up operators.
36/185
A30828-X9410-B082-35-7619

Issue 35
Operator rights
Figure 3-9: User data wizard operator rights and group memberships
Other than administrators and supervisors, operators can be authorized to use only a selection of LIOS
applications. Select the appropriate checkboxes (more than one selection is possible).
LEA Administration. Administration of LEA data.
MML Handling. Sending MML commands to NEs and OS servers from the MML console application.
Observation Handling. Creation and administration of observations.
Observation Manager. Synchronizing the LIOS database with the LI database of the NE/OS server,
for aligning the LI database of the NE/OS server with the LIOS database, and for suspending and
resuming observations and LEAs (OBSGRP) on the NE/OS server.
The observation manager is an optional feature (depends on the LIOS license).
If you do not select any checkbox, the operator can still handle alarms (Alarm browser).
Operator group memberships
LIOS operators can be organized into operator groups; observations and group alarms belong to an
operator group and not to an individual operator. The operator group memberships form enables you to
assign one operator to one or more operator groups.
To assign an operator to groups, select the groups from the available operator groups list on the left and
press the > button. The names are shifted to the selected operator groups list.
LIOS operators with Observation Manager rights must be members of all operator groups.
Available operator groups. Groups of which the operator is not a member.
Selected operator groups. Groups of which the operator is a member.
How to shift items between the lists with the arrow push buttons and with the Ctrl and Shift keys is
explained in Section 3.1.2.1.
A30828-X9410-B082-35-7619
37/185

Issue 35
EXTERNAL ALARMING (optional page)
Figure 3-10: User data wizard external alarming (optional page)

Here you can specify which alarm types should be covered by external alarming. For external alarming,
the Protocol-Independent Messaging System (PIMS) is used. (See [7]; for an explanation of VIP alarms,
see 3.11.)
External alarming identifier. Identifier of the corresponding external alarming recipient. It also has to
be administered with the PIMS application.
active. Checkbox. If it is selected and an alarm of a selected alarm type has occurred, then an alarm
message is send to the PIMS application. The PIMS application sends this alarm message to a final
destination using the external-alarming identifier.
Note: If the external-alarming identifier is unknown to the PIMS application, then the state is set to
inactive and an alarm is created (no further alarms for this external-alarming identifier are sent to the
PIMS application). This means that you should check the external-alarming identifier in the PIMS
application and select the active checkbox again.
To specify which alarm types should be covered by external alarming, select the alarm types from the
available alarm types list on the left and press the > button. The names are shifted to the selected
alarm types list.
Available alarm types. Alarm types that are not covered by external alarming.
Selected alarm types. Alarm types that are covered by external alarming.
3.3 User Administration: Groups

LIOS operators can be organized into LIOS operator groups; observations and group alarms belong to a
LIOS operator group and not to an individual operator.
When you start the User Administration, the data displayed reflects the default filter settings. If you wish
to see another selection of data, select the Filter command from the application commands bar. A filter
form appears, where you can specify criteria for the data to be displayed.
38/185
A30828-X9410-B082-35-7619

Issue 35
Figure 3-11: User Administration Groups

New operator group. The group data form (see 3.3.2) is opened, where you can enter the data for
the new operator group to be set up.
If there are LIOS operators with Observation Manager rights, you must make them members of the
new operator group.
Delete operator groups. Selected operator groups are deleted.
Before you can use this command, you must select one or more group records. Records will only be
You can only delete a group that contains no operators and has no observations assigned to it.
A LIOS operator who has suspended an NE/OS server and not yet resumed it cannot be deleted.
A record of a deleted group is still kept in the LIOS database. The group name has the string _DEL_
plus a sequential number appended to it.
Filter. A filter form (Figure 3-12) is displayed, where you can specify which operator groups should be
displayed, and define sorting options.
3.1.1.3.
Table
The tables provides you with an overview of group information; it does not contain all information. For a
detailed view, click on the group name (hyperlink) in the first column.
Table columns
Group name. Name of operator group.
Remark
Modify group. The group data form (see 3.3.2) is opened, where you can modify the group
record. The group name cannot be changed the corresponding field is read-only.
Copy group. The group data form is opened. It contains the values of the selected group
record. You can modify these values at least you have to enter a new group name. If you press
the Finish button, a new group record with this data is created.
If there are LIOS operators with Observation Manager rights, you must make them members of
the new group.
Delete group. The group record is deleted.
A30828-X9410-B082-35-7619
39/185

Issue 35
3.3.1
Group filter
By setting filter criteria you can restrict the data to be displayed. If a field is empty or not selected, it has
no influence on the filtering process.
Figure 3-12: User Administration, group filter

Group name. Only records are displayed whose names match the string entered. Wild cards (* and
?) are accepted.
Remark. Only records are displayed where a remark added matches the string entered. Wild cards
(* and ?) are accepted.
Show operator groups.
Not deleted. All non-deleted operator groups are displayed.
Deleted. All deleted operator groups are displayed. A deleted group is marked by _del plus a
sequential number appended to its name.
3.3.2
Group data form
To open the group data form, select new group, modify group or copy group.
40/185
A30828-X9410-B082-35-7619

Issue 35
General information
Figure 3-13: Group data form, general information and group members
Group name. Name of the LIOS operator group. Maximum length: 25 characters.
Remark. Optional parameter. Maximum length: 60 characters.
Members of operator group
To assign users to a group, select the users from the available users list on the left and press the >
button. The names are shifted to the selected users list.
LIOS operators with Observation Manager rights must be members of all groups. If they are not, they will
lose their Observation Manager rights.
Available users. LIOS users who are not members of the group.
Selected users. Members of the group.
A30828-X9410-B082-35-7619
41/185

Issue 35
3.4 Host Administration: NEs

The LIOS Host Administration enables you to administer the communication between LIOS servers and
network elements (NEs) and the applications running on LIOS servers and NEs. For the communication
with an NE, first of all the data of the LIOS server (local) and the data of the NE (remote) must be
specified and written to the LIOS database. The same applies to application-specific address data for
each type of application to be used (e.g. MMLCM for sending MML commands, LID for receiving
tickets and NE alarms). To enter the local communication data, open the LIOS Servers sub-application;
to enter the remote communication data, open the NEs sub-application. As a matter of course, the remote
communication data must also be entered locally on the NE (by the NE administrator).
The LIOS Host Administration must be executed in accordance with the administration of NEs!
From LIOSs point of view, NEs can also be organized in NE networks. NE networks are used for the
monitoring of foreign directory numbers (FDN) and of mobile subscribers.
When you start the Host Administration, NEs sub-application, the data displayed reflects the default
filter settings. If you wish to see another selection of data, select the Filter command from the application
commands bar. A filter form appears, where you can specify criteria for the data to be displayed.
Figure 3-14: Host Administration, NEs

New NE. The NE data wizard (see 3.4.6) is started, where you can enter the data for the new NE to be
set up.
Please note: If you have set up an NE, you still have to activate it, so that LIOS can access it.
Delete NEs. Selected NE records are deleted.
Before you can use this command, you must select one or more NE records. Records will only be
You can delete an NE only if it has no observations on it (this includes LEA data).
Check connection. This function invokes to check the connection for all NEs selected in the column
NE name. In the column Connection checked the result of the connection check is indicated by
symbols. In addition date and time of the connection check is displayed as well.
42/185
A30828-X9410-B082-35-7619

Issue 35
Communication settings. The Communication Settings form (see 3.4.1) is displayed, where you can
set the timer and counter values controlling the communication and the CMISE protocol used for the
connection to NEs. The settings affect the whole LIOS system it is not possible to make separate
settings for individual NEs.
Activate NEs. When an NE has been set up, it also has to be activated so that LIOS can
communicate with it (see 3.4.2).
Filter. A filter form (Figure 3-17) is displayed, where you can specify which NEs should be displayed,
Print. A printer-friendly HTML page reflecting the data currently displayed is generated. A Print form is
displayed where you can edit printing options and start the printing operation.
Export. Records are exported as a text file in CSV (comma-separated values) format, with each line
representing one application that has been set up for the communication with the NE (see 3.4.4).
Table
The table provides you with an overview of NE information; it does not contain all details. For a detailed
view, click on the NE name (hyperlink) in the first column.
Table columns
NE name. Name of network element.
Active. A check mark (
) means that the NE has been activated; a cross (
) means that it has not.
Provider. Network provider responsible for the NE.

NE type. Type of the NE: e.g. Siemens fixed EWSD, Alcatel S12, Huawei Fixed, (see Annex 2:
LIOS supported network elements).
Version. Software version of the NE: e.g. EWSD V17, hiE9200 V3, (see Annex 2: LIOS
supported network elements).
Connection checked. State of the connection check.
Never. No Connection check performed yet
Running since <date time>. Connection check is in proggess (running). Start date and start
time of the connection check is displayed. After the check is finished the state of the
connection check will be changed. The following states are possible (not OK, OK and Check
not supported)
<date time>. Connection to the NE is not OK. Date and time of the connection check is
displayed.
<date time>. Connection to the NE is OK. Date and time of the connection check is
displayed.
Check not supported. Connection check to the corresponding NE is not supported.

Modify NE. The NE data wizard (see 3.4.6) is started, where you can modify the NE record.
The NE name cannot be changed the corresponding field is read-only.
Copy NE. The NE data wizard (see 3.4.6) is started. It contains the values of the selected NE
record. You can modify these values at least you have to enter a new NE name.
A30828-X9410-B082-35-7619
43/185

Issue 35
Delete NE. The NE record is deleted.

Reset passwords. A form is displayed where you can adjust the LI passwords in the LIOS
system to the passwords set on the NE (see 3.4.8). Only for EWSD V12 and higher, and for
hiQ/E9200.
3.4.1
Communication Settings
In the Communication Settings form you can set the timer and counter values controlling the
communication and the CMISE protocol used for the connection to NEs. The settings affect the whole
LIOS system it is not possible to make separate settings for individual NEs.
Figure 3-15: Host Administration, NEs Communication Settings

MMLCM timers
CMISE response timer (min.). Waiting time (in minutes) for a CMISE response during an MML
session. Range: 1 to 10.
MML session timer (min.). Waiting time (in minutes) before an unused MML session is canceled.
Select value from the pull-down list. Options: 5, 10 and 15 minutes
MML command timer (min.). Waiting time (in minutes) before an MML command is canceled if there
is no response from the NE. Select value from the pull-down list. Options: 5, 10 and 15 minutes.
Ticket buffer configuration (only for EWSD and hiQ/E9200)
Ticket buffer timer (min.). Time (in minutes) to elapse before LIOS checks again if a ticket buffer file
has been generated on an NE. Range: 10 to 600.
44/185
A30828-X9410-B082-35-7619

Issue 35
3.4.2
NE activation
Figure 3-16: Host Administration, NE activation

Before you can activate an NE, you must create an NE record. NE activation finally makes LIOS
communicate with the NE.
If, while activating an NE, you go beyond the number of ports covered by the LIOS license (licensed
ports), a message is displayed to this effect. Inform the license owner that a new license covering all
ports used should be obtained.
If the number of ports used exceeds the number of ports covered by the license, LIOS will still function for
a certain time (20 days, as a rule). After this, the administration of observations will no longer be possible
in the entire LIOS system unless an adequate license has been obtained.
You can deactivate an NE only
If it is not a member of an NE network,
If there are no active observations associated with it and
If it has not been suspended (Locked state). If an NE is in Locked state, observation and LEA
data associated with the NE cannot be modified in any way.
You need not deactivate an NE for modifying it e.g. adding or removing applications.
Table
The column headings Active, NE name, NE type, Port count and Locked refer to NEs, the column
headings State and Reason refer to the last initiated activation or deactivation job, whichever applies. If,
for example, the NE is marked as active (Active column with check mark) and in the State column it
says Failed, it means that the NE is active and an attempt to deactivate the NE has failed. To view the
reason for the failure, click on the hyperlink in the Reason column.
A30828-X9410-B082-35-7619
45/185

Issue 35
If an NE is in Locked state (cross in the Locked column), observation and LEA data associated with the
NE cannot be modified in any way. Locked means that Suspending, Resuming, DB Synchronization or
DB Alignment processing is active or that the NE is in DN modified state.
Activation and deactivation jobs can be in the following states:
Waiting
Processing
OK
Failed
The table at the bottom of the window shows you for each NE type how many ports are covered by the
LIOS license (licensed ports), how many have already been set up (used ports) and how many can still
be set up (free ports). If you exceed the number of ports, the current LIOS license will expire after 20
days; a message is displayed to this effect, and the expiration date is stated.
Push buttons:
Activate. The NE selected in the table is activated.
Deactivate. The NE selected in the table is deactivated.
Abort. The activation/deactivation job is aborted. You can abort a job if there is no response from the
NE.
Close. The form is closed.
If NE activation fails, a report icon appears in the Reason column. If you click on the icon, the NEs
response is displayed, which tells you the reason for the failure.
3.4.3
NE filter
Figure 3-17: Host Administration, NE filter

NE name. Only records are displayed whose names match the string entered. Wild cards (* and ?)
are accepted.
3.4.4
Export
According to the result of filter settings all records read from the LIOS database are exported (saved) in
CSV (comma-separated values) format. (Also TXT format with tab stops as separators is supported to
be configured in the LIOS properties.)
46/185
A30828-X9410-B082-35-7619

Issue 35
NE and LIOS server data is exported by application for each application set up for an NE or a LIOS
server, a separate NE or LIOS server record is exported.
You can reduce the amount of records to be exported by applying additional filter criteria.
In the form displayed, specify a directory and a file to which the data should be exported.
Export format:
When NE or LIOS server data is exported, each line in the export file corresponds to one application
record. If, for example, 4 applications have been set up for an NE, the export file will contain 4 rows
for the NE. When NE network data is exported, each line in the export file corresponds to one NE
network record.
Columns are divided by commas.
If a parameter of a record has no value, the field remains empty. Empty fields are rendered through
two consecutive commas.
3.4.5
Setting up NEs
The sequence of forms provided for setting up NEs varies by NE type. The following sections show you
the sequence for each NE type and offer you cross-references to the relevant information.
3.4.5.1 Siemens EWSD and hiQ/E 9200
1. General see 3.4.6.1
2. ETSI Network ID see 3.4.6.3
3. LI NE passwords and specific parameters (for EWSD, hiQ/E9200) see 3.4.6.4
4. Parameters for X.25 see 3.4.6.5
5. Parameters for IP see 3.4.6.6
6. Applications see 3.4.6.12
7. General application data see 3.4.7.1
8. OSI see 3.4.7.2
9. Passwords for EWSD and hiQ/E9200 FT see 3.4.7.3
10. Passwords for EWSD and hiQ/E9200 EFD see 3.4.7.4
11. NE user IDs (MMLCM) see 3.4.7.6
12. NE user ID wizard see 3.4.7.7
13. Authorization data see 3.4.7.8
14. MMLCM authorization data see 3.4.7.9
15. FT authorization see 3.4.7.10
16. FT Authorization form see 3.4.7.11
3.4.5.2 Siemens MSC
2. LI Options see 3.4.6.2
5. Parameters for IP (EWSD, hiQ/E9200, MSC SR11/SR12) see 3.4.6.6
A30828-X9410-B082-35-7619
47/185

Issue 35

8. OSI see 3.4.7.2
9. NE user IDs (MMLCM) see 3.4.7.6
10. NE user ID wizard see 3.4.7.7
11. Authorization data see 3.4.7.8
3.4.5.3 Siemens hiQ 4200 and 8000
3. Parameters for IP (hiQ4200/8000) see 3.4.6.7
3.4.5.4 Alcatel S12
6. Passwords for Alcatel S12 MMLCM see 3.4.7.5
3.4.5.5 Huawei C&C08
3. Parameters for IP and MCs (Huawei C&C08) see 3.4.6.8
3.4.5.6 Huawei GSM
3. Parameters for IP (Huawei GSM) see 3.4.6.9
3.4.5.7 Siemens IN@vantage
2. Parameters for IP (Siemens IN@vantage 3.4.6.10
3.4.5.8 Nortel (via LIM)
2. Authorization data (Nortel/LIM) see 3.4.6.11
3.4.6
NE data wizard
To start the NE data wizard, select new NE, modify NE or copy NE.
48/185
A30828-X9410-B082-35-7619

Issue 35
The NE data wizard is provided for adding, modifying and copying an NE record and setting up
applications for an NE.
NOTICE REGARDING EWSD AND hiQ/E9200:
Lower-case letters as parts of MML commands and parameters are not accepted by EWSD and
hiQ/E9200; the only exceptions are passwords.
3.4.6.1 General
Figure 3-18: NE data wizard General

Provider. Mandatory parameter. It specifies the abbreviated name of the network provider responsible
for the NE. The abbreviation for the provider name has been predefined by the national authorities. It
consists of two or three characters and is used as the first part of the LI ticket names (i.e. file names).
It enables LEAs to identify the LI tickets originating from the network of a particular provider.
LIOS V6.0 and higher versions let you enter several providers for one NE; separate entries through
commas.
(The term that normally conveys this meaning is network operator [ETSI]. Since this, however, might
be confused with LIOS operator, the term network provider is used in a LIOS context.)
NE name. Mandatory parameter. It specifies the name of the NE. It can contain 1 to 5 characters
(maximum length and allowed characters depend on the NE type); permitted characters are
uppercase characters, digits, and the following special characters: + . % # *. The NE name must be
identical with the NE name used on the NE (for EWSD and hiQ/E9200: as has been specified by the
ENTREXCHID command). If the NE name is not specified on the NE, LIOS cannot recognize the end
of MML command output data; MML commands then end with Canceled state although it looks as if
the NEs response (MML command output) text was successfully sent to the MML console.
Long NE name. Optional parameter, where you can enter a more meaningful NE name, for easier
recognition of the NE record. Maximum length: 40 characters. All characters accepted.
NE type. Mandatory parameter. Type of the NE: e.g. Siemens fixed EWSD, Siemens fixed
hiQ4200/8000, Alcatel S12, Huawei fixed, Nortel fixed (KCC LIM). Depending on the NE type selected,
further NE-type-specific parameters may have to be entered. Select the NE type from the list provided.
NE version. Mandatory parameter. Software version of the NE, see Annex 2: LIOS supported
network elements. Depending on the NE version selected, further NE-type-specific parameters may
have to be entered. Select the NE version from the list provided.
Remark. Optional parameter. Maximum length: 50 characters. All characters accepted.
Time zone. If LIOS and the NE are located in different time zones, select the time zone of the NE.
This information is needed only for :
A30828-X9410-B082-35-7619
49/185

Issue 35
a) the replay protected password feature:

The encryption of the passwords can be used for NE communication (EWSD and hiQ/E9200)
see replay-protected password, Section 3.4.7.
b) the time zone conversion for the time stamp in tickets (EWSD and hiQ/E9200):
see Section 4.17.
3.4.6.2 LI Options

For Siemens MSC, you have to specify the LI Options according to the values used on the NE:
CUG indexing activated. If CUG indexing is activated, it is used on the NE for creating observations.
If CUG indexing is to be used, the CUGs index must be administered on the NE and the
corresponding flag must be set in the LI options on this NE (to find out, start the MML console and
enter the MML command DISPLIOPT or ask the administrator of the NE). On the LIOS side, this flag
must be set and, in addition, the CUGs must be administered with the same index that has been
defined on the NE (managing CUGs belongs to the tasks covered by the LEA Administration).
Location dependant interception. Optional parameter defining whether this feature is configured on
the NE (LI option LDEPINT) or not. If location dependant interception is activated, it will be possible to
define the location where each LEA is allowed to intercept a mobile subscriber (by a set of LACs).
Note: If checked, the Location Area Code is a mandatory parameter for a LEA connected to this NE. If
not checked, then a LEA with Location Area Code, Forwarded to number country code and Call
Data Notification can not be used (See also chapter 3.8.2.2.3).
Location based interception. Optional parameter defining whether this feature is configured on the
NE (LI option LBAINT). You can select it only if Location dependent interception is selected. This
feature allows creation of an interception for a range of MSISDN numbers by usage of * or some first
digits and adding a * at the end.
ETSI signaling enabled (User to User Info). Optional parameter defining whether the ETSI signaling
is configured on the NE. The corresponding LEA must be compatible with ETSI signaling allowed by
NE. At least the same type or both must be set on NE (for LI option ETSIHI: V2-UUS1 or V2-X). SR11
and SR12 only.
ETSI signaling enabled (Subaddressing). Optional parameter (see above). (LI option ETSIHI: V2SUBADDR or V2-X). SR11 and SR12 only.
3.4.6.3 ETSI Network ID
50/185
A30828-X9410-B082-35-7619

Issue 35
The ETSI standard on Lawful Interception also regulates in which format data has to be contained in the
IRI records. Since data is not received from NEs in ETSI format, data conversion is necessary. This is not
applicable for Siemens IN@vantage and Nortel fixed.
The network ID comprises the operator ID and the NE ID. In this form you can specify how network
operator ID and NE ID should be rendered in LI tickets.
Format here only refers to the format of the NE ID (Address) how the NE communicates with LIOS is
irrelevant in this context. Select a format and enter the NE address according to the format selected.
Operator ID. Mandatory parameter. Network operator of the NE. (The term used for network operator
in a LIOS context is normally network provider.)
Maximal length 5 characters;
Accepted input: a..z, A..Z, 0..9 and %.#*+"!$()<>,_/-?:;=&.
For Huawei fixed:
Maximal length 5 characters;
Accepted input: decimal digits (0-9) and the two special characters #, *.
NE ID. The fields in the NE ID section are optional.
Format. Format here only refers to the format of the NE ID (Address) how the NE
communicates with LIOS is irrelevant in this context. Select a format (E.164, X.25, IP or DNS)
and enter the NE address accordingly. Which formats are actually available, also depends on the
NE type.
Address. Enter the NE ID as it should be output in ETSI-format tickets.
E.164. Number in international format (= country code + LAC + DN). Input depends on the
settings in the lios.properties configuration file:
Decimal digits, 46 characters max. (LIOS properties HostAdmin.ETSI_Hexa = 0 and
TicketRouter.ETSI_AddHeader = 1) or
Hexadecimal digits, 50 characters max. (LIOS properties HostAdmin.ETSI_Hexa = 1 and
TicketRouter.ETSI_AddHeader = 0).
X.25. DTE address in international format. Input depends on the settings in the lios.properties
configuration file:
Decimal digits, 46 characters max. (LIOS properties HostAdmin.ETSI_Hexa = 0 and
TicketRouter.ETSI_AddHeader = 1) or
Hexadecimal digits, 50 characters max. (LIOS properties HostAdmin.ETSI_Hexa = 1 and
TicketRouter.ETSI_AddHeader = 0).
IP. IP address; decimal numbers separated by dots (.).
DNS. DNS (domain name system) address. 25 characters max.
A30828-X9410-B082-35-7619
51/185

Issue 35
3.4.6.4 LI NE passwords and specific parameters (for EWSD, hiQ/E9200)
Figure 3-21: NE data wizard LI NE passwords and specific parameters (EWSD and hiQ/E9200)
LI NE passwords are needed for the administration of the LI function on EWSD and hiQ/E9200 switches.
LI group command password. For EWSD V12 and higher, and for hiQ/E9200. For controlling most
LI functions on the NE (creating/modifying LEAs and observations) the LI group command password is
needed. To be able to specify or modify the LI group command password, you must know the LI ID
password.
Maximum length and characters allowed depend on the NE type. For EWSD, version V13A and
higher, and for hiQ/E9200, the length has to be from 8 to 15 characters, for EWSD V12 it has to be
from 1 to 15 characters. The following characters are allowed: uppercase and lowercase characters,
digits, and special characters except ~, ^, |, \, [ and ].
LI ID password. For EWSD V12 and higher, and for hiQ/E9200. LI ID password. It is needed for
specifying or modifying the LI group command password and the audit password. The LI ID password
replaces the hard-coded LI password.
Maximum length and characters allowed depend on NE type and version. For EWSD, version V13A
and higher, and for hiQ/E9200, the length has to be from 8 to 15 characters. The following characters
are allowed: uppercase and lowercase characters, digits, and special characters except ~, ^, |, \, [
and ].
LI audit password. For EWSD V13A and higher, and for hiQ/E9200. LI audit password. It is needed
for invoking LI audit functions (e.g. DISPLIMEAS). To be able to specify or modify the audit password,
you must know the LI ID password.
Maximum length and characters allowed depend on NE type and version. For EWSD, version V13A
and higher, and for hiQ/E9200, the length has to be from 8 to 15 characters, for EWSD V12 it has to
be from 1 to 15 characters. The following characters are allowed: uppercase and lowercase
characters, digits, and special characters except ~, ^, |, \, [ and ].
52/185
A30828-X9410-B082-35-7619

Issue 35
Realized as Power Node. For EWSD version V15 and higher, and for hiQ/E9200. This information is
necessary for LIOS to determine the RPPW algorithm (see replay-protected password, Section 3.4.7).
Select checkbox if the NE is a Power Node. To find out, start the MML console and enter the MML
command DISPEXDDAT or ask the administrator of the NE.
CUG indexing activated. For EWSD switches, version V13A and higher, for hiQ/E9200. CUG
indexing is a security feature.
If CUG indexing is activated, it is used on the NE for creating observations. If CUG indexing is to be
used, the CUGs index must be administered on the NE and the corresponding flag must be set in the
LI options on this NE (to find out, start the MML console and enter the MML command DISPLIOPT or
ask the administrator of the NE). On the LIOS side, this flag must be set and, in addition, the CUGs
must be administered with the same index that has been defined on the NE (managing CUGs belongs
to the tasks covered by the LEA Administration).
Ticket buffer management activated. Optional parameter for EWSD switches, version V13A and
higher, and for hiQ/E9200. Ticket buffer management activated refers to the respective NE and not to
LIOS as a whole. Ticket buffer management means that, if LI tickets have not been sent to LIOS for
more than 24 hours because of a broken connection between the NE and LIOS, they are stored in a
ticket buffer file on the NE. As soon as the connection is repaired, the ticket buffer file is retrieved by
LIOS.
Prerequsites for ticket buffer management:
On the NE: the ticket buffer file (= ticket file in EWSD and hiQ/E9200) flag has to be set in the LI
options and a file group has to be created for the ticket buffer file, protected by a file group password.
In the LIOS system: the ticket buffer flag must be set and the FT application data must be
administered for this NE.
Since ticket buffer files are retrieved from the NE via FT (see 3.4.7), general timers and counters can
be set (see 3.4.1).
NE identification number. Optional parameter for NEs of EWSD, version V13A and higher, and for
hiQ/E9200. Value range: 1 to 65535. The NE identification number should be chosen so that it is
unique within the network. The NE identification number is not administered on the NE but it can be
specified in the parameters of an observation. If so, it is contained in the LI tickets of the observation
and it can be used by LEAs to identify the NE from which the LI tickets have originated. See also NE
identification number in LEA Administration, LEA data wizard, Observation parameters.
Do not confuse the NE identification number with the NE ID as part of the ETSI ticket parameters (see
3.4.6.3).
NE directory number. Optional parameter for NEs of EWSD version V13A and higher, and for
hiQ/E9200. It specifies a virtual NE directory number. The NE directory number should be chosen so
that it is unique within the network (it should include the local area code). This number is not
administered on the NE but it can be specified in the parameters of an LEA. If so, it is sent as a CLIP
number to the LEA when the call content is sent. The LEA can immediately identify the NE that is
connecting to the LEA equipment to send call content. 1 to 18-digit hexadecimal number; accepted
values: 0 to 9, A to F, * and #. See also CLIP DN in LEA Administration, LEA data wizard,
Observation parameters.
ETSI V2 allowed. Only for EWSD V17 and V18 / hiE9200 V3 and V3.2. Selection of the ETSI_V2
signaling schemes is allowed. The corresponding LI property must be set on the NE.
TR TKUE 40 active. Only for EWSD V17 and V18 / hiE9200 V3 and V3.2. The NE uses the German
variant of ETSI_V2. If you select this check box, also ETSI V2 signaling must be selected. The
corresponding LI property must be set on the NE.
Transport system
Specify whether IP or X.25 should be used. IP is only supported by EWSD V15 and higher, by hiQ/E9200
and by hiQ4200/8000; for hiQ4200/8000 IP is mandatory. Depending on your selection, the appropriate
input fields are provided.
A30828-X9410-B082-35-7619
53/185

Issue 35
3.4.6.5 Parameters for X.25
Figure 3-22: NE data wizard transport system/X.25

Make sure that you enter exactly the same parameters that have been specified on the NE. An incoming
connection is recognized by LIOS through the transport selector and the NSAP address.
DTE address. Data terminal equipment address. Specifies the X.25 address for routing. Mandatory
parameter. Maximum input: 14 digits if AFI is set to 36, otherwise 15 digits. If you press the Tab key
after entering the DTE address, the DTE address is automatically copied into the IDI field of the NSAP
address.
Reverse charging. Reverse charging should normally be set to Off.
This field specifies who pays for an X.25 connection. As a rule, the party who has initiated the
connection pays for it. If LIOS is operated by an organization other than the telephone company who
owns the NE, reverse charging can possibly be set to On.
NSAP (network service access point) fields
AFI. Address facility identification (enter 36 for X.25 address format, 44 for ISDN address format or 48
for local X.25).
IDI. Initial domain identifier.
DSP. Domain-specific part.
Mandatory parameters, only decimal digits are allowed. If AFI is set to 36 (NSAP for X.25), the fixed
length for the IDI field is 14 and the maximum length for the DSP field is 24.
If AFI is set to 44 (NSAP for ISDN), the fixed length for the IDI field is 15 and the maximum length for
the DSP field is 23. If AFI is set to 48, the IDI field is ignored and the maximum length for the DSP field
is 38.
Flow control negotiation. If selected, flow control negotiation will be performed before an X.25
connection is built up.
Packet size. Mandatory parameter. Maximum packet size at which flow control negotiation will start.
Default value is 1024.
Window size. Mandatory parameter Maximum window size at which flow control negotiation will start.
Default value is 7.
54/185
A30828-X9410-B082-35-7619

Issue 35
3.4.6.6 Parameters for IP (EWSD, hiQ/E9200, MSC SR11/SR12)

Only for EWSD V15 and higher, hiQ/E9200, and MSC SR11 and higher.
Figure 3-23: NE data wizard transport system / IP

IP address. IP address of the NE. The port number is automatically set to default.
3.4.6.7 Parameters for IP (hiQ4200/8000)
Figure 3-24: NE data wizard transport system / IP (hiQ4200/8000)

IP address. The NEs IP address used by LIOS for communicating with the NE.
IP port. IP port for the Web service for the NELIOS communication.
Allowed incoming IPs. IP addresses from which tickets will be sent to LIOS; separate IP addresses
with a comma. If the NE uses only one IP address for communication and for ticket sending you
can leave this field empty.
A30828-X9410-B082-35-7619
55/185

Issue 35
3.4.6.8 Parameters for IP and MCs (Huawei C&C08)

Communication parameters
Figure 3-25: NE data wizard Communication properties (Huawei C&C08)

All parameters are mandatory:
IP address. This is the IP address of the switchs LI interface.
Accepted input: IP address format (4 times 0255 separated by dots, e.g.: 155.12.0.104).
IP port. This is the IP port of the switchs LI interface. The default port is 6900.
The following two parameters are necessary for authentication:
User name. Enter a user-defined user name.
Maximum length: 25 characters.
Accepted input: 0..9, a...z, A...Z, ! ,@ ,# ,$ ,% ,^ ,& ,* ,(,) ,_ ,- ,= ,+ ,. ,< ,> ,/ ,? ,[ ,] ,{ ,} ,\.
Password. Enter a user-defined password.
Accepted input: 0..9, a...z, A...Z, ! ,@ ,# ,$ ,% ,^ ,& ,* ,(,) ,_ ,- ,= ,+ ,. ,< ,> ,/ ,? ,[ ,] ,{ ,} ,\.
Call content routing properties
Figure 3-26: NE data wizard Call content routing properties (Huawei C&C08)
Notifications and alarm messages can be sent by a Huawei C&C08 switch to up to three Huawei
monitoring centers (MC). Call content and LI tickets can be sent to a greater number of LEAs. However,
each LEA set up in the LIOS system has be associated with one of these MCs. For setting up an MC, the
following information is necessary:
56/185
A30828-X9410-B082-35-7619

Issue 35
Huawei MC0, MC1 and MC2

Call source. If an NE establishes a call content connection to a LEA, it needs to know the call source
of the corresponding monitoring center and the DN of LEA. Call source code is the number 065535.
COLP. It controls whether to perform the consistency judgment between the number sent back by the
LEA and the DN of LEA address. If you check this field, the switch will consider the monitoring facility
illegal and release the call content connection when it detects an inconsistency.
Alarm processing server. The Huawei C&C08 switch sends alarms to the LIOS alarm processing
server. LIOS then forwards alarms to the LEA and stores them also in the LIOS system as A-OIX00100 alarms. Alarms can be visible in the Alarm browser application.
In the combo box you can select which LIOS server will receive alarms for the particular MC from the
switch. The field with the IP address is read-only and is automatically filled with the IP address of the
chosen alarm server.
Authorization data
Figure 3-27: NE data wizard Authorization data (Huawei C&C08)

To give a LIOS operator group access to the NE, select the corresponding checkbox in the Access
Permitted column next to the Operator Group name. To deny access, unselect the checkbox.
The none group is always selected (you cannot unselect it); it is needed by the LIOS services.
A30828-X9410-B082-35-7619
57/185

Issue 35
3.4.6.9 Parameters for IP (Huawei GSM)
Figure 3-28: NE data wizard transport system / IP (Huawei GSM)
Transport system
The following parameters are mandatory:
IP address. This IP address is used for communication LIOSNE.
IP port. This port number is used for the communication LIOSNE.
Accepted input: 165535
The following three parameters (Huawei NE ID, User name and Password) are necessary for
authentication:
Huawei NE ID. Enter a user-defined Huawei NE ID.
Maximum length: 40 decimal digits. Accepted input: 0..9.
User name. Enter a user-defined user name. Maximum length: 32 characters.
Accepted input: 0..9, a...z, A...Z, %, ., #, *, +, ", !, $, (, ), <, >, _, /, -, ?, :, ;, =, &.
Password. Enter a user-defined password. Maximum length: 32 characters.
Accepted input: 0..9, a...z, A...Z, %, ., #, *, +, ", !, $, (, ), <, >, _, /, -, ?, :, ;, =, &.
Authorization data
permitted column next to the Operator group. To deny access, unselect the checkbox.
3.4.6.10 Parameters for IP (Siemens IN@vantage)
58/185
A30828-X9410-B082-35-7619

Issue 35
Figure 3-29: NE data wizard transport system / Siemens IN@vantage
Communication parameters
IP address. IP address used for LIOSNE communication.
IP port. Port number used for LIOSNE communication.
Accepted input: 165535.
Allowed incomming IPs. IP addresses used for NELIOS communication; separate IP addresses with a
comma. If the NE uses only one IP address for LIOSNE and NELIOS communication you can leave
this field empty.
Transaction timer (sec). Maximum time in seconds that LIOS will wait for the response to a
command sent to the switch.
Server path. HTTP context string, which will be used to create an URL for communication with the
Siemens IN@vantage switch. In the URL this string appears after the IP address and IP port.
Accepted input: a...z, A...Z, 0..9, /_.
Authorization data
permitted column next to the Operator group. To deny access, unselect the checkbox.
A30828-X9410-B082-35-7619
59/185

Issue 35
3.4.6.11 Authorization data (Nortel/LIM)
To give a LIOS operator group access to the NE, select the corresponding checkbox in the access
permitted column next to the operator group name. To take away access, unselect the checkbox.
The none group is always selected (you cannot unselect it). It is needed by the LIOS services.
Figure 3-30: NE data wizard Authorization Data (Nortel via LIM)
3.4.6.12 Applications
Figure 3-31: NE data wizard Applications

To set up an application for the communication with the NE, select an application (radio button) and press
the New button. The Application data wizard (see 3.4.7) is started, where you can enter the data for a
new application. Data that was entered for setting up other applications and that is also needed for the
new application is automatically taken over to the new form.
To modify application data, press the Modify button. The Application data wizard is started, where you
can modify data for the selected application.
To delete an application, select the application and press the Delete button. The selected application
record is deleted.
LIOS supports the following applications:
MMLCM. MML Command Management, to be configured for an NE to enable observation handling and
the input of MML commands from the MML console.
60/185
A30828-X9410-B082-35-7619

Issue 35
LID. Lawful Interception Data, to be configured for an NE to enable the NE to send LI tickets and LI-NE
alarms to LIOS. If LIOS is running in Admin mode, LID is used only for the sending of LI-NE alarms.
FT. File Transfer, to be configured for an NE (EWSD, version V13A and higher, and hiQ/E9200) to enable
LIOS to retrieve the data stored in LI ticket buffer files from the NE. Ticket buffer files contain LI tickets
that could not be sent to LIOS through the LID application, e.g. because of a broken connection.
EFD. Only for Siemens EWSD and hiQ/E9200. Event-forwarding discriminator, to be configured for an NE
to enable LIOS administrators to manage EFDs on the NE. EFDs are used to determine the primary and
the secondary LIOS server. Once EFDs have been defined, LIOS servers can receive LI tickets and LI
NE alarms.
If LIOS is running in Admin mode, EFD is used only for sending LI NE alarms.
3.4.7
Application data wizard
3.4.7.1 General application data
Figure 3-32: Application data wizard general data

Specify the application name and the primary and secondary LIOS servers for this application. In addition,
you can specify a port number of the Symicron X.25 links on the LIOS server that should be used for
outgoing connections.
Application. Application type (MMLCM, EFD, LID, FT) which you have selected on the previous page.
Primary LIOS server. Mandatory parameter. Primary LIOS server indicates the LIOS server that is
used for sending MML commands to an NE if the system is working correctly.
Secondary LIOS server. This field is automatically filled in when the data of the primary LIOS server
is entered. The secondary LIOS server refers to the pair LIOS server in a redundant system. If the
primary LIOS server is not working correctly (e.g. NE connection is broken), the secondary LIOS
server can take over. This happens automatically as far as MMLCM and EFD are concerned.
Regarding FT, switching to the secondary LIOS server has to be done by hand.
Port number for primary LIOS server. Mandatory parameter (only for MMLCM and EFD). It identifies
the port number of the Symicron X.25 link on the LIOS server that should be used for outgoing
connections (default is port 0).
Port number for secondary LIOS server. Mandatory parameter (only for MMLCM and EFD). It
identifies the port number of the Symicron X.25 link on the LIOS server that should be used for
outgoing connections (default is port 0).
A30828-X9410-B082-35-7619
61/185

Issue 35
3.4.7.2 OSI parameter
Figure 3-33: Application data wizard OSI

Enter the OSI parameters for the application with relevance to the NE: transport selector, session
selector, presentation selector and application entity title. Make sure that you enter exactly the same
parameters that have been specified on the NE.
The following selector addresses are mandatory OSI layer parameters for the NE communication via Q3
(for MMLCM, EFD and LID) or via FTAM for the FT application:
Selector editing. For FT application only. Select ASCII mode or Hexadecimal mode.
Input format for ASCII: all printable characters, incl. space.
Input format for Hexadecimal: 0-9, a-f, A-F.
You can also switch to the other editing mode if the selector fields have already been filled in the
character strings are instantly converted. (If non-printing characters are involved, switching between
editing modes may not work.)
Transport selector. Mandatory parameter. It identifies the transport layer (OSI layer 4).
Accepted input:
Hexadecimal: maximum length: 4 digits, for FT application 32 digits.
ASCII (for FT only): all characters, except blanks; maximum length: 16 characters.
Session selector. Mandatory parameter. It identifies the session layer (OSI layer 5).
Accepted input:
Presentation selector. Mandatory parameter. It identifies the presentation layer (OSI layer 6).
Accepted input:
Application entity title. Mandatory parameter for the application layer (OSI layer 7). The application
entity title uniquely identifies an application (MMLCM, LID, EFD or FT) within the system. It consists of
the application process title (mandatory, containing system title and APQ application program
qualifier, 4 digits max.) and the AEQ (application entity qualifier, optional, decimal number, 4 digits
max.).
The system title contains an object identifier consisting of decimal numbers separated by dots (.);
value range: 0 to 9999999. 10 components max, 2 components min. Value range: for 1st component:
0, 1, 2; for 2nd component: 0 to 39. Maximum lengths: 30 digits.
For the whole application entity title (system title + APQ + AEQ): 10 components max.
62/185
A30828-X9410-B082-35-7619

Issue 35
3.4.7.3 Passwords for EWSD and hiQ/E9200 FT
Figure 3-34: Application data wizard file group password

File group password / password confirmation. For ticket buffer management to work, a file group
must be created for the LI ticket buffer file. The file group password protects the file group. The file
group password must be the same for all ticket buffer file groups administered in the LIOS system.
higher, and for hiQ/E9200, the length has to be from 4 to 8 characters, with the following characters
allowed: uppercase and lowercase characters, digits, and the special characters % . # * + " ! $ ( ) < > ,
_ / - ? : ; = &. The NE password has to contain at least one letter, one digit and one special character.
3.4.7.4 Passwords for EWSD and hiQ/E9200 EFD
Figure 3-35: Application data wizard EFD NE password

EFD NE password / password confirmation. Only for EWSD and hiQ/E9200. A mandatory
parameter, specifying the password to protect the EFD application. Maximum length and characters
allowed depend on the NE type. For EWSD, version V13A and higher, and for hiQ/E9200, the length
has to be from 4 to 14 characters, with the following characters allowed: uppercase and lowercase
characters, digits, and the special characters % . # * + " ! $ ( ) < > , _ / - ? : ; = &. The NE password
has to contain at least one letter, one digit and one special character.
If you are setting up EFD, you have to specify an NE user name and a password only for LIOS group
none. The EFD application sends in a connection request only a password to the specified NE, the
NE user ID for this password on EWSD and hiQ/E9200 switches is normally MFKONTES (8
characters) or MFKON (5 characters) depending on the length of NE user names administered on the
NE.
Replay-protected password enabled. If selected, the password is encrypted to prevent replay. For
the encryption, time information is used (see time zone in Section 3.4.6). Replay-protected password
only works if the time in the LIOS system and on the NE is precisely the same this means
synchronization through a radio clock or an NTP (Network Time Protocol) server is necessary. Only for
EWSD V15 and higher, and for hiQ/E9200.
A30828-X9410-B082-35-7619
63/185

Issue 35
3.4.7.5 Passwords for Alcatel S12 MMLCM
Figure 3-36: Application data wizard access password (S12)

Access password. Mandatory parameter. Access password is used as an additional authorization to
access an Alcatel S12 switch through MMLCM. This field can have up to 8 characters. The allowed
characters are: uppercase and lowercase characters, digits, and the special characters % . # * + " ! $ (
) < > , _ / - ? : ; = &, where at least one digit must be present.
3.4.7.6 NE user IDs (MMLCM)
Figure 3-37: Application data wizard NE user IDs (MMLCM)

In this step you can administer the NE user authorization (i.e. NE user ID and password) for the
communication with the NE through the MMLCM application.
NE user ID and password can be assigned to one or more LIOS operator groups. Thus, to allow a LIOS
operator group to handle observations on the NE, provide an NE user ID and an NE password and
establish a logical connection between the LIOS operator group name and the NE user ID.
The NE user IDs form contains an entry for each NE user managed to access the NE. Pressing New or
Modify opens the NE user ID wizard, which helps you to manage NE passwords and cyclic password
changing.
A check mark in the Cyclic column means that cyclic password changing is enabled, an X means that it is
disabled.
64/185
A30828-X9410-B082-35-7619

Issue 35
3.4.7.7 NE user ID wizard
Figure 3-38: Application data wizard NE user ID

NE user ID. Mandatory parameter. It specifies the ID under which the selected LIOS operator group
will communicate with the NE.
higher; for hiQ/E9200; for MSC and for Alcatel S12, the length has to be from 4 to 8 characters, with
the following characters allowed: uppercase characters, digits, and the special characters + . % # *. All
NE user IDs managed on an NE must have the same length.
!
All NE user IDs must also be configured by the NE administrator on the NE.
First enter an NE user ID (account), then enter the password and the password options.
Password / Confirm. Password for the NE user ID. Maximum length and characters allowed depend
on the NE type. For EWSD, version V13A and higher; for hiQ/E9200; and MSC, the length has to be
from 4 to 24 characters, with the following characters allowed: uppercase and lowercase characters,
digits, and the special characters % . # * + " ! $ ( ) < > , _ / - ? : ; = &. The NE password has to
contain at least one letter, one digit and one special character.
For Alcatel S12, the length has to be from 6 to 12 characters, with the following characters allowed:
uppercase and lowercase characters, digits, and the special characters % . # * + " ! $ ( ) < > , _ / - ? :
; = &. There is no special constraint on the content of the NE password.
How to add a password: enter a password, repeat it and press the Add button; finally press OK.
How to modify a password: select the option button in the Order column; the password is
automatically copied to the Password and Confirm fields; edit the password in both fields; finally
press OK.
Replay-protected password enabled. See replay-protected password enabled, above.
Cyclic password change enabled. To enable cyclic password change, select this checkbox.
Cyclic password changing
To log in to an EWSD, hiQ/E9200, MSC or S12 switch, an NE user ID and a password are required.
The password has to be changed after some time, according to the settings of the NE.
A30828-X9410-B082-35-7619
65/185

Issue 35
Cyclic password changing lets LIOS do the password changing for you. For each NE enter the initial
password (to be obtained from the NE administrator) and at least three passwords of your own choice.
Select the Cyclic password change enabled checkbox. When LIOS receives a password expired
answer when accessing the NE, it automatically replaces the password with the next password in the
list; when it has arrived at the last password in the list, it starts again with the first one (leaving out the
initial password).
A check mark in the Valid column identifies the password that is currently valid on the NE. A checkmark in the Initial column identifies the password that was first provided by the NE administrator.
With the push button functions you can manage passwords. The Show passwords button enables
you to view the passwords.
Push buttons:
Add. The password entered in the Password field is added to the table.
Modify. The password entered in the Password field replaces the selected password.
Remove. The selected password is removed.
Set valid. The selected password will be the valid password.
Set initial. The selected password will be marked initial.
As a rule, the initial password will be the password originally provided by the NE administrator.
The initial password will be used for cyclic password changing.
Show passwords/Hide passwords (toggle button). Passwords are displayed in clear text.
Press this button before you make any modifications and hide passwords after that again.
OK. Your input is accepted and the form is closed.
Cancel. Your input is discarded and the form is closed.
Help. Online help is provided.
3.4.7.8 Authorization data
Figure 3-39: Application data wizard authorization data

The authorization data form serves to relate LIOS operator groups to the NE user IDs you have set up in
the NE user ID form.
Pressing Create or Modify opens the MMLCM authorization data form, where you can relate NE user IDs
to LIOS operator groups.
66/185
A30828-X9410-B082-35-7619

Issue 35
Since LIOS normally uses two LIOS servers, you can define two NE user IDs for each LIOS operator
group this will enable both LIOS servers to send MML commands simultaneously, which enhances
system speed.
It is recommended to use different NE user IDs for different LIOS operator groups.
Type here refers to the communication with the NE by means of MML. Single type means that only one
NE user ID has been specified for each LIOS operator group, regardless of the actual number of LIOS
servers in the system. Parallel type means that two NE user IDs have been specified for each LIOS
operator group.
If you are working with a single LIOS system (one LIOS server), you only need one NE user ID for each
LIOS operator group.
3.4.7.9 MMLCM authorization data
Figure 3-40: Application data wizard MMLCM authorization data

In this form you can establish a logical connection between NE user IDs and LIOS operator groups.
If a LIOS operator group has active observations on an NE, you cannot remove the connection of the
LIOS operator group with the NE user ID.
Operator group. Mandatory parameter, which identifies the LIOS operator group.
Each LIOS user can send individual MML commands to the NE. For this purpose the MML console is
provided. In this context, LIOS uses the group none to get access to the NE, regardless of the group
the LIOS operator belongs to. This means that you have to add an NE user ID and an NE password
also for the LIOS group none.
NE user ID. Mandatory parameter. The NE user ID is normally used for the communication with the
NE from the primary LIOS server.
Secondary NE user ID. Optional parameter. The Secondary NE user ID is normally used for the
communication with the NE from the secondary LIOS server. The Secondary NE user ID must be
different from the NE user ID.
Since LIOS normally uses two LIOS servers, you can define also a Secondary NE user ID for each
LIOS operator group this will enable both LIOS servers to send MML commands simultaneously,
which enhances system speed.
If you are working with a single LIOS system, you can leave this field empty.
A30828-X9410-B082-35-7619
67/185

Issue 35
3.4.7.10
FT authorization
Figure 3-41: Application data wizard FT authorization

In this step you can administer the NE user authorization (i.e. NE user ID and password) for FT on the
NE. NE user ID and password can be assigned to one or more LIOS operator groups. Thus, to allow a
LIOS operator group to access the NE, set up the group under an NE user ID.
If you press New or Modify, the FT authorization form (Figure 3-42) is displayed, where you can enter
LIOS operator group name, NE user ID and NE password.
If you press Delete, the selected authorization record is deleted.
You have to specify an NE user name and a password only for LIOS group none.
If a LIOS user tries to connect to an NE where authorization data for his group is not administered, he will
get the message Authorization failure contact your system administrator in the MML output form.
3.4.7.11
FT Authorization form
Figure 3-42: Application data wizard FT Authorization form

Operator group. Mandatory parameter, which identifies the LIOS operator group.
Specify an NE user ID and a password only for LIOS group none.
NE user ID. Mandatory parameter, specifying the NE user ID that is used for the selected LIOS
operator group for communication with an NE. Maximum length and characters allowed depend on the
NE type. For EWSD, version V13A and higher, and for hiQ/E9200, the length has to be from 4 to 8
characters, with the following characters allowed: uppercase characters, digits, and the special
characters + . % # *
68/185
All NE user IDs must also be configured by the NE administrator on the NE.
A30828-X9410-B082-35-7619

Issue 35
Replay-protected password enabled. See 'replay-protected password enabled' in the Passwords

section.
NE password / Confirm NE password. Mandatory parameter, specifying the password for the NE
user ID. Maximum length and characters allowed depend on the NE type. For EWSD, version V13A
and higher, and for hiQ/E9200, the length has to be from 4 to 24 characters, with the following
characters allowed: uppercase and lowercase characters, digits, and the special characters % . # * +
" ! $ ( ) < > , _ / - ? : ; = &. The NE password has to contain at least one letter, one digit and one
special character.
3.4.8
Reset passwords
Only for EWSD V12 and higher, and for hiQ/E9200.

You should not normally need this command.
If the LI database of the NE has got lost (NE in LI DB lost state), a LIOS operator with appropriate rights
can invoke the DB alignment operation, which will automatically reset the LI-specific passwords (LI
group command password, ID password and Audit password) on the NE and copy all relevant LI data
(observation and LEA data) from the LIOS database to the LI database of the NE. If all has successfully
finished, the state of the NE is automatically reset to Ready and the NEs LI database is again
synchronous with the LIOS database.
However, if the automatic reset of the LI passwords on the NE has failed or the NE administrator has
modified an LI password in the meantime which he should not do the DB alignment operation does
not work. In this case you must be informed by the LIOS operator. Reset passwords enables you to reset
the LI passwords administered in the LIOS system to the LI passwords administered on the NE.
When you choose Reset passwords, a form is displayed where you can modify the LI passwords. Ask the
NE administrator which passwords he has modified. Enter the modified password in the respective input
fields and leave the input fields for the other passwords untouched.
Figure 3-43: Reset passwords NE passwords form

Finally press OK. The passwords will be written to the LIOS database and the NE state will be changed
from LI DB lost to Suspended. Inform the LIOS operator that he should now effect Resume (instead of
DB alignment); Resume will recreate the lost LI database on the NE.
Reset passwords is only enabled if the NE is in LI DB lost state.
A30828-X9410-B082-35-7619
69/185

Issue 35
3.5 Host Administration: OS Servers

In a heterogeneous network, LIOS can be set up as an umbrella system to cover also foreign interception
operation systems (OS), e.g. LIM (Lawful Interception Manager) by KCC for accessing Nortel fixednetwork switches and Utimaco IMS (Interception Management System) for accessing Siemens GSM,
GPRS, HLR and HLRi switches.
Host Administration/OS Servers allows you to enter the OSs communication parameters for the
communication between LIOS servers and the OS servers. (To enter LIOSs communication parameters,
open the LIOS Servers sub-application; as a matter of course, the remote communication data must also
be entered locally on the OS server by the respective system administrator).
For foreign OS Servers must be performed an OS Server administration as well as an NE administration.
Figure 3-44: Host Administration, OS Servers

New OS server. The OS Server data wizard (see 3.5.1) is started, where you can enter the data for
the OS server to be set up.
Delete OS servers. Selected OS server records are deleted.
Before you can use this command, you must select one or more OS server records. Records will only
be deleted upon confirmation.
An OS server record can only be deleted if it has no NEs associated.
Check connection. This function invokes to check the connection for all NEs selected in the column
NE name. In the column Connection checked the result of the connection check is indicated by
symbols. In addition date and time of the connection check is displayed as well.
Activate/Deactivate OS servers. OS servers of certain types have to be activated so that LIOS can
create observations on them (see 3.5.2.3).
Filter. A filter form is displayed, where you can specify which OS servers should be displayed, and
define sorting options.
3.1.1.3.
70/185
A30828-X9410-B082-35-7619

Issue 35
Table
The table provides you with an overview of OS information; it does not contain all details. For a detailed
view, click on the OS server name (hyperlink) in the first column.
Table columns
OS server name. Name of the server of the operation system which is to communicate with LIOS.
Active. OS server activation information.
OS server activated.
OS server not activated.
OS server need not to be activated.
OS server type. Type of operation system.
OS server version. Version of operation system.
Connection checked. State of the connection check.
Never. No Connection check performed yet
Running since <date time>. Connection check is in proggess (running). Start date and start
time of the connection check is displayed. After the check is finished the state of the
connection check will be changed. The following states are possible (not OK, OK and Check
not supported)
<date time>. Connection to the NE is not OK. Date and time of the connection check is
displayed.
<date time>. Connection to the NE is OK. Date and time of the connection check is
displayed.
Check not supported. Connection check to the corresponding NE is not supported.
Actions. These actions affect only the individual record. The scope of actions available depends on
the OS server type you are working with.
Modify OS server. The OS Server data wizard (see 3.5.1) is started, where you can modify
the OS server record.
Copy OS server. The OS Server data wizard is started. It contains the values of the selected
OS server record. You can modify these values at least you have to enter a new OS server
name.
Delete OS server. The OS server record is deleted.
Before the record is actually deleted, you will be prompted for confirmation.
3.5.1
Setting up OS servers
The sequence of forms provided for setting up OS servers varies by OS server type. The following
sections show you the sequence for each type and offer you cross references to the relevant information.
3.5.1.1
KCC LIM
3. General see 3.5.2

4. Communications parameters for LIM servers see 3.5.2.1
3.5.1.2
Mediation Device (Siemens IP)

2. Parameters for Mediation Device (Siemens IP) see 3.5.2.2
A30828-X9410-B082-35-7619
71/185

Issue 35
3.5.1.3
Utimaco IMS

2. Transport system and OS server user IDs (IMS) see 3.5.2.3
3. OS server user IDs see 3.5.2.4
5. IMS authorization data see 3.5.2.6
72/185
A30828-X9410-B082-35-7619

Issue 35
3.5.2
OS Server data wizard
The OS Server data wizard is provided for creating and for modifying an OS server record.
Figure 3-45: OS Server data wizard General

OS server name. Name of the server of the operation system which is to communicate with LIOS.
Accepted input: 0..9, A...Z and . * + % #.
Provider. (Not for all OS types.) Network provider responsible for the OS server.
OS server type. Type of operation system.
OS server version. Version of operation system.
Remark. Optional parameter. Maximum length: 50 characters. All characters accepted.
Layout and content of the following form depend on the OS server type selected.
3.5.2.1 Communications parameters for LIM servers
Figure 3-46: OS Server data wizard Communication Parameters (LIM)

IP address. IP address of the OS server.
Secondary IP address. IP address of secondary OS server. Optional.
Port. IP port number of the OS Web server.
Server path. Path of the OS Web server where the OS awaits LIOS HTTP requests.
A30828-X9410-B082-35-7619
73/185

Issue 35
Accepted input: a...z, A...Z, 0..9 and \ / . _ -.

Transaction timer. Maximum time in seconds that LIOS will wait for a response from the OS
server. Once the maximum time has been reached and no response has been received, the command
sent will be treated as undefined (i.e. no response is obtainable).
Accepted input: 0-36000.
3.5.2.2 Parameters for Mediation Device (Siemens IP)
Figure 3-47: NE data wizard, transport system - Mediation Device (Siemens IP)
Transport system
IP address. IP address of the Mediation Device (MD) - used for LIOSMD communication.
IP port. Port number used for LIOSMD communication.
Accepted input: 165535
OS server user IDs. It specifies the ID under which the selected LIOS operator group will communicate
with the mediation device (= NE).
Minimum length: 1 character.
Accepted input: 0..9, a...z, A...Z and % . # * + " ! $ ( ) < > , _ / - ? : ; = &.
Password. Enter a user-defined password. Maximum length: 32 characters.
Minimum length: 1 chaacters.
74/185
A30828-X9410-B082-35-7619

Issue 35

Accepted input: 0..9, a...z, A...Z and % . # * + " ! $ ( ) < > , _ / - ? : ; = &.
Confirm. Retype password.
Access to mediation device

To give a LIOS operator group access to the mediation device, select the corresponding checkbox in the
Access permitted column next to the operator group name. To take away access, unselect the
checkbox.
The none group is always selected (you cannot unselect it). It is needed by the LIOS services.
3.5.2.3
Transport system and OS server user IDs (IMS)
Figure 3-48: OS server data wizard Transport system and OS server user IDs (IMS)
Transport system
IP address. IP address of the primary OS server (IMS) to open a RAI connection.
IP port. Port number of the primary OS server to open a RAI connection.
Backup IP address. IP address of the backup IMS server (secondary OS server) to open a RAI
connection.
Backup IP port. Port number of the backup IMS server (secondary OS server) to open a RAI
connection.
3.5.2.4
OS server user IDs
To add an OS server user ID, press New; to modify an OS server user ID, select an OS server user ID
and press Modify: the OS server user ID form is displayed. To delete an OS server user ID, press Delete.
A30828-X9410-B082-35-7619
75/185

Issue 35
Figure 3-49: OS server data wizard OS server user IDs (IMS)

OS server user ID. Mandatory parameter. It specifies the ID under which the selected LIOS operator
group will communicate with the OS server.
For Utimaco IMS only one OS server user ID is allowed.
Maximum length and characters allowed depend on the OS server type. For Utimaco IMS, version RAI
2.0, the length has to be from 1 to 20 characters, with the following characters allowed: uppercase
characters, digits, and the special characters + . % # *.
ATTENTION! The OS server user ID must also be configured by the OS server administrator on
the OS server.
First enter an OS server user ID (account), then enter the password and the password options.
Password / Confirm. Password for the OS server user ID. Maximum length and characters allowed
depend on the OS server type. For Utimaco IMS, version RAI 2.0, the length has to be from 8 to 15
characters, with the following characters allowed: uppercase and lowercase characters, digits, and the
special characters % . # * + " ! $ ( ) < > , _ / - ? : ; = &. The OS server password has to contain at
least two letters and two digits.
The password must not contain trivial sequences (e.g., edc, poi, dr5).
OS server user name and password must not have any common substring of length greater than 1.
Please note: LIOS does not check whether your input conforms to these two rules; Utimaco IMS,
however, does and it rejects all non-conforming input.
How to add a password: enter a password, repeat it and press the Add button; finally press OK.
How to modify a password: select the option button in the Order column; the password is automatically
copied to the Password and Confirm fields; edit the password in both fields; finally press OK.
Cyclic password change enabled. To enable cyclic password change, select this checkbox.
Cyclic password changing
To log in to an OS server, an OS server user ID and a password are required. The password has to be
changed after some time, according to the settings of the OS server.
Cyclic password changing lets LIOS do the password changing for you. For each OS server enter the
initial password (to be obtained from the OS server administrator) and at least three passwords of your
own choice. Select the Cyclic password change enabled checkbox. When LIOS receives a password
expired answer when accessing the OS server, it automatically replaces the password with the next
76/185
A30828-X9410-B082-35-7619

Issue 35
password in the list; when it has arrived at the last password in the list, it starts again with the first one
(leaving out the initial password).
A check-mark in the Valid column identifies the password that is currently valid on the OS server. A
check-mark in the Initial column identifies the password that was first provided by the OS server
administrator.
With the push button functions you can manage passwords. The Show passwords button enables you to
view the passwords.
Push buttons:
Add. The password entered in the Password field is added to the table.
Modify. The password entered in the Password field replaces the selected password.
Remove. The selected password is removed.
Set valid. The selected password will be the valid password.
Set initial. The selected password will be marked initial.
As a rule, the initial password will be the password originally provided by the OS server
administrator.
The initial password will be used for cyclic password changing.
Show passwords/Hide passwords (toggle button). Passwords are displayed in clear text.
Press this button before you make any modifications and hide passwords after that again.
OK. Your input is accepted and the form is closed.

Cancel. Your input is discarded and the form is closed.
Help. Online help is provided this help screen is displayed.
3.5.2.5
MMLCM authorization data
Figure 3-50: OS server data wizard MMLCM authorization data (IMS)

This page serves to relate LIOS operator groups to the OS server user ID you have set up in the OS
server user ID form.
Pressing Create or Modify displays the MMLCM authorization data form (Figure 3-51), where you can
relate OS server user IDs to LIOS operator groups.
Since LIOS normally uses two LIOS servers, you can define two OS server user IDs for each LIOS
operator group this will enable both LIOS servers to send MML commands simultaneously, which
enhances system speed.
It is recommended to use different OS server user IDs for each LIOS operator group (if the OS server
allows more than one OS server user ID).
A30828-X9410-B082-35-7619
77/185

Issue 35
Type here refers to the communication with the OS server by means of MML. Single type means that
only one OS server user ID has been specified for each LIOS operator group, regardless of the actual
number of LIOS servers in the system. Parallel type means that two OS server user IDs have been
specified for each LIOS operator group.
If you are working with a single LIOS system (one LIOS server), you only need one OS server user ID for
each LIOS operator group.
Figure 3-51: OS server data wizard MMLCM authorization data form (IMS)
In this form you can establish a logical connection between OS server user IDs and LIOS operator
groups.
If a LIOS operator group has active observations on an OS server, you cannot remove the connection of
the LIOS operator group with the OS server user ID.
LIOS operator group. Mandatory parameter, which identifies the LIOS operator group.
Each LIOS user can send individual MML commands to the OS server. For this purpose the MML
console is provided. In this context, LIOS uses the group none to get access to the OS server,
regardless of the group the LIOS operator belongs to. This means that you have to add an OS server
user ID and an OS server password also for the LIOS group none.
OS server user ID. Mandatory parameter. The OS server user ID is normally used for the
communication with the OS server from the primary LIOS server.
3.5.2.6
IMS authorization data
Figure 3-52: OS server data wizard IMS authorization data (IMS)

In the Utimaco IMS system all IMS LEA names defined must be assigned to the OS server user ID.
78/185
A30828-X9410-B082-35-7619

Issue 35
To assign a new IMS LEA name, enter the name in the input field (115 characters; all characters
accepted except comma (,), double quote (), tab stop and blank) and press Define: the name is copied to
the list below.
To modify an IMS LEA name, select the record (radio button) you wish to modify the IMS LEA name is
automatically copied to the IMS LEA name field enter the new name into the input field and press
Modify: the old name is replaced with the name you have just entered.
To delete an IMS LEA name, select the record and press Delete. You can delete an IMS LEA name only
if there are no observations on the OS server which refer to it.
3.5.3
Activate/Deactivate OS servers
Figure 3-53: Activation/Deactivate OS servers

Before you can activate an OS server, you must create an OS server record. OS server activation finally
allows LIOS to create observations on the OS server.
If, while activating an OS server, you go beyond the number of ports covered by the LIOS license
(licensed ports), a message is displayed to this effect. Inform the license owner that a new license
covering all ports used should be obtained.
If the number of ports used exceeds the number of ports covered by the license, LIOS will still function for
a certain time (20 days, as a rule). After this, the administration of observations will no longer be possible
in the entire LIOS system unless an adequate license has been obtained.
You can deactivate an OS server only if there are no NEs and no observations associated with it.
You need not deactivate an OS server for modifying it.
Table
The column headings Active, OS server name, OS server type, Port count and Locked refer to OS
servers, the column headings State and Reason refer to the last initiated activation or deactivation job,
whichever applies. If, for example, the OS server is marked as active (Active column with check mark)
and in the State column it says Failed, it means that the OS server is active and an attempt to
deactivate the OS server has failed. To view the reason for the failure, click on the hyperlink in the
Reason column.
If an OS server is in Locked state (check mark in the Locked column) an observation can not be modified
and no observation can be created.
Activation and deactivation jobs can be in the following states:
Waiting
Processing
OK
Failed
The table at the bottom of the window shows you for each OS server type how many ports are covered by
the LIOS license (licensed ports), how many have already been set up (used ports) and how many can
A30828-X9410-B082-35-7619
79/185

Issue 35
still be set up (free ports). If you exceed the number of ports, the current LIOS license will expire after 20
days; a message is displayed to this effect, and the expiration date is stated.
Push buttons:
Activate. The OS server selected in the table is activated.
Deactivate. The OS server selected in the table is deactivated.
Abort. The activation/deactivation job is aborted. You can abort a job if there is no response from the
OS server.
Close. The form is closed.
If OS server activation fails, a hyperlink appears in the Reason column. If you click on the hyperlink, the
OS servers response is displayed, which tells you the reason for the failure.
3.5.4
OS server filter
Figure 3-54: Host Administration, OS filter

OS server name. Only records are displayed whose names match the string entered. Wild cards (*
and ?) are accepted.
3.6 Host Administration: LIOS Servers

The LIOS Servers sub-application enables you to enter the local parameters for the communication with
NEs. For more information see Host Administration: NEs, Section 3.4.
80/185
A30828-X9410-B082-35-7619

Issue 35
Figure 3-55: Host Administration, LIOS Servers

New LIOS server. The LIOS Server data wizard (see 3.6.1) is started, where you can enter the data
for the applications MMLCM, LID and EFD (for the configuration of remote parameters see 3.4.6NE
data wizard and 3.5.2,
A30828-X9410-B082-35-7619
81/185

Issue 35
OS Server data wizard). Specify each application separately for each LIOS server to be set up.
Delete LIOS servers. Selected LIOS servers are deleted.
Before you can use this command, you must select LIOS server records. Records will only be deleted
upon confirmation.
Filter. A filter form is displayed, where you can specify which LIOS servers should be displayed, and
3.1.1.3.
Table
The table provides you with an overview of LIOS server information; it does not contain all details. For a
detailed view, click on the LIOS server name (hyperlink) in the first column.
Table columns
LIOS server name.
Transport systems. Transport system through which the LIOS server can communicate with NEs and
OSs. IP, X.25 or both.
Packet size. Maximum packet size at which flow control negotiation will start when an X.25
connection is established. Default value is 1024.
Window size. Maximum window size at which flow control negotiation will start. Default value is 7.
Reverse charging. This field specifies who pays for an X.25 connection. As a rule, the party who has
initiated the connection pays for it. If LIOS is operated by an organization other than the telephone
company who owns the NE, reverse charging can possibly be set to On. Default is Off.
Modify LIOS server. The LIOS server data wizard (see 3.6.1) is started, where you can
modify the LIOS server record. The LIOS server name cannot be changed the corresponding
field is read-only.
Copy LIOS server. The LIOS server data wizard is started. It contains the values of the
selected LIOS server record. You can modify these values at least you have to enter a new
LIOS server name.
Delete LIOS server. The LIOS server record is deleted..
3.6.1
LIOS server data wizard
To start the LIOS server data wizard, select new LIOS server, modify LIOS server or copy LIOS
server.
The LIOS server data wizard enables you to add, modify or copy a LIOS server record and to set up
applications for the LIOS server.
The LIOS server data wizard enables you to set LIOS server communication parameters according to the
applications used. Specify the local communication parameters for the applications MMLCM, LID and
EFD (for the configuration of remote parameters use the NE data wizard, Section 3.4.6). Specify each
application separately for each LIOS server that uses the application.
The LIOS server data wizard contains three forms for the administration of the local connection data.
Data that was entered for setting up an application and that is also needed for another application is
automatically taken over to the respective forms and need not be entered again.
82/185
A30828-X9410-B082-35-7619

Issue 35
General data
Figure 3-56: LIOS server data wizard General section

LIOS server. Select the LIOS server name from the list provided.
Transport systems
In the Transport Systems section you have to specify whether IP or X.25 is used for the communication
with NEs/OSs. If the LIOS server is connected to both systems, you can select both.
Figure 3-57: LIOS server data wizard transport systems

Transport systems:
Select IP, X.25 or both, depending on the transport system available.
X.25 data
The table contains the X.25 address data for specific connection types. There can be up to three X.25
addresses specified: one for X.25 (AFI is 36), one for X.25 over ISDN (AFI is 44) and one for local
X.25 (AFI is 48).
For creating or modifying X.25 data press the New or the Modify button. The X.25 Data form will be
displayed. For details see 3.4.6, Parameters for X.25. For removing an X.25 data record press
Remove.
A30828-X9410-B082-35-7619
83/185

Issue 35
APPLICATIONS
Figure 3-58: LIOS server data wizard Applications

To set up an application on the LIOS server for the communication with NEs/OSs, select an application
(radio button) and press the New button. The Application data wizard is started, where you can enter the
data for a new application. Data that was entered for setting up other applications and that is also needed
for the new application is automatically taken over to the new form.
To modify application data, press the Modify button. The Application data wizard is started, where you
can modify data for the selected application.
To delete an application, select the application and press the Delete button. The selected application
record is deleted.
LIOS supports the following applications: MMLCM, LID and EFD. The FT application, which covers FTAM
and FTP, need not be managed from the LIOS GUI because it is directly controlled by Solstice. For
details about the applications see 3.4.7 (please note that not all pages and fields described there are
needed for setting up applications on a LIOS server).
3.6.2
Application data form
Figure 3-59: Application data form
84/185
A30828-X9410-B082-35-7619

Issue 35
General section
Specify the application you wish to set up. In addition, you specify a port number of the Symicron X.25
links on the LIOS server that should be used for outgoing connections.
Application. Mandatory parameter. It identifies the application type (MMLCM, EFD, LID). Select an
application from the list provided.
Port number for LIOS server. Mandatory parameter (only for MMLCM and EFD). It identifies the port
number of the Symicron X.25 link on the LIOS server that should be used for outgoing connections
(default is port 0).
OSI section
Enter the OSI parameters for the application with relevance to the NE/OS server: transport selector,
session selector, presentation selector and application entity title. Make sure that you enter exactly the
same parameters that have been specified on the NE/OS server.
The following selector addresses are mandatory OSI layer parameters for the NE/OS server
communication through Q3 (for MMLCM, EFD and LID):
Accepted input:
Hexadecimal: maximum length: 4 digits.
Accepted input:
Accepted input:
Application entity title. Mandatory parameter for the application layer (OSI layer 7). The application
entity title uniquely identifies an application (MMLCM, LID or EFD) within the system. It consists of the
application process title (mandatory, containing system title and APQ application program
qualifier, 4 digits max.) and the AEQ (application entity qualifier, optional, decimal number, 4 digits
max.).
value range: 0 to 9999999. 10 components max, 2 components min. Value range: for 1st component:
0, 1, 2; for 2nd component: 0 to 39. Maximum lengths: 30 digits.
For the whole application entity title (system title + APQ + AEQ): 10 components max.
3.7 Host Administration: NE Networks

The NE Networks sub-application is available in connection with the following NE types:
Network element
Version
Siemens EWSD
Version 13 and higher
Siemens Surpass hiE9200
Version 1, 3, 3.2
Siemens Surpass hiQ9200
Version 4 and higher
Siemens IN@vantage
Version 7.5 FN
Siemens Mobile (MSC)
Version SR9, SR10, SR11 and SR12
Siemens IP Mediation Device
Version 3.5
Huawei GSM
Based on HUAWEI interface specification

version 1.24
Table 3-1: NE Networks sub-application

A30828-X9410-B082-35-7619
85/185

Issue 35
From LIOSs point of view, NEs can be organized in NE networks. NE networks are essential for
observing mobile-network subscribers; they are also needed for the monitoring of foreign directory
numbers (FDN) or inside an intelligent network (IN) on fixed-network elements. NE networks allow LIOS
operators to set up observations on each NE of the entire NE network specified by issuing only a single
observation.
An NE network can only contain NEs of the same type. It can, however, contain NEs of different versions.
An NE that is shared by several providers cannot be added to an NE network.
LIOS operator groups that have access to the NE network must have been set up as MMLCM users on
each NE of the NE network (see 3.4.7). Please also bear this in mind when you add an NE to an existing
NE network.
A Siemens EWSD version 13A can only be added to a network if such a network contains no active INobservation.
If an NE has been a member of this NE network before and, for some reason, still has child observations
pertaining to the NE network, the child observations must be canceled first. This can only be done by a
LIOS operator who is a member of the LIOS operator group that owns the NE network observations.
The NE network data form (see 3.7.1) is displayed, where you can specify NE network type, NE network
name, NE network members and NE network user authorization.
For more information see Host Administration, NEs (Section 3.4).
When you start Host Administration, NE Networks, the data displayed reflects the default filter settings. If
you wish to see another selection of data, select the Filter command from the application commands bar.
A filter form appears where you can specify criteria for the data to be displayed.
Figure 3-60: Host Administration, NE Networks

New NE network. The NE network data form (see 3.7.1) is opened, where you can enter the data for
the new NE network to be set up.
Delete NE networks. Selected NE networks are deleted.
Before you can use this command, you must select one or more NE network records. Records will
only be deleted upon confirmation.
An NE network can only be deleted if it contains no NEs.
Filter. A filter form is displayed, where you can specify which NE networks should be displayed, and
86/185
A30828-X9410-B082-35-7619

Issue 35
3.1.1.3.
Table
The table provides you with an overview of NE network information; it does not contain all details. For a
detailed view, click on the NE network name (hyperlink) in the first column.
Table columns
NE network name. Name of NE network.
NE network type. The NE network types listed in the pull-down menu depend on the license. It can be
e.g. Siemens Fixed (comprising EWSD and hiQ/E9200), Siemens Mobile (MSC),
Modify NE network. The NE network data form (see 3.7.1) is opened, where you can modify
the NE network record. The NE network name cannot be changed the corresponding field is
read-only.
Copy NE network. The NE network data form is opened. It contains the values of the selected
NE network record. You can modify these values at least you have to enter a new NE network
name.
Delete NE network. The NE network record is deleted. An NE network can only be deleted if it
contains no NEs.
3.7.1
NE network data form
To open the NE network data form, select new NE network, modify NE network or copy NE network.
Figure 3-61: NE network data form, NE network

NE network name. Name of NE network.
A30828-X9410-B082-35-7619
87/185

Issue 35
NE network type. The NE network types listed in the pull-down menu depend on the license. It can be
e.g. Siemens Fixed (comprising EWSD and hiQ/E9200), Siemens Mobile (MSC),
Select a type from the pull-down list.
Table columns
Member. If the checkbox is selected (check mark), the NE is a member of the NE network. To
add or remove an NE, select or unselect the checkbox.
If an NE is added to an NE network, child observations of observations set up on the NE network
are automatically created on the NE.
If an NE is removed from the NE network, child observations of observations set up on the NE
network are automatically canceled (cleaned) on the NE.
NE name. It shows the names of all NEs of the selected NE type which are active and have just
one provider assigned.
Operator groups. All LIOS operator groups that have access to the NE are shown here.
Access to NE network. LIOS operator group who is authorized to access the NE network.
Restrict button. The Access to NE network form is displayed, where you can restrict NE network
access to only a selection of LIOS operator groups.
However, if a LIOS operator group still owns network observations, NE network access rights cannot
be taken from it (observations should be taken over by another LIOS operator group).
Figure 3-62: NE network data Access to NE network form
88/185
A30828-X9410-B082-35-7619

Issue 35
3.8 LEA Administration

The LEA Administration enables you to specify the configuration parameters for the links to the law
enforcement agencies (LEA) and to specify parameters concerning the format of the LI data sent to a
LEA.
As regards the term LEA, NE and OS terminologies differ: EWSD and hiQ/E9200 have observation
group (OBSGRP), hiQ4200/8000 has CALEA intercept entry', MSC and Utimaco IMS have Monitoring
Center (MONC), and Alcatel S12 has virtual subscriber (TAX). In the context of LIOS it is always
referred to as LEA.
Technically speaking, Siemens EWSD, hiQ/E9200 and MSC; Siemens hiQ4200/8000; and Alcatel S12
have entirely different viewpoints of LEAs. Nevertheless, LIOS enables you to handle LEAs in much the
same manner.
For each LEA (that uses Q3) you can administer two types of links:
Link for LI tickets
LI tickets are forwarded from LIOS to the LEA through FTP or FTAM (the LIOS-specific FTAM parameters
have to be administered on each LIOS server, as is described in the User Manual Administrator).
Link for call contents
Call content data is directly sent via ISDN from the NE to the LEA. The address parameters are sent to
the NE when an observation is created.
It can happen that tickets cannot be assigned to any LEA. LIOS provides the option of automatically
routing all those lost tickets to a default LEA. (To activate a default LEA, follow the instructions in the User
Manual Administrator, Section 4.) If no default LEA has been defined, all LI tickets (LI records) that
cannot be assigned to a LEA will remain in the LIOS system. An alarm message is generated for each
unknown observation when the first LI ticket concerning this observation is received (alarm A-OIF-00009:
LI observation unknown). You can view these alarm messages with the Alarm browser.
When you start the LEA Administration, the data displayed reflects the default filter settings. If you wish to
see another selection of data, select the Filter command from the application commands bar. A filter form
appears, where you can specify criteria for the data to be displayed.
Figure 3-63: LEA Administration
A30828-X9410-B082-35-7619
89/185

Issue 35
New LEA. The LEA data wizard (see 3.8.2) is started, where you can enter the data for the new LEA
to be set up.
Delete LEAs. Selected LEAs are deleted.
Before you can use this command, you must select one or more LEA records. Records will only be
A LEA record can only be deleted if there are no active and no archived observations associated with
it. Observations can only be deleted by the LIOS supervisor.
Communication settings. The Communication Settings form (Figure 3-85) is displayed, where you
can set timers and counters for further attempts of LI ticket transfer to LEAs in case of error. The
communication settings control the transfer to all LEAs; settings for individual LEAs are not possible.
Filter. A filter form (Figure 3-64) is displayed, where you can specify which LEAs should be displayed,
3.1.1.3.
Table
The table provides you with an overview of LEA information; it does not contain all details. For a detailed
view, click on the LEA name (hyperlink) in the first column.
The name of a default LEA (see 3.8.2) is rendered in bold print.
Table columns
LEA name. LEA name.
Phone. LEA phone number provided in case ticket routing to the LEA is not working.
Address. LEA address provided in case ticket routing to the LEA is not working.
LEA ID on NEs/OSs. Number (generated by LIOS) by which a LEA is known to NEs and OSs. 6-digit
decimal number.
Modify LEA. The LEA data wizard (see 3.8.2) is started, where you can modify the LEA
record. The LEA name cannot be changed the corresponding field is read-only.
Copy LEA. The LEA data wizard is started. It contains the values of the selected LEA record.
You can modify these values at least you have to enter a new LEA name.
Delete LEA. The LEA record is deleted.
Check LEA modification. The result of a LEA modification on NEs and OSs is checked and
presented in a report. (See 3.8.4.)
3.8.1
LEA filter
90/185
A30828-X9410-B082-35-7619

Issue 35
Figure 3-64: LEA filter

LEA name. Only records are displayed whose names match the string entered. Wild cards (* and
?) are accepted.
Phone. LEA phone number provided in case ticket routing to the LEA is not working.
3.8.2
LEA data wizard
The LEA data wizard is provided for creating, modifying and copying LEA records.
3.8.2.1 LEA identification
Figure 3-65: LEA data wizard LEA identification

Enter the LEAs name, exact postal address and phone number for clear identification of the LEA. You
can also add a remark.
LEA name. Mandatory parameter. Name of the LEA. If a LEA has active observations assigned to it,
you cannot modify the LEA name.
Accepted input: 0..9, a..z, A...Z and # $ % + / ? @ _ -.
Phone. Mandatory parameter. Phone number of the LEA to be entered in case ticket routing to the
LEA is not working.
A30828-X9410-B082-35-7619
91/185

Issue 35

Accepted input: 0..9, a..z, A...Z and () /+- # * blank (whitespace).
Address. Mandatory parameter. Enter the address of the LEA in case ticket routing to the LEA is not
working.
Accepted input: all characters accepted.
Remark. Optional parameter.
Accepted input: all characters accepted.
Default LEA. Only for LIOS administrators. Of all LEAs set up in the LIOS system, one can be
specified as a default LEA. The default LEA will receive all tickets that cannot be assigned to any LEA
(stray tickets). If no default LEA has been defined, all LI tickets that cannot be assigned to a LEA will
remain in the LIOS system. An alarm message is generated for each unknown observation when the
first LI ticket concerning this observation is received (alarm A-OIF-00009: LI observation unknown).
These alarm messages can be viewed with the Alarm browser.
If this LEA is to serve as default LEA, select the checkbox.
The name of a default LEA is rendered in bold print.
3.8.2.2 Profile types
Figure 3-66: LEA data wizard profile types

In order to enable the LEA to receive tickets from NEs of a particular type, you have to define the
corresponding profile for the LEA.
Define. Select the appropriate option button (Siemens Fixed (EWSD, hiQ/E9200), Alcatel, ) and
press Define. It depends on the selected profile type whether a parameter form will be displayed or not
(press Next/Finish).
Remove. Select the appropriate option button and press Remove. The selected NE type will be
removed.
Observation parameters are necessary for creating an observation for the LEA. The choice of input
fields depends on the type of the NE or OS server that has been selected in the previous form.
Which profile types are available, depends on the license of the LIOS system you are working with.
92/185
A30828-X9410-B082-35-7619

Issue 35
3.8.2.2.1
Siemens Fixed (EWSD, hiQ/E 9200) observation parameters
Figure 3-67: LEA data wizard EWSD and hiQ/E9200 observation parameters
LEA identification on NEs. Read-only field. Number (generated by LIOS) by which a LEA is known to
NEs. 6-digit decimal number.
DN of LEA (call content). Mandatory parameter. Nationally significant directory number (LAC and DN) of
the LEA for the transmission of the call content.
1 to 24 hexadecimal digits accepted, where B is interchangeable with * and C is interchangeable with #.
DN of ticket connection. Mandatory parameter. Nationally significant directory number (LAC and DN) of
the LEA. 1 to 24 hexadecimal digits accepted, where B is interchangeable with * and C is interchangeable
with #.
Remark: Since LI tickets are not sent directly from an NE to a LEA, this number is not used for sending LI
tickets but it serves as a unique identification for a LEA in the LIOS system. This number is sent together
with the LI ticket from an NE to LIOS and enables LIOS to identify the LEA that should get the LI ticket (LI
tickets are sent from LIOS to the LEA through FTAM or FTP by using the OSI and X.25 addresses or the
IP address specified in the Transfer Protocol and Transport System forms). It is recommended to enter
here the same number as for the DN of LEA field. Once the LEA has been created, this parameter
cannot be modified.
Overflow DN (call content). Optional parameter. Nationally significant directory number (LAC and DN) of
the overflow destination for call content data. 1 to 24 hexadecimal digits accepted. Once the LEA has
been created, this parameter cannot be modified.
Length of LAC. Number of LAC digits; only for charging purposes.
Version of LI tickets. Version of the LI tickets: RECV12 (EWSD V12 and higher, hiQ9200 V4 and higher,
and hiE9200 V1 and higher), RECV13 (EWSD V13A and higher, hiQ9200 V4 and higher, and hiE9200 V1
and higher), RECV14 (EWSD V14A and higher, hiQ9200 V4 and higher, and hiE9200 V1 and higher) and
RECV17 (EWSD V17/V18 and hiE9200 V3/V3.2).
REMARK: For referring to ticket (record) layout, other names are used: record version 1 (corresponds to
RECV12), record version 2 (RECV13), record version 3 (RECV14) and record version 4 (RECV17). For
details see [4].
Version of signaling (call content). Version of signaling information in the call content connection:
SUBADD-SIGV12 (EWSD V12 and higher, hiQ9200 V4 and higher, and hiE9200 V1 and higher),
SUBADD-SIGV13 (EWSD V13A and higher, hiQ9200 V4 and higher, and hiE9200 V1 and higher),
A30828-X9410-B082-35-7619
93/185

Issue 35
SUBADD-ETSIV2 and UUS1-ETSIV2 (the latter two only for EWSD V17/V18 and hiE9200 V3/V3.2).
For SUBADD-ETSIV2 and UUS1-ETSIV2 the appropriate LI properties have to be set on the NE.
CUG name. Optional parameter. To assign the LEA to an LI CUG, select an LI CUG name from the pulldown list. If the CUG indexing activated flag has been set in the NE data, the LI CUG is referenced by an
index; if not, it is referenced by the LI CUG parameters interlock code and the network identification code.
Ticket output format. Ticket Conversion is an optional feature. It enables ticket output in the formats
Native (i.e. Siemens binary), Siemens ASCII, ETSI V2.1 (i.e. ticket format according to ETSI Standard
ES 201 671 V2.1), ETSI V2.12 National D (i.e. ETSI V2.12 with national parameters for Germany, based
on ETSI TS 101 671 V2.12.1 (2005-08)), ETSI V2.1 National A (i.e. ETSI V2.1 with national parameters
for Austria and with file naming method A applied) or Ticket Header V1. Not all ticket formats may be
available in the LIOS system you are working with (license-specific restriction). If Ticket Conversion is not
available, tickets are output as Siemens binary, which is the EWSD and hiQ/E9200 ticket format.
Transmission (Transmission mode):
Choose whether intercept-related information should be sent to the LEA through Q3 as LI tickets or in
band (INB).
Q3. Intercept-related information will be sent to the LEA as LI tickets through a Q3 interface.
ETSI HI3 encoding for EWSD V15&V16. If the network provider has EWSD V15 (hiE9200 V1) or EWSD
V16 (hiE9200 V2) switches and the call content is to be transmitted to the LEA in ETSI format, select
this checkbox. HI3 encoding can only be activated in connection with Q3.
INB (in-band IRI transmission). Transport of IRI (intercept-related information) and call content through
the same channel. If INB is used, no LI tickets are generated and there is no link for LI tickets between
LIOS and the LEA the intercept-related information is sent by the NE to the LEA together with the call
content over ISDN.
For EWSD V12, in-band IRI transmission is optional, for EWSD V11 and lower it is mandatory.
Inband RP 1. Inband reduced protocol 1 (specified for EWSD V.11). Before you can select INBRP1, you
must select INB.
Inband RP 2. Inband reduced protocol 2 (specified for EWSD V.10) with additional information
concerning the call identity used. Before you can select INBRP2, you must select INB.
NE identification number. If this checkbox is selected, the NE identification number (see Host
Administration, NE data wizard) will be transmitted to the LEA, as part of the LI ticket. For NEs of the type
Siemens EWSD, version V13A and higher, and hiQ/E9200.
COLP (connected line identification presentation) feature. If this checkbox is selected, the call
content connection will be protected through the COLP feature.
Explanation: Before the EWSD or hiQ/E9200 switch routes the call content to the LEA, it checks whether
the directory number to receive the call content is indeed identical with the number entered under DN of
LEA (call content). If the DN of the LEA has been rerouted or if a switching error has occurred, the call
content will not be sent.
Single connection (call content). If this checkbox is selected, the call content information will be
transmitted via a single 64-kbit connection to the LEA as the sum of information of the call contents of
user A and user B. If the checkbox is not selected, the A-side and B-side call content information will be
transmitted separately through two 64-kbit connections. (If the version of signaling is SUBADD-ETSIV2
or UUS1-ETSIV2, single connection is not possible.)
CLIP (calling line identification presentation) DN. For NEs of the type Siemens EWSD, version V13A
and higher, and for hiQ/E9200. This parameter specifies whether a virtual directory number (incl. LAC) of
the NE is to be displayed on the LEA telephone set.
94/185
A30828-X9410-B082-35-7619

Issue 35
3.8.2.2.2
Siemens Fixed (hiQ4200/8000) observation parameters
Figure 3-68: LEA data wizard hiQ4200/8000 observation parameters

Ticket output format. Mandatory parameter. It enables ticket output in the formats ETSI V2.1 (i.e. ticket
format according to ETSI Standard ES 201 671 V2.1), ETSI V2.1 National A (i.e. ETSI V2.1 with
national parameters for Austria and with file naming method A applied), ETSI V2.12 National D (i.e. ETSI
V2.12 with national parameters for Germany, based on ETSI TS 101 671 V2.12.1 (2005-08)), and CALEA
(depends on license), which is at the same time the hiQ 4200 ticket output format.
Call content static DN destination. Mandatory parameter. Nationally significant directory number (LAC
and DN) of the LEA for the transmission of the call content.
1 to 30 digits accepted.
Call content static DN destination 2. Mandatory parameter. Only relevant for hiQ4200/8000 R11 to
support stereo mode call content delivery; If it is not specified with a different DN the transmitting and the
receiving call content will be sent via the same DN. Nationally significant directory number (LAC and DN)
of the LEA for the transmission of the call content. You can only enter a DN destination 2 if you have
entered a DN destination.
1 to 30 digits accepted.
Note: the hiQ4200/8000 switch can be operated in ETSI mode or in ANSI mode. LIOS supports only the
ETSI mode. Therefore it is necessary that the LI option Srx/Main/hiQVariant = 2 (value for ETSI) is
set on the switch.
Also the following 2 parameters are not longer relevant:
Call content IP address.
Call content IP port.
Call data IP address. IP address where intercept-related information (LI tickets) will be sent. If LIOS is
used as a ticket mediation device (default configuration), this address must correspond to one of the LIOS
servers.
Choose the LIOS server from the drop-down list. If no drop-down list is available (lios.properties
configuration), enter the IP address (decimal numbers separated by dots).
Call data IP port. Port for IP address where the intercept-related information (LI tickets) will be sent.
A30828-X9410-B082-35-7619
95/185

Issue 35
3.8.2.2.3
Siemens MSC observation parameters
Figure 3-69: LEA data wizard MSC observation parameters

DN of LEA (call content). Mandatory parameter. Nationally significant directory number (LAC and DN) of
the LEA for the transmission of the call content.
Length: 1-16 decimal digits.
Accepted input: 0..9.
CUG name. Optional parameter. To assign the LEA to an LI CUG, select an LI CUG name from the pulldown list. If the CUG indexing activated flag has been set in the NE data, the LI CUG is referenced by an
index; if not, it is referenced by the LI CUG parameters interlock code and the network identification code.
Call protection ISDN number. This parameter specifies whether the call content connection should be
protected through call protection ISDN number. Before the call content is rerouted, the DN entered in the
observation parameters is checked against the DN of the LEA (call content) specified here. If the two
numbers do not match, the stub line connection will be released.
Length: 1-16 decimal digits.
'Native' and 'Native for MC' (= Native format including 2 bytes of header information), ETSI V2.1 (i.e.
ticket format according to ETSI Standard ES 201 671 V2.1) or ETSI V2.12 National D (i.e. ETSI V2.12
with national parameters for Germany, based on ETSI TS 101 671 V2.12.1 (2005-08)). Not all ticket
formats may be available in the LIOS system you are working with (license-specific restriction). If Ticket
Conversion is not available, tickets are output as Native, which is the MSC ticket format.
Enhanced signaling. Enhanced signaling to LEA in call content (see also Call identification below). Can
not be used together with ETSI signaling.
Call data notification. Only tickets (S-records) are sent to the LEA when the LEA is not allowed to
monitor call content forwarded in the GMSC (Gateway MSC).This parameter can only be used if Location
dependant interception is set on the NE. Not applicable for SR12.
96/185
A30828-X9410-B082-35-7619

Issue 35
Call identification. To each intercepted call a unique number (call identification) will be given. This
number will be added to the call content and LI tickets, thus enabling the LEA to put call content and
tickets together (correlation information). Enhanced signaling must be active. Call identification is
recommended.
Unrestricted digital info. Unrestricted digital information 64 kbit. The transmission of unrestricted 64-kbit
digital information in a call to the LEA is supported. Check if any type of ETSI signaling is used (LI option
UDI has to be activated on the used NE).
DTMF (dual tone multi frequency) tones. DTMF tones allowed in call content transmitted to LEA.
Interception of DTMF in tickets (call data channel CDC).
This feature enables a law enforcement agency (LEA) to receive on the call data channel digits dialed by
the monitored subscriber. These post-cut-through digits are digits dialed or signaled by the intercepted
subject after the initial call setup is completed and the call path is cut-through in both directions at the IAP
(internet access provider) switch.
Select this checkbox if the LEA terminal can handle DTMF.
ETSI signaling. Not applicable for SR9. Optional parameter. If ETSI signaling is checked, ETSI handover
interface (ETSI V2) will be used for call content and for the IRI records. For ETSI signaling type, choose
one of the following options:
User to user service information (UUS1-ETSIV2).
Subaddressing (SUBADRR-ETSIV2).
Note: If ETSI is used, the LI option ETSIHI has to be active on the NE. If Enhanced signaling is turned
on, ETSI signaling can not be used.
Location area Code(s). This parameter defines all LACs in which a LEA is allowed to monitor
intercepted subscribers. Maximum of 25 LACs can be entered (one by one with & sign or in an interval
with && sign or value X for all LACs of the related NE.
Use this parameter only if on the relevant NEs the feature Location dependant interception is activated.
Forwarded to number country code. Intercepted calls forwarded through GMSC (Gateway MSC) can
be monitored only if the LEA has the appropriate country code assigned. If you leave this parameter
blank, such calls will not be monitored. Maximum of 30 country codes can be assigned to one LEA (one
by one with & sign or in an interval with && sign). For assigning all country codes value X has to be
entered for this parameter.
Use this parameter only if Location dependant interception is activated on the relevant NEs
3.8.2.2.4
Huawei GSM observation parameters
Figure 3-70: LEA data wizard Huawei GSM observation parameters

Huawei LEA ID. Read-only field. Number (generated by LIOS) by which a LEA is known to NEs.
DN of LEA (call content). Mandatory parameter. Nationally significant directory number (LAC and
DN) of the LEA for the transmission of the call content.
Maximum length: 30 decimal digits.
DN of LEA (video content). Optional parameter. Nationally significant directory number (LAC and
DN) of the LEA for the transmission of the video content.
A30828-X9410-B082-35-7619
97/185

Issue 35

Ticket output format. ETSI and Native format are supported. ETSI is the standard format. Native is
the original ticket format as received from the Huawei GSM switch. The entries in the pull-down menu
of the output format depend on the License.
Output mode. It is possible to select Combined or Split. Combined means that the call content
information will be transmitted to the LEA as the sum of information of the call contents of user A and
user B. Split means that the A-side and B-side call content information will be transmitted separately to
the LEA.
3.8.2.2.5
Alcatel S12 observation parameters
Figure 3-71: LEA data wizard Alcatel S12 observation parameters

Maximum of 28 digits between 0 to 9 and A to E. The DN of LEA must be in national format, i.e. with
area code but without area code prefixes (such as a leading 0).
Alcatel S12 native, ETSI V2.1 (i.e. ticket format according to ETSI Standard ES 201 671 V2.1),
ETSI V2.1 National D (i.e. ETSI V2.1 with national parameters), or ASCII. Not all ticket formats may
be available in the LIOS system you are working with (license-specific restriction). If Ticket Conversion
is not available, tickets are output as Alcatel S12 native, which is the Alcatel S12 ticket format.
Note: By default HI1 notifications are created for observation activation, modification and deactivation.
These notifications are always created in ETSI V2.1 format independent from the selected Ticket
output format. To supress creation of HI1 notifications the following property has to be specified in the
lios.properties file: TicketRouter.createHI1 = 0
DN of ticket connection. Mandatory parameter. Nationally significant directory number (LAC and DN)
of the LEA. 1 to 28 characters are accepted from the sets 0 9 and A E.
Remark: Since LI tickets are not sent directly from an NE to a LEA, this number is not used for sending
LI tickets but it is used as a unique identification for a LEA in the LIOS system. This number is sent
together with the LI ticket from an NE to LIOS and enables LIOS to identify the LEA that should get the
LI ticket (LI tickets are sent from LIOS to the LEA through FTAM or FTP by using the OSI and X.25
addresses specified in the Transfer Protocol and Transport System forms). It is recommended to use
the same number as for the DN of LEA field.
Once the LEA has been created, this parameter cannot be modified.
TAXDNS for network elements. TAXDN (also called DN of virtual subscriber) identifies the virtual
subscriber, which is the Alcatel S12 term for LEA. This parameter is roughly equivalent to the
observation group ID of EWSD, hiQ/E9200 and MSC switches. There are two essential differences:
The observation group ID of a LEA is automatically generated by LIOS and sent to the switches.
98/185
A30828-X9410-B082-35-7619

Issue 35
The observation group ID of a LEA is unique within the system. A LEA is identified through the same
observation group ID by all EWSD, hiQ/E9200 and MSC switches .
The TAXDN is kept on the individual S12 switch and has to be entered in the LIOS system.The DN
of virtual subscriber is different on every Alcatel S12 switch, although it identifies the same LEA.
Enter the DNs of virtual subscribers for all switches that should have a connection with the LEA you
are setting up. The field names in this form correspond to the S12 switches that have been created in
the Host Administration. A DN must comprise at least 4 digits and as a maximum 16 digits; each digit
must be in the range of 0 to 9 and A to E. The DN of virtual subscriber must be in national format, i.e.
with area code but without area code prefixes (such as a leading 0). It is used for charging purposes,
i.e. to charge the LEA for the call content (CC) links.
A DN of virtual subscriber can be modified only if there are no active observations associated with it.
3.8.2.2.6
Huawei Fixed
For the delivery of notifications and alarm messages, Huawei C&C08 switches can handle a maximum
of three LEAs, referred to as Huawei monitoring centers. Up to three Huawei monitoring centers
(MC0, MC1 and MC2) have been set up on every Huawei C&C08 switch for this purpose (by the LIOS
administrator, with the NEs sub-application of the Host Administration). For the delivery of call content
and LI tickets, Huawei switches can handle far more LEAs. Each LEA, however, has to be associated
with a Huawei monitoring center, which actually receives notifications and alarms messages.
Huawei Fixed observation parameters
Figure 3-72: LEA data wizard Huawei Fixed observation parameters

DN) of the LEA for the transmission of the call content. A maximum of 24 characters is accepted. It
can contain digits, * and #.
Ticket output format. Currently only the ETSI V2.1 (native) format is supported. This is the original
ticket format as received from Huawei C&C08 switch. LIOS performs no mediation of IRI record
content.
Huawei MC ID. Select an ID. The LEA will be associated with the respective Huawei monitoring center
call content and LI tickets will be routed to the LEA, notifications and alarm messages to the Huawei
monitoring center. If there is an observation referring to the LEA, the Huawei MC ID cannot be
changed; this field is read-only.
HI2 processing server
Figure 3-73: LEA data wizard HI2 processing server

A Huawei C&C08 switch sends IRI records to the LIOS HI2 processing server. LIOS further forwards
the IRI records to the LEA.
A30828-X9410-B082-35-7619
99/185

Issue 35
LIOS server. This is the server that receives IRI records from the Huawei switch. Choose one of the
LIOS servers from the combo box.
HI2 IP address. This field is read-only and is automatically filled with IP address of the chosen HI2
server.
Other LEA-specific settings, e.g. COLP, concern the Huawei monitoring center itself. They cannot be
made in this form but in the LIOS Host Administration/NEs sub-application (by a LIOS administrator).
3.8.2.2.7
Huawei GSM observation parameters
Figure 3-74: LEA data wizard Huawei GSM observation parameters
Huawei LEA ID. Read-only field. Number (generated by LIOS) by which a LEA is known to NEs.
DN of LEA (video content). Optional parameter. Nationally significant directory number (LAC and
DN) of the LEA for the transmission of the video content.
Ticket output format. ETSI and Native format are supported. ETSI is the standard format. Native is
the original ticket format as received from the Huawei GSM switch. The entries in the pull-down menu
of the output format depend on the License.
Output mode. It is possible to select Combined or Split. Combined means that the call content
information will be transmitted to the LEA as the sum of information of the call contents of user A and
user B. Split means that the A-side and B-side call content information will be transmitted separately to
the LEA.
100/185
A30828-X9410-B082-35-7619

Issue 35
3.8.2.2.8
Mediation Device (Siemens IP) observation parameters
Figure 3-75: LEA data wizard Mediation Device (Siemens IP) observation parameters
This form is provided for specifying the delivery data of the LEA, i.e. IP address, port and protocol to be
used.
LEA ID. Name of the LEA. Read only.
The following parameters are optional:
User. Enter a user name.
Accepted input: a...z, A...Z, 0..9, %.#*+"!$()<>,_/-?:;=&.
Password. Enter a user-defined password.
Accepted input: a...z, A...Z, 0..9, %.#*+"!$()<>,_/-?:;=&.
Confirm. Retype the password.
The following parameters are mandatory:
IP address. LEA IP address to which the data will be delivered.
Accepted input:
IP address format (4 times 0255 separated by dots, e.g.: 155.12.0.104).
IP port. Port through which the data will be sent to the LEA.
Protocol. Protocol used for data delivery.
One record can be specified for the protocol XML_GE.
Five records can be specified for the protocols Siemens_Proprietary and ETSI_IP.
Select one of the following protocols:
XML_GE (XML Germany)

Siemens_Proprietary
A30828-X9410-B082-35-7619
101/185

Issue 35
ETSI_IP
Directory. A valid FTP address for delivering tickets.
Accepted input: a...z, A...Z, 0..9, %.#+!$(),_-;=&.
Add. Enter IP address, IP port and select a protocol. Press Add. The data you have entered is copied
into the list below.
Modify. You can modify the IP address and the IP port. The Protocol can not be modified. Select the
delivery data record you wish to modify (radio button). Enter IP address, IP port. Press Modify. The
selected delivery data record will be replaced with the data entered in the input fields above.
Delete. Select the delivery data record you wish to delete. Press Delete. The selected delivery data
record will be deleted (the number on the left will remain visible).
3.8.2.2.9
Nortel Fixed (LIM) observation parameters
Figure 3-76: LEA data wizard Nortel Fixed (LIM) observation parameters
DN of LEA (call content). Mandatory parameter. Call content destination. Nationally significant
directory number (LAC and DN) of the LEA for the transmission of the call content.
1 to 24 hexadecimal digits accepted, where B is interchangeable with * and C is interchangeable with
#.
DN of LEA 2 (call content). Optional parameter. Alternative number, which can be used as LEA
identification (COLP feature).
1 to 24 hexadecimal digits accepted, where B is interchangeable with * and C is interchangeable with
#.
Ticket output format. The ticket format provided is ETSI V2.1 National A (i.e. ETSI V2.1 with
national parameters for Austria).
LIM LEA ID. LEA identification in the LIM system. Mandatory parameter; must be unique. Accepted
input: A-Z and 0-9. Length: 4-16 characters.
3.8.2.2.10
Utimaco IMS observation parameters
Figure 3-77: LEA data wizard Utimaco IMS observation parameters
102/185
A30828-X9410-B082-35-7619

Issue 35
The communication data you enter on this page will be sent to IMS telling it where the intercepted
information should be sent. For the routing of IRI records (tickets), IMS uses its own mediation function
IRI records do not reach LIOS.
Transport of IRI records. Choose a transfer protocol and a transport system from the pull-down list.
Depending on your choice, additional fields will be displayed.
The options are FTAM/X.25, FTAM/IP and FTP. Additional fields depending on your choice will be
displayed (see Figure 3-78, Figure 3-79 and Figure 3-80).
Transport of data. This parameter is needed for an observation to be created in a GSM network. It is
automatically set to GTP* (GPRS Tunnelling Protocol) over IP.
IP address. Optional parameter. IP address of the LEAs data recording device.
Transport of voice. This parameter is needed for an observation to be created in a GPRS network. It is
automatically set to ISDN.
DN of LEA. Optional parameter. Nationally significant directory number (LAC and DN) of the LEA for the
transmission of the call content.
1 to 25 hexadecimal digits accepted.
CUG name. If you have entered a DN of LEA for the voice delivery, you can specify a CUG name; select
one from the pull-down list.
FTAM over X.25
Figure 3-78: LEA data wizard IMS, IRI records per FTAM/X.25
User ID. Mandatory parameter with a maximum of 32 characters; all characters accepted except
comma (,), double quote (), tab stop and blank.
Parameter needed for user authentication for the file transfer connection to the LEA. You have to enter
the same user ID that has been specified on the LEA terminal. The file transfer connection from IMS
and the LEA will be opened with this user ID.
Password. Mandatory parameter with a maximum of 32 characters; all characters accepted except
the same password that has been specified on the LEA terminal. The file transfer connection to the
LEA will be opened with this password.
Accepted input:
ASCII: all characters except comma (,), double quote (), tab stop and blank; length: 1 to 19
A30828-X9410-B082-35-7619
103/185

Issue 35
characters.
Hexadecimal: Hexadecimal digits; length: 1 to 38 digits.
Accepted input:
characters.
Accepted input:
characters.
Selector editing. Select ASCII mode or Hexadecimal mode.
Input format for ASCII: all printable characters except comma (,), double quote (), tab stop and blank.
Application entity. Mandatory parameter. The application entity title uniquely identifies an application
(here FTAM) within the system (OSI layer 7). The application entity title consists of application title and
AEQ. Accepted characters: decimal digits and dots; maximum length: 24 characters.
DTE (data terminal equipment) address. Mandatory parameter. Specifies the X.25 address for
routing. Maximum input: 25 digits.
FTAM over IP
Figure 3-79: LEA data wizard IMS, IRI records per FTAM/IP
The FTAM parameters are described above.
IP address. Mandatory parameter. IP address of the LEA terminal (LEMF) for IRI record reception.
FTP
104/185
A30828-X9410-B082-35-7619

Issue 35
Figure 3-80: LEA data wizard IMS, IRI records per FTP
User ID. Mandatory parameter with a maximum of 32 characters; all characters accepted except
the same user ID that has been specified on the LEA terminal. The file transfer connection to the LEA
will be opened with this user ID.
Password. Mandatory parameter with a maximum of 32 characters; all characters accepted except
the same password that has been specified on the LEA terminal. The file transfer connection to the
LEA will be opened with this password.
IP address. Mandatory parameter. IP address of the LEA terminal (LEMF) for IRI record reception.
IRI record subdirectory on LEA terminal. Optional parameter. Subdirectory on the LEA terminal
(LEMF) to which IRI records will be written. All characters are accepted except backslash (\).
3.8.2.3
LEA communication parameters
The following forms are only visible if a profile has been defined for Siemens Fixed (e.g. EWSD,
hiQ/E9200), Siemens Fixed (hiQ4200/8000), Siemens Mobile, Alcatel Fixed or Nortel Fixed (LIM), ).
Transfer protocol and authentication
Figure 3-81: LEA data wizard transfer protocol

The Transfer protocol page may not be available in LIOS Admin mode.
Choose whether FTAM or FTP should be used as file transfer protocol for the transfer of tickets to the
LEA. The form also contains the OSI parameter input fields for configuring FTAM. For information
concerning the parameters to enter contact the administrator of the LEA terminal.
A30828-X9410-B082-35-7619
105/185

Issue 35
File transfer mode

Select either FTAM or FTP as file transfer protocol. If you select FTAM, the FTAM selectors section (see
below) is displayed, which you have to fill in.
(As regards active/passive FTP, see 4.11.)
Ticket subdirectory on LEA terminal. Subdirectory on the LEA terminal to which tickets will be
written. Accepted input characters are capital and small letters, digits, minus (-), underscore and dot.
Authentication
User ID. Mandatory parameter. Parameter needed for user authentication for the file transfer
connection to the LEA. You have to enter the same user ID that has been specified on the LEA
terminal. The file transfer connection to the LEA will be opened with this user ID.
Maximum length: 20 characters;
Accepted input: all characters, except blank.
Password. Optional parameter. Parameter needed for user authentication for the file transfer
connection to the LEA. You have to enter the same password that has been specified on the LEA
terminal. The file transfer connection to the LEA will be opened with this password
Maximum length: 20 characters;
Accepted input: all characters.
Confirm password. Retype the password.
FTAM selectors (only when FTAM is selected as file transfer mode)
Figure 3-82: LEA data wizard FTAM selectors

The FTAM selectors are mandatory OSI parameters for the FTAM communication. Specify the transport,
session and presentation selectors in accordance with the LEA.
Accepted input:
ASCII: all characters, except blanks; length: 1 to 8 characters.
Accepted input:
Accepted input:
106/185
A30828-X9410-B082-35-7619

Issue 35
Selector editing. Select ASCII mode or Hexadecimal mode.

Input format for ASCII: all printable characters, incl. space.
FTAM application entity title
The application entity title uniquely identifies an application (here FTAM) within the system (OSI layer
7). The application entity title consists of application title and AEQ.
Application title (or application process title). Mandatory parameter.
It contains system title and APQ
value range: 0 to 9999999; parameters should be linked with &. Value range: for 1st component: 0, 1,
2; for 2nd component: 0 to 39. Maximum lengths: 68 characters.
APQ (application program qualifier): 4 digits max.
AEQ (application entity qualifier). Optional parameter; 4 digits max.
Transport system
The Transport System form contains details concerning the transport mechanism and the connection to
the LEA (OSI layers 1-3). These details have to be provided by the LEA.
As regards the transport system, you can choose between IP and X.25. The appropriate input fields will
be displayed.
Parameter for IP
Figure 3-83: LEA data wizard transport system (IP)

IP address. IP address of the LEA. The port number is automatically set to default.
A30828-X9410-B082-35-7619
107/185

Issue 35
Parameters for X.25
Figure 3-84: LEA data wizard transport system (X.25)

DTE (data terminal equipment) address. Specifies the X.25 address for routing. Mandatory
parameter. Maximum input: 14 digits if AFI is set to 36, otherwise 15 digits. If you press the Tab key
after entering the DTE address, the DTE address is automatically copied into the IDI field of the NSAP
address.
NSAP (network service access point) fields
AFI. Address facility identification (enter 36 for X.25 address format, 44 for ISDN address format or 48
for local X.25).
IDI. Initial domain identifier.
DSP. Domain-specific part, has to be specified in accordance with the LEA.
Mandatory parameters, only decimal digits are allowed. If AFI is set to 36 (NSAP for X.25), the fixed
length for the IDI field is 14 and the maximum length for the DSP field is 24.
If AFI is set to 44 (NSAP for ISDN), the fixed length for the IDI field is 15 and the maximum length for
the DSP field is 23. If AFI is set to 48, the IDI field is ignored and the maximum length for the DSP field
is 38.
The window size is always fixed at 7 and the packet size is always fixed at 1024.
3.8.3
Communication settings
If the sending of LI tickets to LEAs fails (e.g. connection problem), LIOS will make further attempts. In the
Communication Settings form you can set timers and counters for the transfer of LI tickets in case of
error. The communication settings control the transfer to all LEAs; settings for individual LEAs are not
possible.
Ticket retry timer (min). Waiting time (in minutes) before another file transfer will be attempted. Range:
1 to 100.
Ticket time period (hours). Length of time (in hours) during which file transfer attempts will be made.
Range: 1 to 70.
108/185
A30828-X9410-B082-35-7619

Issue 35
Figure 3-85: Communication Settings form (LEAs)
3.8.4
Check LEA modification
A LEA modification affects all NEs/OS servers on which there are observations that regard the LEA (an
MML command is sent to all NEs/OS servers involved). It can happen, however, that the modification has
not taken effect on all NEs/OS servers so that there are different versions of the LEA at the same time.
The Check LEA modification command enables you to perform a check and, in most cases, offers you a
repair operation.
Figure 3-86: Check LEA modification

Commands
Repair. A repair operation is started the LEA modification is repeated on the NEs/OS servers where
it has failed.
Abort. The repair operation is stopped no more MML commands regarding the current LEA
modification will be sent to the NE/OS server. After that the LEA will most likely not be in Consistent
state.
With Abort you can cut off the current LEA modification operation when it has become obvious that it
will not solve the problem.
Back. The LEA Administration main page is displayed again.
3.1.1.3.
Table columns
NE/OS server name. Name of NE or OS server on which there are observations assigned to the LEA.
LEA modification command state. State in which the LEA modification command is on the NE/OS
server.
States:
Waiting
. The LEA modification command is waiting for being processed by the NE/OS server.
A30828-X9410-B082-35-7619
109/185

Issue 35
Checking LEA state

checked now.
. The current LEA state was received from the NE/OS server and will be
Processing. Processing refers to the state of a LEA modification on the NE/OS server.
The percentage displayed reflects the progress of the operation (successful or unsuccessful).
OK
Failed
. The LEA has been successfully modified on the NE/OS server.

. The LEA modification has failed.

View reason. Reason why LEA modification on the NE/OS server has failed. If the reason is
given, a repair is normally possible.
3.9 LEA Administration: CUGs

The CUGs sub-application of the LEA Administration enables you to administer closed user groups
(CUGs) for LEAs. Setting up LEAs in CUGs protects them from interception and from being intentionally
blocked by external calls.
Up to 15 LI-specific closed user groups (LI CUG) can be set up on EWSD, hiQ/E9200 and MSC switches.
A LEA can be a member of only one CUG per profile (EWSD, hiQ/E9200 and MSC).
Up to 99 closed user groups can be set up on an Alcatel S12 switch.
For Utimaco IMS, LEAs can be set up in CUGs to allow delivery of intercepted voice data.
Figure 3-87: LEA Administration: CUGs

New CUG. The CUG data form (see 3.9.1) is opened, where you can enter the data for the new CUG
to be set up.
Delete CUGs. Selected CUGs are deleted.
Before you can use this command, you must select one or more CUG records. Records will only be
If a CUG still has LEAs assigned to it, it cannot be deleted.
3.1.1.3.
110/185
A30828-X9410-B082-35-7619

Issue 35
Table
The table provides you with an overview of CUG information; it does not contain all details. For a detailed
view, click on the CUG name (hyperlink) in the first column.
Table columns
CUG name. CUG name.
NE type. NE type for which the LI CUG can be used.
Remark. Remark entered.
Modify CUG. The CUG data form (see 3.9.1) is opened, where you can modify the CUG
record. The CUG name cannot be changed the corresponding field is read-only.
Copy CUG. The CUG data form is opened. It contains the values of the selected CUG record.
You can modify these values at least you have to enter a new CUG name.
Delete CUG. The CUG record is deleted.
Display LEAs. The LEAs contained in the selected LI CUG are displayed. To assign a LEA to
an LI CUG, start the LEA data wizard (see 3.8.2). With regard to Alcatel S12, a LEA cannot be
assigned to an LI CUG because on Alcatel S12 the observation itself is assigned to an LI CUG.
3.9.1
CUG data form
To open the CUG data form, select new CUG, modify CUG or copy CUG.
The CUG data form is provided for creating, modifying and copying LI CUG records.
CUG parameters
Figure 3-88: LEA Administration: CUG parameters
A30828-X9410-B082-35-7619
111/185

Issue 35
The format of the entered data specifies for which NE type the LI CUG can be used. If the LI CUG
satisfies validation conditions for all NE types, then it can be used without constraints by all observations.
The following conditions apply to the specific NE types:
To assign members to a closed user group, use the Observation form, NE-specific parameters, of the
LEA data wizard (see 3.8.2).
CUG NE type. Mandatory parameter. Select an NE type for the CUG. The CUG parameters vary
depending on the NE type.
CUG name. Mandatory parameter. Name of LI closed user group. The CUG name must be unique in
the LIOS system.
EWSD, hiQ/E9200, MSC and Utimaco IMS: 15 characters max., all characters incl. special characters
accepted.
Alcatel S12: 8 characters max.
The LI CUG name must be unique in the LIOS system.
CUG index. EWSD, hiQ/E9200 and MSC: Mandatory parameter. Closed user group index; 2
characters max., decimal numbers, range: 1 to 15. Whether an LI CUG index can be used, depends
on the configuration of the NE.
Alcatel S12 and Utimaco IMS: not used.
CUG ILC. CUG interlock code. EWSD, hiQ/E9200, MSC and Utimaco IMS: Mandatory parameter.
Closed user group interlock code for the call content connection between the intercepting NE and the
LEAs access. If no call content connection is established, this entry is without any effect. Decimal
number. Range: 0 to 65535 (EWSD and hiQ/E9200); 1 to 65535 (Siemens Mobile and Utimaco IMS).
Alcatel S12: not used.
CUG DNIC. CUG data network ID. EWSD, hiQ/E9200 and MSC: Optional parameter. Closed user
group data network identification code for the call content connection between the intercepting NE and
the LEAs access; range: decimal number, 1 to 9999.
For Utimaco IMS mandatory. For Alcatel S12: not used.
Remark. Optional parameter. Maximum length: 50 characters.
3.10 About alarms

3.10.1 LIOS alarm concept
Alarm categories
The LIOS alarm concept distinguishes between LI NE alarms, which are sent by an NE, and LIOS
alarms, which concern LIOS itself.
LIOS alarms that do not refer to a specific observation or LIOS operator group are so-called global
alarms, which can be viewed in the Alarm browser. All other alarms refer to operator groups and are
therefore called group alarms. They can be also viewed with the Alarm browser.
Alarm format
An alarm consists of an alarm code and an alarm text, which contains a short text and a description (=
long text). It can also include a comment (annotation) written by a LIOS user.
The alarm code is organized as follows:
112/185
A30828-X9410-B082-35-7619

Issue 35
Format: A-BBB-NNNNN
Alarm number
Subgroup
I for interception
Main group
Alarm origin
A for alarm
Alarm origin
The alarm origin is identified by three letters.
The 1st letter (main group) identifies the originating system:
O
for operation system (= LIOS) alarm
for NE alarm (E stands for EWSD, hiE/Q9200 and Alcatel S12)
for NE alarm (H stands for hiQ4200/8000)
for NE alarm (L stands for LIM)
for Mediation Device alarms (M stands for MD)
for NE alarm (S stands for IN)
The 2nd letter identifies the origin of the alarm:

I
for Interception
The 3rd letter (subgroup) is reserved for future use.

Alarm number
A sequential numbering of alarm types of the same main group (five digits).
Alarm and alarm type
In a LIOS context there is a difference between alarm type and alarm. Strictly speaking, what is specified
by the alarm code is the alarm type. An alarm, on the other hand, is the individual instance of an alarm; it
contains generation date and time and a sequential identification number (alarm ID).
If some types of LI NE alarms are not to be processed by LIOS, they can be selectively excluded.
Attention: this should be done only by authorized personnel. Alarms of these types will not be written to
the LIOS database. For details see the LIOS User Manual Administrator, Chapter 4.
A30828-X9410-B082-35-7619
113/185

Issue 35
3.10.2 Alarm states

open
1
3
in progress
LIOS user* name
closed
LIOS user* name
* Can be different users.
Figure 3-89: Changes of alarm states
Open. An alarm has occurred but no LIOS user has dealt with it yet.
In progress. The alarm is being dealt with by a LIOS user; the LIOS user has taken over the alarm
(1). The name of the LIOS user appears in the Responsible field.
Closed. The error underlying the alarm was corrected; the LIOS user responsible has closed the
alarm (2 and 3). The name of the LIOS user appears in the Responsible field.
3.10.3 Alarm categories
3.10.3.1 LI NE alarms
LI NE alarms are generated by the NEs (not by all NE types) and concern the LI functionality of the NE.
Most LI NE alarms are group alarms, i.e. they refer to a specific observation or LIOS operator group (a
LIOS operator can only view group alarms that address his own group). Exceptions are A-EIM-00002
(Massive DN modification) and A-EID-00008 (LI database lost), which are global alarms, i.e. they reach
all LIOS operator groups.
If certain LI NE alarms are not shown in the browser, they may have been precluded on system level from
being processed by LIOS (for details see the LIOS User Manual Administrator, Section 4.6).
The LI NE alarms that are of interest to LIOS are mentioned in the following chapters.
NOTICE REGARDING EWSD V17 and V18 ALARM RECORD LAYOUT:

EWSD V17 and V18provides a new alarm record layout in addition to the old one. LIOS can receive and
handle alarm records of the new and the old layout. To change the alarm record layout, the EWSD LI
options have to be modified.
3.10.3.1.1
LI NE alarms from EWSD, hiE/Q9200 and Alcatel S12
Alarm code
A-EIA-00010
A-EID-00008
Short text
No answer from
LEA
LEA busy
LEA connection
failure
LI database lost
A-EIG-00005
CUG error
A-EIB-00009
A-EIC-00011
114/185
Long text
No answer from LEA. Contact the NE system administrator.
LEA is busy. Contact the NE system administrator.
LEA connection failure. Contact the NE system administrator.
All LI data is lost; the NE is locked. Please launch the Observation Manager
and effect DB Alignment.
User data transmission problems: CUG error. Contact the NE system
administrator.
A30828-X9410-B082-35-7619

Issue 35
Alarm code
A-EII-00003
Short text
DN modification
A-EIK-00007
Lack of resources
A-EIL-00001
New location for DN
A-EIM-00002
Massive DN
modification
A-EIM-00004
New MSN creation
A-EIO-00006
COLP error
A-EIR-00000
DN removed
A-EIS-00012
A-EIU-00013
A-EID-00014
LEA setup failure

User-to-User3
overflow
Soft isolation
A-EID-00015
Activate switch
Long text
Modification of subscriber number. The state of the observation has been set
to ABORTED.
User data transmission problems (lack of resources). Contact the NE system
administrator.
Intercepted subscriber has new location on the NE. The observation is still
active. For details contact the NE system administrator.
Massive modification of subscriber numbers. The observations concerned
are still active on the NE. To synchronize the NE and the LIOS databases
(i.e. update the subscriber numbers in the LIOS database) start the
Observation Manager and effect DN Synchronization. Until the
synchronization has finished, the NE is locked for any other operation.
New multiple subscriber number (MSN). Contact the NE system
administrator.
User data transmission problems: COLP error. Contact the NE system
administrator.
Intercepted subscriber deleted/removed. The state of the observation has
been set to ABORTED.
General LEA setup failure. Contact the NE system administrator.
User-to-User3 overflow. Contact the NE system administrator.
Switch changes state to Soft isolation. Switch LI database is not cleared. No
new call is triggered, but calls in progress are not affected.
Switch changes state from Suspended or Soft Isolation to Ready.
Table 3-2: NE LI alarms from EWSD, hiE/Q9200 and Alcatel S12
3.10.3.1.2 LI NE alarms from LIM

Alarm code
A-LIM-01000
A-LIM-01001
A-LIM-01101
A-LIM-01102
A-LIM-01103
A-LIM-01104
A-LIM-01105
A-LIM-01106
A-LIM-01107
A-LIM-01108
A-LIM-01109
A-LIM-01110
A-LIM-01111
A-LIM-01112
A-LIM-01113
A-LIM-01114
A-LIM-01201
A-LIM-01202
A-LIM-01203
A-LIM-01204
A-LIM-01205
A-LIM-01206
A-LIM-01207
Short text
Unknown NE
Unknown DN
No answer from LEA
LEA is busy
LEA connection
failure
LI database lost
CUG error
DN modification
Lack of resources
New location for DN
Massive DN
modification
New MSN creation
COLP error
DN removed
LEA setup failure
User-to-User3
overflow
NE currently not
reachable
Line equipment
number - Site not
found
CLLI not found
Line equipment
number - Site is not
of the Type DN
ADD command on
switch failed
SURV ACT
command on switch
failed
SURV DEACT
A30828-X9410-B082-35-7619
Long text
Unknown NE
Unknown DN
No answer from LEA
LEA is busy
LEA connection failure
LI database lost
CUG error
DN modification
Lack of resources
New location for DN
Massive DN modification
New MSN creation
COLP error
DN removed
LEA setup failure
User-to-User3 overflow
NE currently not reachable
Line equipment number - Site not found.
CLLI not found

Line equipment number - Site is not of the Type DN.
ADD command on switch failed

SURV ACT command on switch failed
SURV DEACT command on switch failed
115/185

Issue 35
Alarm code
A-LIM-01208
A-LIM-01209
A-LIM-01210
A-LIM-01211
A-LIM-01212
A-LIM-01213
A-LIM-01214
A-LIM-01215
A-LIM-01216
Short text
command on switch
failed
DEL command on
switch failed
Connection to NE
failed
Too may
observations on this
NE
DN does not match
Line equipment
number - Site
NE reports error
Connection to LIOS
lost
Internal LIM Error
LISTObservation
command on switch
failed
Observation is not
active
Long text
DEL command on switch failed

Connection to NE failed (Config Error)
Too may observations on this NE
DN does not match Line equipment number - Site.
NE reports error
Connection to LIOS lost; some StatusObervation failed
Internal LIM Error
LISTObservation command on switch failed
Observation is not active anymore
Table 3-3: NE LI alarms from LIM
3.10.3.1.3 LI NE alarms from HiQ4200/8000

Alarm code
A-HIQ-00001
Short text
Switch can not
establish call content
link towards LEA
Long text
It is not possible to set up CC link towards LEA. A failure reason is provided
in alarm description
Table 3-4: NE LI alarms from hiQ4200/8000
3.10.3.1.4 LI NE alarms from IN@vantage

The following IN NE alarms are supported:
Alarm code
A-SIN-00001
A-SIN-00002
Short text
Too many
observations
Forbidden attempt
detected
Long text
The maximum number of administrated observations has been reached.
The cache configuration differs from the actual one. This can result in
inconsistencies in the database.
Table 3-5: LI NE alarms from IN@vantage
3.10.3.1.5 LI NE alarms from Mediation Device (Siemens IP)

The following LI NE alarms for Mediation Device are supported:
Alarm code
A-MIP-00090
A-MIP-00091
A-MIP-00092
A-MIP-00093
Short text
Mediation Device critical error!
Mediation Device
error!
Mediation Device warning
Mediation device LI
info
Long text
The Mediation Device has detected an critical error during execution of a
message.
The Mediation Device has detected an error during execution of a
message.
The Mediation Device has detected awarning during execution of a
message.
The Mediation Device has sent LI interface relevant information
Table 3-6: LI NE alarms from Mediation Device (Siemens IP)
116/185
A30828-X9410-B082-35-7619

Issue 35
0.1.1.1
LIOS alarms
LIOS alarms are generated by the LIOS system, owing to errors detected during the running of LIOS
itself. LIOS alarms have the letter O (standing for operation system) at the second position of the alarm
code.
Most LIOS alarms are global alarms, i.e. they reach LIOS operators of all operator groups. An exception
is A-OIF-00008 (Observation error), which is a group alarm.
LIOS alarms are the following:
Alarm code
A-OIF-00001
Short text
File transfer
connection error
A-OIF-00003
Ticket file transfer

error
A-OIF-00004
MC file sending error
A-OIF-00007
LEA data not found
A-OIF-00008
Observation has been

aborted
LI observation
unknown
A-OIF-00009
A-OIF-00011
A-OIF-00012
A-OIF-00013
Ticket buffer file

detected
Ticket buffer file
transfer OK
File transfer error
from/to NE
A-OIF-00014
Unknown NSAP
received
A-OIF-00015
Observation group
authorization failed
Important ticket
routing message
Received ticket file
cannot be saved into
LIOS
Ticket file cannot be
created
A-OIF-00016
A-OIF-00017
A-OIF-00018
A-OIF-00019
A-OIF-00020
A-OIF-00021
Problem with
processing of the
observation
Security activation
problem.
Could not identify NE.
A30828-X9410-B082-35-7619
Long text
File transfer connection to the LEA failed: received LI tickets (LI records)
could not be transferred to the LEA because of a connection error. Please
check the transport system and OSI parameters for the specified LEA (LEA
Administration). If the parameters are correct, check if the responder on the
remote system (LEA) is available. For further instructions see also the LIOS
Trouble-Shooting Guide.
File transfer to LEA has failed. Please check the transfer protocol of the
LEA (LEA Administration). Make sure that user ID and password used for
file transfer are correct. For further analyses see also the LIOS TroubleShooting Guide.
File transfer failed to send file to MC. Please check the transport system
parameters of the MC (MC Administration). Make sure that user ID and
password used for file transfer are correct.
LEA data not found in database (LEA data inconsistency): the received LI
ticket (LI record) contains a DNREC (DN of the record connection) which
cannot be related to any LEA entry in the database. This can happen when
the LIOS and the NE databases are not in line or when LIOS has received
an LI ticket of an observation which has not been created by LIOS
Observation state has been changed to Aborted. See Archived
Observations for more details.
An LI ticket (LI record) was received which refers to an LI observation
which cannot be found in the database. The reason could be that the LI
observation was not administered through LIOS. If a default LEA has been
specified, the LI ticket is routed to this LEA.
An LI ticket buffer file ('ticket file') has been detected on one NE. File
transfer has been started to retrieve the ticket buffer file.
Information: the ticket buffer file was successfully transferred from the NE
and will be processed.
The file transfer from the NE ended with an error. Please check the X.25
parameters, the OSI parameters and the user authorization parameters of
the FT application for the specified NE (Host Administration). If the
parameters are correct, check whether the FT responder on the remote
system (NE) is available.
A remote system tries to connect to a LIOS server through the LID
application by sending an NSAP (network service access point). The
NSAP, however, cannot be identified within LIOS. Please check if all NE
communication data for the LID application is administered correctly. If the
NSAP is valid, update the respective NE communication data or, if
necessary, add a new NE entry.
Observation group (OBSGRP) password is invalid. Enter the correct
password. If you need help, contact the NE system administrator.
Important message sent from ticket routing service.
The ticket file received by LIOS is either corrupted, has wrong file name or
it is not a ticket file. This file cannot be handled as ticket and was moved
into the ERROR directory (/opt/li/data/ERROR-files)
Ticket file that should be sent to the LEA cannot be created. Ticket
mediation failure or insufficient filesystem permissions prevents the file
creation.
One of the MML commands required for the observation has failed. See the
observation details to identify possible problem. Start the observation check
or repeat the action if necessary.
There is a problem with the security activation on the switch. Please
perform the activation manually.
LIOS received data from an unknown NE. Probably some NE has not
117/185

Issue 35
Alarm code
Short text
A-OIJ-00014
General Job Server

failure.
X.25 link state
changed
LIOS switched to
single database mode
Distributed write error
A-OIX-00001
A-OIX-00002
A-OIX-00004
A-OIX-00007
A-OIX-00009
A-OIX-00013
A-OIX-00014
A-OIX-00015
A-OIX-00016
A-OIX-00017
A-OIX-00018
A-OIX-00019
A-OIX-00022
A-OIX-00030
Test alarm
Not enough disk
space
Connection request
rejected by NE
LIOS is running in
single database mode
Observation
inconsistent between
NE and LIOS
Database replication
warning
Long lasting database
lock detected
Frozen database
session detected
In-doubt distributed
transaction detected
Reboot of computer
LIOS license was
modified
A-OIX-00031
LIOS license was not

found
A-OIX-00032
LIOS license
exceeded
A-OIX-00033
LIOS license expired
A-OIX-00043
DB synchronization
failed
Suspend failed during
sending of
ENTROBSID
command
Not enough swap
space
Unauthorized access
Modification of
network observation
failed
Cancellation of
network observation
failed
Creation of network
observation failed
Takeover of network
observation failed
Update of the
observation failed
Modification of an
network observation
A-OIX-00044
A-OIX-00045
A-OIX-00050
A-OIX-00051
A-OIX-00052
A-OIX-00053
A-OIX-00054
A-OIX-00055
A-OIX-00056
118/185
Long text
configured IP address correctly.
General Job Server failure.
X.25 Link state changed. Please check the X.25 link on the LIOS servers
as described in the LIOS Trouble-Shooting Guide
LIOS has switched to single database mode. Switch LIOS back to double
mode! For instructions see the LIOS Trouble-Shooting Guide.
Distributed write error: write operation to all DBs failed. Contact the LIOS
administrator to solve the problem.
Alarm for testing purposes.
Not enough disk space. Contact the LIOS administrator.
The connection request sent to the NE was rejected by the NE because of
a wrong parameter concerning the Application layer. Please check the
corresponding Application Entity Title of the OSI data (Host Administration).
LIOS is running in single database mode. Switch LIOS back to double
mode! Consult the LIOS Trouble-Shooting Guide for instructions.
Observation was inconsistent between NE and LIOS. Consequently the
observation data or state kept in LIOS was modified to match the
observation on the NE.
Possible problem with database replication detected. Please resolve
problem. For instructions see the LIOS Trouble-Shooting Guide.
Long lasting lock was detected. To find out whether the problem was
automatically resolved by LIOS, see the alarm details.
Frozen database session was detected and automatically resolved by
LIOS.
In-doubt distributed transaction was detected and forced either commit or
rollback.
Computer was rebooted.
Creation and modification of observations is not possible because LIOS
license entries were modified. Please contact the LIOS program vendor to
obtain a new LIOS license.
Creation and modification of observations is not possible because LIOS
license entries were deleted. Please contact the LIOS program vendor to
obtain a new LIOS license.
You have exceeded the scope of the LIOS license. You have 20 days to
contact the LIOS program vendor and upgrade the license. Otherwise after
20 days creation and modification of observations will no longer be
possible.
Your LIOS license has expired. Creation and modification of observations
is not possible. Please contact the LIOS program vendor and have the
license upgraded.
DB synchronization failed. For more in-detail information please refer to the
DB synchronization report.
Audit, ID and Group passwords might be lost. Start the Admin Console and
set the NE to 'LIDB lost' state. Otherwise, retry suspend.
Not enough swap space. Contact your LIOS administrator!

An unauthorized access was detected.
One or more child observations of a network observation were not
successfully modified.
successfully canceled. You can cancel these child observations explicitly.
successfully created.
successfully taken over.
The observation state was not successfully updated owing to a database
problem. Please check the observation.
One or more child observations are in Undefined state. Please perform the
observation check on all undefined child observations and try again.
A30828-X9410-B082-35-7619

Issue 35
Alarm code
A-OIX-00057
A-OIX-00060
A-OIX-00061
A-OIX-00071
A-OIX-00100
A-OIX-00101
A-OIX-00102
A-OIX-00103
A-OIX-00104
A-OIX-00200
A-OIX-00201
A-OIX-00202
A-OIX-00203
A-OIX-00204
A-OIX-00205
A-OIX-00207
A-OIX-00200
A-OIX-00201
A-OIX-00202
A-OIX-00203
A-OIX-00204
A-OIX-00205
A-OIX-00207
A-OIN-01001
Short text
cannot be performed
Observation does not
exist on the switch.
External Alarming
Identifier <name> is
unknown in External
Alarming
Transfer error to
External Alarming.
Change call data IP
address
Alarm from Huawei
CC08 switch.
Change HI2
processing server for
LEAs (in Huawei
Fixed profile).
Change HI1
processing server for
NEs (in Huawei Fixed
profile).
Modification of
parameters of
MCCFG entity failed.
Modification of
general parameters
failed.
Multiple interception
impossible
Too many subscriber
for this IMS LEA
New password not
allowed
Login failed
User locked
Feature not enabled
MC in use
Multiple interception
impossible
Too many subscriber
for this IMS LEA
New password not
allowed
Login failed
User locked
Feature not enabled
MC in use
HTTP Server not
started
Long text
Observation does not exist on the switch.
The corresponding External Alarming Identifier is unknown in the External
Alarming application and the state for this External Alarming Identifier is set
to inactive. Please contact the External Alarming Administrator to check the
name.
The connection to the External Alarming application failed, please check
the states of the External Alarming processes.
It is not possible to received tickets on one LIOS server. Please modify call
data IP address of LEAs so that it corresponds to other LIOS server.
Huawei CC08 switch has generated an alarm. Please see alarm
description for alarm details.
It is not possible to receive tickets on one LIOS server. Please modify HI2
processing server of LEAs so that it corresponds to other LIOS server.
It is not possible to receive alarms and notifications on one LIOS server.

Please modify HI1 processing server of NEs so that it corresponds to other
LIOS server.
Modification of parameters of MCCFG entity failed.',
'It is not possible to change modified parameters on the switch. Please
repeat the modification.
It is not possible to change modified parameters on the switch. Please
repeat the modification.
The same subscriber is already intercepted by another LEA, and the
maximum number of concurrent interceptions has been reached.
The maximum number of intercepted targets for this IMS LEA has been
reached. The maximum number can be changed by the IMS administrator
or choose a new IMS LEA name.
The new pasword violates the IMS password rules.
The login to the IMS has failed. Wrong user or password.
The login to the IMS has failed. Account is locked.
Execution of the command would require a optional freature on the IMS,
but the feature has not been enabled. e.g. FTP, CUG
The MC cannot be deleted. MC is still in use.
The same subscriber is already intercepted by another LEA, and the
maximum number of concurrent interceptions has been reached.
The maximum number of intercepted targets for this IMS LEA has been
reached. The maximum number can be changed by the IMS administrator
or choose a new IMS LEA name.
The new pasword violates the IMS password rules.
The login to the IMS has failed. Wrong user or password.
The login to the IMS has failed. Account is locked.
Execution of the command would require a optional freature on the IMS,
but the feature has not been enabled. e.g. FTP, CUG
The MC cannot be deleted. MC is still in use.
Jetty HTTP server could not be started.
Table 3-7: LIOS alarms
3.11 Alarm browser

The Alarm browser can be used to view all alarms and to document the processing states of alarms (see
3.10.2).
The LIOS alarm concept (see 3.10.1) distinguishes between LI NE alarms, which are sent by an NE, and
LIOS alarms, which concern LIOS itself.
A30828-X9410-B082-35-7619
119/185

Issue 35
LIOS alarms that do not refer to a specific task or operator group are so-called global alarms. All other
alarms, which refer to operator groups, are group alarms.
Alarm browser sub-applications
Alarms. Viewing and handling of all global alarms and group alarms (see 3.10.1) kept in the LIOS
system.
Alarm types. Alarm types (with alarm codes and short text). In the Alarm types sub-application (see
3.11.3) a LIOS administrator can determine which alarm types should have a high priority. All LIOS
users will be reminded as long as high-priority alarms (VIP alarms) are still pending (i.e. in Open
state). For an explanation of alarm type, see 3.10.1.
Alarm Reminder. If high-priority alarms occur, you are alerted instantly by an exclamation mark ( )
appearing at the bottom left. In fact, the exclamation mark tells you that there are still high-priority alarms
pending (i.e. in Open state or in progress). If you click on an exclamation mark, the Alarm browser is
opened.
Which alarm types should be covered by the Alarm Reminder, can be configured by a LIOS administrator
with the change priority command of the Alarm types sub-application.
If you cannot deal with the alarms immediately and you feel disturbed by the exclamation marks
appearing, switch the Alarm Reminder off (Alarm Reminder on/off command).
3.11.1 Alarm browser: Alarms

When you start the Alarm browser, the data displayed reflects the default filter settings. If you wish to see
another selection of data, select the Filter command from the application commands bar. A filter form
Figure 3-90: Alarm browser, Alarms

Take over alarms. The alarm state (see 3.10.1) is set to In progress and your user name will appear
in the Responsible field. You can apply this command to alarms that are in Open state ( icon) if you
120/185
A30828-X9410-B082-35-7619

Issue 35
are about to deal with the underlying problem. The icon will change to
more than one alarm at the same time.
. You can change the state of
Close alarms. The alarm state is set to Closed. You can apply this command to alarms that are in In
progress state ( icon) and Open state ( icon) where the problems underlying them have been
solved. The icon will change to . Your user name will appear in the Responsible field. You can
change the states of more than one alarm at the same time.
Alarm Reminder on/off. Toggle switch command. The Alarm Reminder is switched on or off.
Filter. A filter form (Figure 3-92) is displayed, where you can specify which alarms should be
3.1.1.3.
Table
The table provides you with an overview of alarm information; it does not contain all details. For a detailed
view (Figure 3-91), click on the alarm ID (hyperlink) in the first column.
Table columns
Alarm ID. Sequential number that identifies the individual alarm instance.
Time. Date and time when the alarm was generated.
State. State of the alarm.
(For detailed information see 3.10.2.)
Responsible. LIOS user who has taken over or closed the alarm.
Alarm type. Alarm code that identifies the alarm type (for an explanation of alarm type see 3.10.1).
Short text. Brief alarm information.
External alarming state (optional): State of the alarm message with respect to external-alarming. If
the field is empty, the alarm was not handled by PIMS. The external-alarming state can be:
Sent. The alarm message was sent to the PIMS application for all external-alarming identifiers
that are administered for this alarm type.
Error. The alarm message could not be sent to the PIMS application.
Partly. The alarm message was sent to the PIMS application for some, but not for all externalalarming identifiers administered.
No recipient defined. No external-alarming identifier has been defined for this alarm type.
Note: The PIMS application has a possibility to log all messages that are sent for an external-alarming
identifier.
Annotated. A check ( ) in this field means that an annotation has been made to the alarm. To read
the annotation, click on the alarm ID, to edit the annotation, click on the Annotation ( ) icon in the
Actions column.
Annotation. The Annotation form is displayed, where you can read and edit an annotation
made to an alarm or add one yourself. The annotation is saved in the database. An annotation to
an alarm can be made by any LIOS user, not only by the one identified in the Responsible field.
Take over alarm. The alarm state is changed to In progress. You can apply this command to
an alarm that is in Open state ( icon) if you are about to deal with the underlying problem.
A30828-X9410-B082-35-7619
121/185

Issue 35
Close alarm. The alarm state is changed to Closed. You can apply this command to an alarm
that is in In progress state ( icon) and Open state ( icon) where the problems underlying
them have been solved.
Figure 3-91: Alarm details
122/185
A30828-X9410-B082-35-7619

Issue 35
3.11.2 Alarm filter

Figure 3-92: Alarm filter

and push buttons see 3.1.3.1.State. State of the alarm.
(For detailed information about alarm states see 3.10.2.)
Responsible. LIOS user who has taken over or closed the alarm.
Source. LIOS server where the alarm has originated.
NE/OS server name. Name of NE or OS server on which the observations were created.
LEA name. Law enforcement agency.
Observation ID. Sequential number that uniquely identifies the observation.
LIOS operator. LIOS operator who owns the observation.
Operator group. LIOS operator group to which the observations belong.
It is possible to filter for global alarms and for group alarms of an operator group.
For global alarms select system in the Operator group field.
For group alarms select a specific operator group in the Operator group field (only the
alarms of the selected operator group are shown).
A30828-X9410-B082-35-7619
123/185

Issue 35
3.11.3 Alarm browser: Alarm types

In the Alarm types sub-application, a LIOS administrator can determine which alarm types should have a
high priority. All LIOS users will be reminded as long as high-priority alarms (VIP alarms) are still
pending (i.e. in Open state).
When you start the Alarm browser (Alarm types), the data displayed reflects the default filter settings. If
you wish to see another selection of data, select the Filter command from the application commands bar.
A filter form appears, where you can specify criteria for the data to be displayed.
Figure 3-93: Alarm browser: Alarm types

Change priority. Toggle switch command. The priority of the alarm type is changed from high to low
and vice versa. If an alarm type has high priority, you, LIOS operators and supervisors will be informed
immediately when an alarm of this type occurs and reminded as long as it is pending (i.e. in Open
state or in progress): an exclamation mark ( ) appears in the users browser window.
Filter. A filter form (Figure 3-95) is displayed, where you can specify which alarm types should be
3.1.1.3.
Table
The table provides you with an overview of alarm type information; it does not contain all details. For a
detailed view (Figure 3-94), click on the ID (hyperlink) in the first column.
124/185
A30828-X9410-B082-35-7619

Issue 35
Table columns
Short text. Brief alarm information.
High priority. A check mark in this column indicates that the alarm type has high priority: High-priority
alarms are covered by the alarm reminder.
Change priority. Only for LIOS administrators. Toggle switch command. The priority of the
alarm type is changed from high to low and vice versa.
By clicking on the Alarm type in the Alarm browser the details of the alarm type are shown.
Figure 3-94: Alarm type details Alarm type filter
Figure 3-95: Alarm type filter

Alarm category. See 3.10.3.
LIOS alarms. LI alarms generated by LIOS.
A30828-X9410-B082-35-7619
125/185

Issue 35
NE alarms. LI alarms generated by NEs.

126/185
A30828-X9410-B082-35-7619

Issue 35
3.12 MML Handling

3.12.1 MML command states
State changes during the sending of MML commands
1
6
queued
aborted
canceled
4
running
3
7
finished
undefined
Figure 3-96: MML command states
Queued. The MML command is queued in the LIOS system and waits for session establishing (1).
Running. The MML command has been sent to the NE and is being processed on the NE (2).
Finished (final state). The MML command has been successfully processed on the NE (3).
Canceled (final state). The MML command was canceled by the NE because of some errors (e.g. invalid
parameters etc.) (4).
Aborted (final state). The MML command was aborted by LIOS because of a fatal error (e.g. connection
problems) (5 and 6).
Undefined. The communication with the NE was interrupted after the command was submitted LIOS
has not received a response from the NE. (7).
3.13 MML console

In some situations you may wish to send single commands to an NE or OS; this you can do from the
MML console.
The commands will normally be MML commands. If, however, the communication with an NE or OS
requires a different language (e.g. XML), the MML console provides commands that look like MML but
that are subsequently transformed to the language required. In any case, use the MML console and use
the commands provided.
For information that applies to the LIOS GUI in general, choose Help from the navigation menu on the
left.
When you have started the MML console, you also have to connect to an NE/OS server. Choose New
connection from the Quick menu a selection form is displayed where you can select an NE/OS server.
After that, all functions of the MML console are available.
A30828-X9410-B082-35-7619
127/185

Issue 35
Selection form
Figure 3-97: Selection form

To select an NE or OS server, you have two options:
Type an NE or OS server name into the Selected field or
Define a filter in the Filter field (wild-cards: * and ?) and press Reload. Then select an NE or OS
server from the list provided.
Finally press Next. The form is closed and a connection for the MML console is established.
Figure 3-98: MML console

From the Quick menu you can choose the following commands:
New connection. A connection to another NE/OS server is set up in addition to the current connection
Clear connection. The currently active connection is closed. The MML console remains open.
Close MML console. The MML console is closed.
The Allowed commands pull-down list contains all MML commands you can use; for a list of MML
commands for LIOS administrators, see 3.13.2. If you are dealing with an old EWSD version, some MML
commands do not work. For detailed information about MML commands see the documentation of the
respective NE/OS server type.
How to enter MML commands is described in Section 3.13.1.
If you wish to send MML commands also to other NEs or OSs, you have to open new connections (Quick
menu/New connection). All connections established will be displayed as different views in the same MML
128/185
A30828-X9410-B082-35-7619

Issue 35
console window. To switch between different connections use the Connected to NE/OS server pulldown list.
Table
Each command you submit during the current session of the MML console is listed in the table of the
MML console.
If you close and reopen a connection to an NE/OS server, the MML console table and the Command
history list are empty again.
If you wish to see the NEs/OSs response, click on the job ID of the respective MML command (Figure
3-99).
The table of MML commands in the MML console window shows only the MML commands entered within
one MML session. This means that after closing and reopening the MML console, the table of MML
commands is empty again. However, all previously sent MML commands are listed in the MML browser
window (see 3.14). (All MML commands are also written to a log file which can be inspected by the LIOS
supervisor.)
All commands are sent within one NE/OS server session.
Table columns
Job ID. Unique MML job identification. If you click on the job ID of a command, a form with the
NEs/OSs response to the MML command appears (Figure 3-99).
CP ID. Sequential number given to the MML command by the coordination processor (CP) of the
NE/OS server.
MML command. Name of the MML command.
NE/OS server name. Name of the NE or OS to which the MML command was sent.
Time. Date and time when the command was sent.
State. State of MML command.
The state can be Queued, Running, Finished, Canceled, and Aborted.
LIOS user. LIOS user who has issued an MML command via Console.
Operator group. Group to which the operator belongs.
Observation ID. Not relevant.
Actions. Not relevant.
A30828-X9410-B082-35-7619
129/185

Issue 35
Figure 3-99: MML console, NE/OS server response

A Refresh button is provided so that the output can be dynamically updated while you are waiting for the
command to finish.
3.13.1 How to enter an MML command
Type the MML command with the parameters required and a closing semicolon into the MML input line
and press the Send button or the Enter key.
If a command requires user interaction or if you have entered a command incomplete, the Prompt form
(Figure 3-100) appears, where the NE/OS server response is displayed and where you are informed
about which parameter you should submit next. Prompting works only in connection with Siemens Fixed,
Siemens Mobile, Siemens hiE and Alcatel S12.
130/185
A30828-X9410-B082-35-7619

Issue 35
In this way you can also have the NE/OS server guide you through the input procedure: enter the
command without parameters and without closing semicolon and press Send. This can come in handy if
you are entering a complex MML command.
Figure 3-100: MML console, Prompt form

Enter the parameter prompted and press OK.
If you press Cancel, the NE/OS server will prompt you to enter the next parameter.
If you enter a semicolon and press OK before you have entered all mandatory parameters, the MML
command will be canceled.
Prompting works differently with Alcatel S12 switches: you have to enter a semicolon after the command
and after each parameter; if you do not, the command is canceled by the switch.
To enter a command you can also choose one from the Allowed commands pull-down list, which
contains all MML commands a LIOS administrator is permitted to use, or from the Command history pulldown list, which contains all MML commands with parameters you have entered in the currently active
view during the current MML console session. The Command history and the Allowed commands
functions are NE/OS-server-type-specific: i.e. depending on the switch or OS type you are communicating
with, the MML commands appropriate for the switch type are provided. If, for example, you are
communicating with an EWSD switch (active view), the Command history list will provide the 20 last
MML commands sent to EWSD switches during the current MML console session.
If prompting does not work, the Web browser you are using may not allow pop-ups received from the
LIOS server. Modify the browser settings.
3.13.2 MML commands for LIOS administrators
As a LIOS administrator you can enter the following MML commands.
Siemens EWSD, hiQ/E9200 and MSC
ACTMOBS
DISPDN
ACTOSITRAC
DISPEXDDAT
ACTX25TRAC
DISPFILE
CANCUG
DISPJOB
CANJOB
DISPLIOPT*
CANMOBS
DISPLNLCKOUT
CANSERVCUG
DISPLTG
CONFX25LINK
DISPMOBS
CRFGRP
DISPMOBSDAT
DISPAPPL
DISPNUC
DISPAUTCL
DISPOBSCALL
DISPCAC
DISPOBSGRP
DISPCONN
DISPOSIADR
DISPCUG
DISPPA
DISPCXDN
DISPPBX
DISPCXPBX
DISPPBXLN
DISPCXPBXLN
DISPPORT
DISPCXSUB
DISPPRO
A30828-X9410-B082-35-7619
DISPSLNACC
DISPSUB
DISPTGRP
DISPTIME
DISPTRUNK
DISPUSERID
DISPV5IF
DISPX25DTE
DISPX25LINK
DISPX25ROUTE
DMPOSITRAC
DMPX25TRAC
ENDSESSION
ENTRCUG
ENTROBSID
ENTRSERVCUG
MODFGRP
MODLIOPT*
MODSUB
MODUSERID
SELMOBS
SETFGRPPW
STATBA
STATDIU
STATDLU
STATDLUMOD
STATDLUPORT
STATLTG
STATPBXLN
STATPORT
STATSSP
STATSUB
STATTRUNK
STATX25DAT
STOPJOB
TESTSUB
131/185

Issue 35
DISPDBSIZE
DISPDLUPORT
DISPPSWDAT
DISPSERVCUG
MODOBSID*
MODPSW
*Not for EWSD V11.

Siemens hiQ4200/8000
GETCALEAINTERCEPT
GETVERSION
These commands are automatically converted by LIOS to XML, which is the format used for the
communication with hiQ4200 and hiQ8000 exchanges.
Siemens IN@vantage
TESTSCP
Siemens IP mediation device
CHANGEPASSWORD
QUERYDCGROUPS
QUERYDCGROUPPROFILE
QUERYLOGFILE
Alcatel S12
DISPLAY-ACTIVE-ALARMS
DISPLAY-CUG
KCC LIM
TESTLIM
This command is automatically converted by LIOS to XML, which is the format used for the
communication with LIM.
Utimaco IMS
MCLIST
Huawei Fixed
SET GP
LST GP
MOD HI2CFG
LST HI2CFG
Huawei GSM
STARTLEA
CLOSELEA
EXITLEA
TEST
For detailed information about MML commands see the documentation of the respective switch or
operation system.
132/185
A30828-X9410-B082-35-7619

Issue 35
3.14 MML browser

The MML browser enables you to view MML commands. The following MML commands can be available
in the MML browser:
"
All MML commands of an Administrator user sent during current and previous sessions via MML
console.
Figure 3-101: MML browser

For information that applies to the LIOS GUI in general, select Help from the navigation menu on the left.
Filter. A filter form is displayed (see chapter 3.14.1), where you can specify which MML command
records should be displayed, and define sorting options.
3.1.1.3.
Table
The table contains all MML commands of an Administrator user sent during current and previous
sessions via MML console.
Table columns
Job ID. Unique MML Job identification. If you click on the job ID of a command, a form with the NEs
response to the MML command appears.
CP ID. Sequential number given to the MML command by the coordination processor (CP) of the NE.
MML command. Name of the MML command.
NE name. Network element to which the command was sent.
Time. Date and time when the command was issued.
State. State of the MML command.
The state can be Queued, Running, Finished, Canceled, Aborted and Undefined.
LIOS user. LIOS user who has issued an MML command via console.
Actions. Not relevant.
3.14.1 MML filter
If you wish to reduce the number of MML jobs displayed, you can define a filter. If a field is empty or not
selected, it has no influence on the filtering process.
A30828-X9410-B082-35-7619
133/185

Issue 35
Figure 3-102: MML filter

NE/OS server name. Network element to which the command was sent.
Command. MML command.
MML command type. This filed allows filtering of jobs from console.
State. State of the MML command.
(For detailed information see 3.12.1 MML command states)
LIOS user. LIOS user who has issued an MML command via console.
134/185
A30828-X9410-B082-35-7619

Issue 35
3.15 EFD Administration

Only for Siemens EWSD and hiQ/E9200.
LI EFDs (Event-Forwarding Discriminators) are mechanisms to be activated on some switch types
(EWSD, hiQ 9200 and hiE 9200) for forwarding LI tickets and LI-specific alarms to LIOS or other systems.
An EFD essentially tells the NE what types of events it should forward and to which destination.
LIOS is interested in two types of events:
Tickets (LI records): containing information related to an intercepted subscriber,
NE alarms (LI infos): alarms raised during LI functionality execution.
The LIOS EFD Administration renders the management of EFDs convenient and gives you a good
overview of EFDs created on the NEs that are connected with the LIOS system.
To manage the communication with an NE and to set up applications for this purpose, use the LIOS Host
Administration. The Host Administration also enables you to set up the EFD application, which is
prerequisite for the LIOS EFD Administration to work.
EFD types
LIOS EFDs. EFDs that have been created by the LIOS EFD Administration and are kept in the LIOS
database; foreign EFDs that have been taken over by the LIOS EFD Administration. LIOS EFDs
always have lawful interception as their objective.
Foreign EFDs. EFDs that were not created by LIOS and that were not taken over by LIOS.
Foreign EFDs can have lawful interception as their objective (i.e. forwarding of LI tickets or NE
alarms); in this case they can be taken over by the LIOS EFD Administration.
Foreign EFDs that have been created for purposes other than lawful interception can be displayed in
the LIOS EFD Administration for informational purposes, but cannot be manipulated.
Whether you can view and handle foreign EFDs, depends on the functional scope of the LIOS system
you are working with (license key).
When you start the EFD Administration, the data displayed reflects the default filter settings. If you wish to
see another selection of data, select the Filter command from the application commands bar. A filter form
Figure 3-103: EFD Administration
A30828-X9410-B082-35-7619
135/185

Issue 35
New EFD. The EFD data wizard (see 3.15.2) is started, where you can enter a new EFD to be
created. The EFD can be created on one or more NEs at the same time.
The newly-created EFDs are automatically marked as LIOS EFDs they can subsequently be
administered through the EFD Administration.
As EFDs are being set up on the NEs one by one, there state changes to OK or, in case of failure, to
Undefined. You are also advised through a summary message whether the creation of EFDs has been
successful.
To find out what has gone wrong with individual EFDs, invoke a Validate operation.
Delete EFDs. Selected EFDs are deleted.
You can only delete LIOS EFDs, i.e. EFDs which were created by the LIOS EFD Administration or
taken over. You can also delete an EFD record which exists in the LIOS database but not on the NE
(Not on NE state).
You will be asked if you really want to delete EFDs. Finally a message confirming the deletion is
displayed.
Ignore EFDs. If EFDs do not interest you, select them and choose Ignore EFDs. EFDs are set to
Ignored state. If you apply Ignore EFDs on LIOS EFDs, they become foreign EFDs and can no longer
be manipulated with the LIOS EFD Administration.
If you have used Ignore EFDs erroneously, you can undo the action with Take over EFDs.
Take over EFDs. Foreign EFDs are taken over and are henceforth LIOS EFDs they can be
manipulated with the LIOS EFD Administration as if they had been created by it.
You can apply Take over only on foreign EFDs that have Lawful Interception (LI) as their objective, i.e.
forwarding of LI tickets or NE alarms. If EFDs have got lost in the LIOS DB and are still kept on the
NE, they are foreign EFDs from the LIOS point of view, although they may have been created by the
LIOS EFD Administration. You can recover them by using Take over.
Validate NEs. LIOS checks whether the EFD is consistent with the EFD currently active on selected
NEs (see 3.15.3).
Filter. A filter form (Figure 3-104) is displayed, where you can specify which EFDs should be
3.1.1.3.
Table
The EFD Administration table provides you with an overview of the EFDs that were created on the NEs
set up in the LIOS system. The table provides you with an overview of EFD information; it does not
contain all details. For a detailed view, click on the EFD ID (hyperlink).
Table columns
EFD ID. Automatically generated by LIOS. It uniquely identifies the EFD within the entire LIOS system.
Discriminator ID. Identifier of EFD, unique on the NE.
NE name. Network element where the EFD has been set up.
Active destination. Currently valid primary address to which events are sent by the NE.
Backup. Fall-back target address for events in case the destination cannot be reached. (In case of
foreign EFDs, it can be more than one address.)
Forwarding. Forwarded events: tickets, NE alarms or both. n/a indicates that the EFD is not a LIOS
EFD.
State. The state of an EFD can be OK, Not in DB, Not on NE, DB != NE; Error, Undefined,
Ignored and Processing.
136/185
A30828-X9410-B082-35-7619

Issue 35
LIOS EFD. A checkmark indicates that the EFD is a LIOS EFD, i.e. it has lawful interception as its
objective and has been created or taken over by LIOS. Otherwise it is a foreign EFD.
This field can be modified only indirectly, through Take-over and Ignore.
Validate. LIOS checks whether the EFD is consistent with the EFD currently active on the NE
(see 3.15.3).
Modify. The EFD data wizard (see 3.15.2) is started, where you can modify the destination
and the backup destination(s) of the EFD You can only modify LIOS EFDs.
Delete. The EFD record is deleted.
Synchronize. The EFD data is read from the NE and written to the LIOS database (DB). If a
Validate operation has revealed discrepancies between NE and LIOS DB, you can apply
Synchronize if the NE data is correct and the LIOS data is faulty.
You can apply Synchronize only on LIOS EFDs.
Align. EFD data is read from the LIOS database (DB) and written to the NE. If a Validate
operation has revealed discrepancies between NE and LIOS DB, you can apply Align if the LIOS
DB data is correct and the NE data is faulty.
You can apply Align only on LIOS EFDs.
Take over. The EFD is taken over.
Ignore. The EFD is ignored.
3.15.1 Filter
Select the view or views you wish to appear in the main window. By setting filter criteria you can restrict
the data to be displayed. If a field is empty or not selected, it has no influence on the filtering process.
Figure 3-104: EFD Administration filter

NE name. Network element.
State. The state of an EFD can be OK, Not in DB, Not on NE, DB != NE; Error, Undefined,
Ignored and Processing.
LIOS EFDs only. Checkbox. If selected, only LIOS EFDs are shown.
3.15.2 EFD data wizard
The EFD data wizard enables you to manage EFDs on all NEs set up in the LIOS system.
A30828-X9410-B082-35-7619
137/185

Issue 35
Common EFD data
Figure 3-105: EFD data wizard common EFD data

NE name. Name of target NE. If you are creating an EFD, select one or more NEs from the available
NEs list (how to shift items between the lists with the arrow push buttons and with the Ctrl and Shift
keys is explained in Section 3.1.2.1).
Discriminator ID. It identifies the EFD on the individual NE; it must be unique only on the NE.
Accepted values: 0 and positive and negative 32-bit integers (value range -2^31-10 to 2^31-1).
State. Read-only field. The state of an EFD can be OK, Not in DB, Not on NE, DB != NE; Error,
Undefined, Ignored and Processing.
Remark. You can add a remark here. 150 characters max. (In the Modify and Details forms this field is
read-only.)
Last validation. Read-only field. Date and time of the last validation of the EFD carried out through
LIOS. (Details form only)
Creation date. Read-only field. Date and time of creation of the EFD carried out through LIOS (Details
form only).
Error report. Read-only field. If an EFD Administration operation has failed, partially or as a whole, an
error report is generated. The error report always refers to the last operation.
138/185
A30828-X9410-B082-35-7619

Issue 35
EWSD-specific parameters
Figure 3-106: EFD data wizard parameters for EWSD and hiQ/E9200
Active destination. Read-only field. LIOS server to which events are being sent by the NE:
application entity title of the LID application set up on the LIOS server.
Destination. LIOS server to which events are normally forwarded: application entity title of the LID
application set up on the primary LIOS server (see 3.6.2). Input format: decimal numbers separated by
dots (e.g. 0.2.262.1.1.9202.16).
Backup destination. LIOS server (fall-back destination) to which events are forwarded if the primary
LIOS server cannot be reached by the switch: application entity title of the LID application set up on
the secondary LIOS server. Input format: decimal numbers separated by dots. (Some foreign EFDs
can have more than one backup destination.)
Tickets (checkbox). If selected, LI tickets (LI records) are/will be forwarded through the EFD.
NE alarms (checkbox). If selected, NE alarms (LI infos) are/will be forwarded through the EFD.
Object class. Read-only field. Object IDs generated by the switch for EFDs..
Name binding. Read-only field. EFD attribute.
Package list. Read-only field. EFD attribute.
A30828-X9410-B082-35-7619
139/185

Issue 35
Confirmed mode. If activated, user requests are confirmed by the NE after execution. Confirmed
mode should always be activated.
Administrative state. Read-only field. The EFD can be in the following administrative states:
Unlocked: processing of the information by the discriminator is permitted by a managing system.
Locked: processing of the information by the discriminator is prohibited by a managing system.
Shutting down: the EFD is not operational owing to a shutdown of the NE.
Operational state. Read-only field. The EFD can be in the following operational states:
Disabled: the discriminator is not operational.
Enabled: the discriminator is operational
3.15.3 Validate
LIOS checks whether EFDs kept in the LIOS database are consistent with EFDs currently active on NEs.
If you wish to validate one or several EFDs, select them. If you wish to invoke a global validation, unselect
all EFD records in the table.
At such a global validation, the following actions are taken:
All NEs available are asked (polling) whether they have EFDs set up on them. The result is compared
with the LIOS database. As regards a LIOS EFD, the discrepancies between an NE and LIOS DB can be
as follows:
1. The EFD is kept on the NE, but not in the LIOS database the Synchronize button is available; the
EFD will be entered in the LIOS database and an annotation will be added which states that the EFD
was originally kept only on the NE.
2. The EFD is kept in the LIOS database but not on the NE the Align button is available; an annotation
will be added which states that the EFD was originally kept only on the NE.
3. The EFD is kept on the NE and in the LIOS database, but its values are not identical the
Synchronize and Align buttons are available; an annotation will be added which states that EFD data
is not identical.
If you use Validate on foreign EFDs, the LIOS database is updated. If the Take-over command is
available, the EFD has lawful interception as its objective and can be taken over.
140/185
A30828-X9410-B082-35-7619

Issue 35
Special working procedures

!
For more detailed information and troubleshooting advice see the LIOS Troubleshooting
Guide.
4.1 Ticket buffer management (only for EWSD and hiQ/E9200)

Only for EWSD switches, version V13A and higher, and for hiQ/E9200. If ticket buffer management has
been activated (see 3.4.6), tickets which cannot be sent to LIOS because of connection problems are
stored in a ticket buffer (= ticket file) on the NE.
LIOS checks every hour whether a ticket buffer has been created by the NE (i.e. whether the connection
was interrupted). The interval of these polling calls can be set in the Host Administration (Communication
Settings form see 3.4.1).
If LIOS detects a ticket buffer file on the NE, it retrieves it via FTAM or FTP, splits it into single tickets and
processes every ticket as usual. After successful data transfer the ticket buffer file is deleted on the NE,
upon request of LIOS.
To enable an NE to create a ticket buffer file, the ticket file feature on the NE must have been activated
REC_IN_FILE must have been set in the LI properties of the NE. If in doubt, contact the NE administrator.
To retrieve ticket buffer data from the NE, the FT application has to be configured. To administer FTAM or
FTP for an NE, use the Host Administration (see 3.4.7).
For each ticket buffer, a password is required. To make password administration as simple as possible,
LIOS allows only one password for all ticket buffers. To administer the password, use the Host
Administration (NE data wizard -> FT Application -> General form -> File group password).
For every OBSGRP, a file group with an associated password has to be created on the NE. Because a
maximum of two ticket buffers can be created for every OBSGRP, the following MML commands have to
be entered twice (for ticket buffer LI.<OBSGRP>.A001 and LI.<OBSGRP>.A002).
For EWSD Classic (file transfer via FTAM), proceed as follows:
1. Check if the ticket file (= ticket buffer) feature of the NE has been activated.
2. From the MML console enter the following MML commands
CRFGRP:FGRP=LI.<OBSGRP>.A001,TYPE=FILEPW,CYCLIC=NO;
SETFGRPPW:FGRP=LI.<OBSGRP>.A001,ACCESS=DEL&RD&WR&CN&CR;
PLEASE ENTER AUDIT PASSWORD# enter File-Access Password
3. In the New NE data or Modify NE data form of the Host Administration, select the Ticket buffer
management activated checkbox.
4. Choose NE/Communication settings. In the Ticket buffer configuration area of the Communication
Settings form, fill in the interval of polling calls (in minutes, range: 10 to 600).
5. In the Host Administration/NEs select Modify NE from the Actions column. Press Next till you arrive at
the Applications form. Select FT, press Modify. Press Next till you arrive at the Passwords form. Enter
the file group password.
For EWSD Power Node and hiQ/E9200 (file transfer via FTP), the above procedure does not apply. The
settings have to be made according to the file access security used in EWSD Innovation commands
must be entered via Q3, e.g. NetManager, and not via MML console. These are the Q3 MML commands
you have to enter: CR FTINI (creation of file transfer initiator with password type at the authentication
function of the NE), CR FSINIGRP (creation of file security initiator group, password type), CR FSFGRP
(creation of file security file group and files), CR FSRULE (definition of a rule stating what the initiator
group is allowed to do with the files of the file group).
A30828-X9410-B082-35-7619
141/185

Issue 35
4.2 Setting up closed user groups (CUGs) for LEAs on EWSD and hiQ/E9200
switches
To prevent LEAs from being intentionally blocked by external calls and from being objects of observation,
you can set them up as closed user groups (CUG).
CUGs must be set up on NEs by an ISDN administrator. A CUG for a particular LEA must be set up on
the NE on which the ISDN connection of the LEA is administered.
Up to 15 CUGs can be predefined on each NE. Administration of CUGs for each LEA must be possible by
selecting one of the predefined CUGs in the Observation form of the LEA data wizard (LEA
Administration see 3.8.2).
To set up and administer CUGs proceed as follows:
Checking CUG properties in the LI options (NE administration task)
In EWSD version V13A and higher, and hiQ/E9200, it is possible to define up to 15 LI-specific CUGs on
an NE. Whether this feature can be used depends on the NE configuration. This configuration is defined
on each NE in the properties of the LI options. The value of these parameters can only be modified during
installation phase. The following CUG properties can be set in the LI options:
CUG_USAGE_ALLOWED:
If this property is set, the CUG functionality is allowed.
CUG_ADMIN_MAND:
If this property is set, the CUG functionality must be used (otherwise LI MML command CROBSGRP
will be rejected).
CUG_USAGE_VIA_INDEX:
If this property is set, the CUG functionality must be used with the index method.
To check the current values use the appropriate MML command.

Setting CUGs in the LI options (NE administration task)
If the CUG feature is activated (i.e. at least CUG_USAGE_ALLOWED is set in the LI options) and the
CUGs are administered on the NE, the CUGs must be set in the LI options (MODLIOPT command).
Registering LEA CUGs (LIOS administration task)
If the use of LI CUGs is allowed on an NE and there are LI CUGs administered on the NE, the same LI
CUGs should be registered in the LIOS system (to be done in the LEA Administration, CUG data form).
Assigning LEAs to CUGs (LIOS administration task)
Each LEA can be a member of only one CUG (this is a restriction of LIOS; generally a LEA can be
administered in more than one CUG).
Setting CUG indexing flag for an NE (LIOS administration task)
Depending on the value of the LI properties CUG_USAGE_ALLOWED, CUG_ADMIN_MAND and
CUG_USAGE_VIA_INDEX, the flag CUG indexing activated (provided in the Host Administration, NE
data forms) has to be set or not.
This information is sent to the NE with a CROBSGRP command.
Parameters concerning CUG administration:
CUGIND (CUG index),
CUGILC (CUG interlock code),
CUGDNIC (CUG data network ident. Code)
There are three parameters for specifying a CUG for a LEA within the MML commands for creating and
modifying observation groups:
142/185
A30828-X9410-B082-35-7619

Issue 35
CUGIND:
Specifying the CUG index by using the CUGIND parameter (CUGILC and CUGDNIC are not
used). The CUG index is related to the CUG data predefined in the LI options on the NE. If no
CUG data is administered in the LI options for this index, the command is rejected.
CUGILC and CUGDNIC:
Specifying the CUG interlock code and the CUG data network identification code by using
parameters CUGILC and CUGDNIC (CUGIND is not used).
If there is a CUG assigned to a LEA in the LEA Administration, this CUG is specified also in the MML
commands for creating and modifying observation groups: if the flag CUG indexing activated for a
specified NE is set, the CUGIND parameter is used, if the flag is not set, the parameters CUGILC and
CUGDNIC are used. If there is no CUG assigned to a LEA, the CUG parameters are not used in the MML
commands for creating and modifying observation groups.
If the LEA CUGs set up in the LIOS system do not correspond with the parameters and
properties set on the NE, the MML commands for creating and modifying observation groups
will be rejected by the NE.
4.3 Configuring LI NE alarm filtering (lios.properties file)

To fulfill (a possible) customer requirement to process only a special set of LI NE alarms (= LI-specific
alarms issued by the LI functionality of EWSD and hiQ/E9200) and also of LIM alarms, a filter for these
alarms can be specified in the LIOS system. LI NE alarms not contained in this set of alarms are ignored
and therefore the LIOS user is neither notified nor has he the possibility to get any information about
these alarm.
If LIOS is to receive LI NE alarms, an EFD must exist which forwards the alarms to LIOS. The EFD can
only contain the information to forward all LI NE alarms or to forward no LI NE alarm. It is not possible to
determine only a special set of LI alarms to be forwarded. Therefore LIOS uses an alarm filter and
processes only the alarms specified in the filter, but ignores all other alarms (but in any case, the receipt
of alarms is confirmed by LIOS through a message sent to the NE).
The filter can be specified in the lios.properties configuration file, which is located on the LIOS server.
Therefore a new property has been added to this file, called NeLiAlarmSetRestriction.
Each LI NE alarm type has a special number. The LI NE alarm types existing so far have alarm numbers
in the range from 0 to 13. Each LI NE alarm type is further specified by an alarm code (e.g. A-EIR-00001).
The last part of this alarm code contains the alarm type number (in the example above: 1). For a list of all
possible LI NE alarm types see 3.10. If a specific alarm type is to be processed by LIOS, you have to add
its number to the NeLiAlarmSetRestriction property value. If you wish to add another alarm type number,
you have to enter a & character first. If the NeLiAlarmSetRestriction property is not set (default), all NE
specific LI alarms are processed.
For the modifications to take effect, you have to stop and restart the LIOS services. How to do this, is
described in the example below.
Example:
To make LIOS process only the LI NE alarms of types 0 (A-EIR-00000, DN removed), 3 (A-EII-00003, DN
modification) and 8 (A-EID-00008, LI database lost), set the NeLiAlarmSetRestriction property as follows:
1. Login to the LIOS server.
2. Change to /opt/li/sw/<LIOS version>/config.
3. Open the lios.properties file.
4. Go to the NeLiAlarmSetRestriction property.
5. Modify the line so that it reads as follows:
NeLiAlarmSetRestriction = 0&3&8
A30828-X9410-B082-35-7619
143/185

Issue 35
6. Save the file and exit.

7. Enter the command: ./liservices restart
All LI processes running on the LIOS server are stopped and restarted.
If your LIOS system has two LIOS servers, restart the LI processes on the two of them.
To make LIOS process no LI NE alarms, modify the NeLiAlarmSetRestriction property as follows:
NeLiAlarmSetRestriction =
If the property is put under comment (i.e. line begins with #) or the line has been deleted, all LI NE
alarms are processed.
4.4 Configuring cyclic DB synchronization

The LIOS operator is supplied with two functions for synchronizing the LIOS database with the NE
database: DN synchronization and state synchronization.
DN synchronization covers modifications made to intercepted subscribers, state synchronization covers
the states in which observations are on the NE.
By default, this state synchronization is performed as a routine operation (Cyclic DB Synchronization)
every night, covering the NEs where the last state synchronization was performed more than 7 days ago.
The settings controlling this routine can be modified in the LIOS properties.
These are the default settings:
DBSyncJobComputer.
DBSyncJobComputer.
DBSyncJobComputer.
DBSyncJobComputer.
Hour2Execute = 22
Minute2Execute = 00
SyncLength = 5
TimeCriteria = 7
If you modify the settings for cyclic DB synchronization, you have to do so on each LIOS server.
4.5 Automatic DN synchronization following a Massive DN modification alarm

A massive DN modification made on an NE is likely to affect observations administered by LIOS. The LI
software on the NE automatically changes intercepted DNs accordingly. The NE sends a Massive DN
modification alarm and the LIOS operator responsible has to effect DN synchronization, which reads
intercepted DNs from the LI database of the NE and writes them to the LIOS database, so that the DNs
kept in both databases are identical again.
LIOS can be configured to automatically start a DN synchronization operation every time it receives a
Massive DN modification alarm.
To configure Automatic DN synchronization, edit the lios.properties configuration file:
Parameter
AlarmService.TargetSyncDelay <seconds>
AlarmService.TargetSyncAuto <0,1>
Meaning
Amount of time in seconds which must pass between the arrival of
an alarm and the start of the synchronization. Default: 900.
Indicates whether automatic DN synchronization should run after
arrival of an alarm at all.
0 Automatic DN synchronization is not used (default).
1 Automatic DN synchronization is used.
4.6 Upgrading the LIOS license

If the network provider (the owner of the LIOS license) wishes to expand the network (e.g. add NEs), an
upgrade of the LIOS license may become necessary. Once the license upgrade has been installed, the
new features are available without LIOS having to be newly set up.
Speaking in software terms, the LIOS license consists of the license key and the license file. License
key and license file have to be ordered from the manufacturer and installed. For the details of the
installation procedure refer to the LIOS Installation Manual.
144/185
A30828-X9410-B082-35-7619

Issue 35
4.7 Setting up a new EWSD or hiQ/E9200 NE in the LIOS system

As a preparation you have to discuss with the EWSD or hiQ/E9200 administrator which network (WAN,
ISDN), transport system (IP or X.25) and file transfer protocol (FTP or FTAM) should be used and you
have to exchange communication parameters (e.g. DTE or IP address and system title).
Steps to be taken by the EWSD or hiQ/E9200 administrator
8. Preparation of the LI functionality on the NE (LI patches, LI LTG, LI options, Q3 activated, ODAGEN, .
. .)
9. Preparation of the communication database on the NE.
10. Preparation of the hardware connection from the NE to the X.25, ISDN or IP network.
Steps to be taken by the LIOS administrator
11. If ISDN is used, configure a new WAN partner in the ISDN router (Bintec).
12. Open the LIOS Host Administration, NEs sub-application (see 3.4) and set up a new NE; enter the
connection parameters agreed upon with the EWSD or hiQ/E9200 administrator. We strongly
recommend that you should copy the data of an NE already set up (select Copy NE ) and modify
only the values that are different.
13. In the LIOS Host Administration, NEs sub-application, select Activate NEs. Activate the new NE.
14. Open the MML console, connect to the NE and set the LI passwords on the NE: enter the passwords
as parameters of the MODOBSID command.
15. Open the EFD Administration and create an EFD. (In case of inband create an EFD only for NE
alarms.)
16. From the MML console adapt the LI options of the NE with the MODLIOPT command.
Example: MODLIOPT:FBQ3AL=Y,FBQ3ALN=0.2.262.1.1.3001.10;
In this case 0.2.262.1.1.3001.10 is the application process title of the LID application on one of the
LIOS servers (it does not matter on which one).
4.8 Handling an EWSD / hiQ/E9200 upgrade

When an EWSD or hiQ/E9200 NE which can be accessed by LIOS is upgraded, a LIOS administrator
and a LIOS operator (with Observation Manager rights) have to cooperate with the EWSD / hiQ/E9200
administrator.
Steps to be taken
17. In the LIOS system: A LIOS operator (with Observation Manager rights) suspends all observations on
the NE (Observation Manager/Suspend NE).
Do NOT deactivate the NE!
Do not re-enter EFDs! EFDs of the old EWSD version are automatically regenerated during EWSD /
hiQ/E9200 upgrade.
18. On the NE: The NE administrator upgrades the EWSD / hiQ/E9200 software.
19. In the LIOS system: The LIOS administrator changes the EWSD / hiQ/E9200 version (Host
Administration NEs/NE data wizard see 3.4.6).
20. In the LIOS system: The LIOS administrator enters the LI NE passwords from the MML console with
the MODOBSID command.
21. In the LIOS system: The LIOS administrator also enters the LI NE passwords from the Host
Administration, NEs sub-application.
22. In the LIOS system: The same LIOS operator who has invoked Suspend NE now resumes all
observations on the NE (Observation Manager/Resume NE).
If the EWSD / hiQ/E9200 NE has been upgraded and, for some reason, LIOS has not been adjusted, the
LI database of the NE will be lost. An LI database lost alarm (alarm code A-EID-00008) is generated
A30828-X9410-B082-35-7619
145/185

Issue 35
(only if before upgrading, the NE had version EWSD V12 or higher or hiQ/E9200 depends also on the
LI property settings).
Proceed as follows: (1) Enter the new NE version (LIOS Host Administration, NE data wizard see
3.4.6). (2) Ask a LIOS operator with Observation Manager rights to perform Align DB. This will
automatically restore LI passwords and observations on the NE.
4.9 Setting ETSI properties for NE ID (X.25 and E.164)

The ETSI standard on Lawful Interception (ETSI ES 201 671) also regulates in which format data has to
be contained in LI tickets. If the owner of the LIOS system you are working with has purchased an ETSI
license, you have to fill in the fields in the NE ID section of the ETSI form of the NE data wizard (Host
Administration: NEs see 3.4.6).
The LIOS properties in the following control input and conversion of NE IDs for the X.25 and the E.164
formats.
Parameter
HostAdmin.ETSI_HexaX25
0
1
HostAdmin.ETSI_HexaE164
0
1
TicketRouter.ETSI_AddHeaderToX25
0
1
TicketRouter.ETSI_AddHeaderToE164
0
1
Meaning
Regulates which characters can be entered in the ETSI form of the
NE data wizard to specify NE IDs in the X.25 format.
Decimal numbers accepted (default).
Hexadecimal numbers accepted.
Regulates which characters can be entered in the ETSI form of the
NE data wizard to specify NE IDs in the E.164 format.
Decimal numbers accepted (default).
Hexadecimal numbers accepted.
Regulates whether NE IDs entered in the X.25 format will be
coded according to Q.763 (i.e. whether a 2-byte header will be
added).
NE ID strings will be used in LI tickets as they have been entered
no header will be added.
NE IDs will be coded according to Q.763 a header will be added
(default).
Regulates whether NE IDs entered in the E.164 format will be
coded according to Q.763 (i.e. whether a 2-byte header will be
added).
NE ID strings will be used in LI tickets as they have been entered
no header will be added.
NE IDs will be coded according to Q.763 a header will be added
(default).
Usually the LIOS administrator will enter the X.25 or E.164 address and will leave the 2-byte header
according to ETSI to be added by the LIOS system. This is reflected in the default property settings
(decimal numbers and automatic addition of header). However, a LIOS administrator may wish to enter
headers manually, which necessitates the input of hexadecimal characters. He will enter the header in the
Address field and then the X.25 or E.164 address. The property settings for this situation are:
hexadecimal characters and no automatic addition of header. This means, if add header is ON,
hexadecimal should be OFF and vice versa.
Decimal
Hexadecimal
Add header automatically
YES
NO
Do not add header automatically
NO
YES
4.10 Configuring maximum number of NE connections for EFD Administration

For working with the EFD Administration see 3.15.
In the course of EFD Administration operation, the EFD server establishes connections to several NEs.
The maximum number of simultaneous connections can be configured. Once the maximum number is
reached, LIOS will establish a new connection only when another one has been closed.
146/185
A30828-X9410-B082-35-7619

Issue 35
To configure the maximum number of simultaneous NE connections, edit the lios.properties

configuration file, EFDServer property (how to access the lios.properties configuration file is described
in Section 4.3).
# EFDServer
######################
# the following attribute is used for limitation the number of maximum
# connections in RequestManagement
# hardcoded default-value is 5
EFDServer.maxConnections = 8
4.11 Setting active/passive FTP to LEAs and MCs (LIOS.properties file)

LIOS can use the FTP protocol (parallel to the FTAM protocol) to perform some file transfer operations:
to NEs (ticket buffer)
to LEAs (ticket transfer)
Monitoring Centers (MC events transfer)
For FTP to LEAs and MCs it is also possible to use the passive mode.
The following solution has been implemented:
The communication to NEs is always done through the active FTP mode.
The communication to LEAs and MCs is done by default through the passive FTP mode. To change it
to the active FTP mode, you have to edit the lios.properties file.
passive FTP (default):
FTP.ConnectModeActive = 0
active FTP:
FTP.ConnectModeActive = 1
These settings are generally valid, i.e. for the communication to all LEAs and MCs.
4.12 Switching parallel ticket sending on and off (LIOS.properties file)

To enhance system performance, tickets are normally sent to LEAs from both LIOS servers in parallel.
This means that LEAs receive tickets from two sources, which is also shown in ticket names. If this is not
desired, parallel sending can be switched off. This means that for ticket sending to a LEA, only one
connection is established. Nevertheless, tickets can be sent one time from one LS, the other time from
the other LS, but only from one LS at a time.
To switch parallel ticket sending off or on, edit the lios.properties configuration file (how to access the
lios.properties configuration file is described in Section 4.3).
Parallel ticket sending is ON:
TicketRouter.parallelSending = 1
Parallel ticket sending is OFF:
TicketRouter.parallelSending = 0
The settings affect ticket sending to all LEAs that are connected with the LIOS system.
4.13 Switching support of LI management (HI1) notifications on and off

(LIOS.properties file)
Only for EWSD V13A and higher, and for hiQ/E9200.
LI management notifications (also called HI1 notifications) notify the LEA about events like observation
activation, deactivation and modification. It can also provide information about alarms.
At present LIOS provides only notifications about observation activation and deactivation. Tickets must
have originated from EWSD V13A and higher, or from hiQ/E9200, and must have the format ETSI V2.1
(with ETSI National D format it does not work because the HI1 data is part of the national parameters).
HI1 notifications are sent through the HI2 mechanism just like normal tickets. From the file name the LEA
can identify if it is an HI1 or an HI2 notification.
A30828-X9410-B082-35-7619
147/185

Issue 35
To switch the support of LI management (HI1) notifications off or on, edit the lios.properties configuration
file (how to access the lios.properties configuration file is described in Section 4.3).
HI1 support is ON:
TicketRouter.ETSI_HI1 = 1
HI1 support is OFF:
TicketRouter.ETSI_HI1 = 0
4.14 NTP Configuration for LIOS

NTP (Network Time Protocol) requires two types of machines to configure: NTP server and NTP client.
The NTP server can be a stand-alone system (some computer outside of LIOS) or a LIOS server. NTP
clients are all other LIOS servers existing in the network. If the NTP server is a stand-alone system, it is
needed to know or administer some configuration data for NTP on this machine (this machine must be in
time-packets broadcasting mode).
Generally there are three most common possibilities how to perform time synchronization in LIOS:
NTP is not used: Rely on the LIOS-proprietary time synchronization as it was prior to LIOS 7.4.
NTP is used:
The NTP server is some computer outside of LIOS. Both LIOS servers are configured as NTP
clients. The LIOS-proprietary time synchronization must be turned off (see the Section 4.15) or
One of LIOS servers will act as NTP server and other as NTP client. The LIOS-proprietary time
synchronization must be turned off.
If NTP is going to be used, please refer to the next section for information how to configure NTP server
and client. It is enough to create some configuration files and place them into the respective directory.
These files will be automatically read by Solaris after reboot.
4.14.1 Multicast/Broadcast synchronization (automatic)
Multicast/Broadcast synchronization can be used when broadcasting (multicasting) over the network is
possible.
Step-by-step configuration:
23. NTP server configuration
Create or copy and modify the file /etc/inet/ntp.keys
Insert the authentication key into the file in the format <key> <type> <password>
(the key identifies a line in the file and consists of <key> <type> <password>, this key id (and
password) is checked by an NTP client when receiving a broadcasted time packet from the
server)
key key ID, numeric value, e.g. 1
type one of S (64bit DES), N (64bit NTP number), A (1-8 characters ASCII), M (1-8 characters
MD5)
password any password
e.g. 1 M mypass
Copy/modify file /etc/inet/ntp.conf
At least one line with the command server <address> has to exist to identify the address of the
time source
e.g. server 127.127.1.0 for local computer clock source (clock can also be on any other server)
A line with the command broadcast <address> key <key#> ttl <ttl#> has to exist, with proper
values set (see above creation of key)
address multicast or broadcast address
key# key ID to sign packets
ttl# number of maximum network hops from NTP server to client
e.g. broadcast 224.0.1.1 key 1 ttl 10
A line with the command keys /etc/inet/ntp.keys has to exist
148/185
A30828-X9410-B082-35-7619

Issue 35
Restart server. (or simply start /usr/lib/inet/xntpd)

remark: start /usr/lib/inet/xntpd d >/tmp/xntpd.log 2>&1 & for logging output into file /tmp/xntpd.log
24. NTP client configuration
Create or copy and modify the file etc/inet/ntp.keys with exact key line as configured on the NTP
server (see above). Only the key which is used in the broadcast command in the ntp.conf file on
the server, is needed.
Copy/modify file /etc/inet/ntp.conf
Line with command multicastclient <address> has to exist

address same address as configured on the NTP server in broadcast command. Also
command broadcastclient can be entered instead of multicastclient <address>.
A line with the command enable auth bclient has to exist.
A line with the command keys /etc/inet/ntp.keys has to exist.
A line with the command trustedKey <key#> has to exist

key# key ID which is entered in ntp.keys file on client and server.
Restart server. (or simply start /usr/lib/inet/xntpd).

remark: start /usr/lib/inet/xntpd d >/tmp/xntpd.log 2>&1 & for logging output into file /tmp/xntpd.log
In a closed network, where only LIOS servers exist and where there is no danger of an attack with false
time packets, it is also possible not to create a file ntp.keys (on both server and client) and not to fill in
any information about authorization keys (commands broadcast and trustedKey).
4.14.2 Configuration check
4.14.2.1
NTP server
Run ntpq utility.
The associations command displays information about active associations of NTP

(If association table is empty or state condition is faulty NTP does not work correctly).
Example:
ntpq>associations
ind assID status conf reach auth condition last_event cnt
===========================================================
1 46388 9614
yes
yes none sys.peer
reachable 1
2 46389 c000
yes
no
The pstatus <assID> command displays information about associations.
Example:
ntpq> pstatus 46388

status=9614 reach, conf, sel_sys.peer, 1 event, event_reach
srcadr=LOCAL(0), srcport=123, dstadr=127.0.0.1, dstport=123, keyid=0,
stratum=3, precision=-14, rootdelay=0.00, rootdispersion=0.00,
refid=LOCAL(0),
reftime=c30b0296.a01f7000 Thu, Sep 11 2003 16:17:58.625,
delay=
0.00, offset=
0.00, dispersion=10.06, reach=377, valid=8,
hmode=3, pmode=4, hpoll=6, ppoll=6, leap=00, flash=0x0<OK>,
org=c30b0296.a01f7000 Thu, Sep 11 2003 16:17:58.625,
rec=c30b0296.a01f7000 Thu, Sep 11 2003 16:17:58.625,
xmt=c30b0296.a01f1000 Thu, Sep 11 2003 16:17:58.625,
filtdelay=
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00,
A30828-X9410-B082-35-7619
149/185

Issue 35
filtoffset=
filterror=
4.14.2.2
0.00
10.06
0.00
11.03
0.00
12.01
0.00
12.99
0.00
13.96
0.00
14.94
0.00
15.91
0.00,
16.89
NTP client
Run ntpq utility
The associations command displays information about associations of NTP.
Example:
ntpq> assoc
ind assID status conf reach auth condition last_event cnt
===========================================================
1 36407 7600
no
yes
ok
sys.peer
The pstatus <assID> command displays information about associations.
Example:
ntpq> pstatus 36407

status=7600 reach, auth, sel_sys.peer, no events
srcadr=gfts7, srcport=123, dstadr=224.0.1.1, dstport=123, keyid=1,
stratum=4, precision=-14, rootdelay=0.00, rootdispersion=10.12,
refid=LOCAL(0),
reftime=c30b0316.9ff21000 Thu, Sep 11 2003 16:20:06.624,
delay=
0.73, offset=
-1.10, dispersion=1.22, reach=377, valid=8,
hmode=8, pmode=5, hpoll=6, ppoll=6, leap=00, flash=0x0<OK>,
org=c30b0317.9ff40000 Thu, Sep 11 2003 16:20:07.624,
rec=c30b0317.93342000 Thu, Sep 11 2003 16:20:07.575,
xmt=c30af437.03c41000 Thu, Sep 11 2003 15:16:39.014,
filtdelay=
0.73
0.73
0.73
0.73
0.73
0.73
0.73
0.73,
filtoffset= -1.11
-1.19
-1.37
-1.22
-1.25
-1.25
-1.25
-1.31,
filterror=
1.10
2.08
3.05
4.03
5.00
5.98
6.96
7.93
4.14.3 Listing of NTP configuration files for LIOS

>cat ntp.keys
1 M password
>cat ntp_server.conf
# @(#)ntp_server.conf LIOS broadcast server configuration
#
# Place to /etc/inet/ntp.conf
#
# An example file that could be copied over to /etc/inet/ntp.conf and
# edited; it provides a configuration template for a server that
# listens to an external hardware clock, synchronizes the local clock,
# and announces itself on the NTP multicast net.
#
#
#
#
#
#
#
#
#
#
#
This is the external clock device.

recognized by xntpd 3-5.93e:
The following devices are
XType Device
RefID
Description
------------------------------------------------------1
local
LCL
Undisciplined Local Clock
2
trak
GPS
TRAK 8820 GPS Receiver
3
pst
WWV
PSTI/Traconex WWV/WWVH Receiver
4
wwvb
WWVB
Spectracom WWVB Receiver
5
true
TRUE
TrueTime GPS/GOES Receivers
150/185
A30828-X9410-B082-35-7619

Issue 35
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
6
7
8
9
10
11
12
13
15
17
18
19
20
22
23
24
25
26
27
irig
chu
parse
mx4200
as2201
arbiter
tpro
leitch
*
datum
acts
heath
nmea
atom
ptb
usno
*
hpgps
arc
IRIG
CHU
---GPS
GPS
GPS
IRIG
ATOM
*
DATM
ACTS
WWV
GPS
PPS
TPTB
USNO
*
GPS
MSFa
IRIG Audio Decoder

Scratchbuilt CHU Receiver
Generic Reference Clock Driver
Magnavox MX4200 GPS Receiver
Austron 2201A GPS Receiver
Arbiter 1088A/B GPS Receiver
KSI/Odetics TPRO/S IRIG Interface
Leitch CSD 5300 Master Clock Controller
TrueTime GPS/TM-TMD Receiver
Datum Precision Time System
NIST Automated Computer Time Service
Heath WWV/WWVH Receiver
Generic NMEA GPS Receiver
PPS Clock Discipline
PTB Automated Computer Time Service
USNO Modem Time Service
TrueTime generic receivers
Hewlett Packard 58503A GPS Receiver
Arcron MSF Receiver
* All TrueTime receivers are now supported by one driver, type 5.

Types 15 and 25 will be retained only for a limited time and may
be reassigned in future.
Some of the devices benefit from "fudge" factors.
documentation.
See the xntpd
# Either a peer or server. Replace "XType" with a value from the

# table above. Address format: 127.127.XType.0
# At least one server is required. More servers is optimum.
# This means that device (hardware clock or any other server) at <address> is
source of valid time for this server.
server 127.127.1.0 prefer
# Send time packets automatically
# multicast server with key=1 and ttl=100
broadcast 224.0.1.1 key 1 ttl 100
# Specify keys file for authentication
keys /etc/inet/ntp.keys
>cat ntp_client.conf
# @(#)ntp_client.conf LIOS broadcast client configuration
#
# Place to /etc/inet/ntp.conf
#
# LIOS NTP multicast client configuration file
#
# Choose a configuration which matches the NTP server settings
# Possible configuration:
#
multicastclient
#
broadcastclient
# Specify that client listen to broadcasted time packets
#
# command: multicastclient <address>
# set the NTP client to multicast client
# the address for multicast client can be modified, to meet actual settings.
Must be same as multicast address on NTP server
multicastclient 224.0.1.1
A30828-X9410-B082-35-7619
151/185

Issue 35
# command: broadcastclient
# set the NTP client to broadcast client
#broadcastclient
# Specify that authentication and broadcast listening are enabled
enable auth bclient
# Specify keys file
keys /etc/inet/ntp.keys
#Selected valid key, from which are time-packets accepted by this client
trustedkey 1
4.15 Turning off the LIOS-proprietary time synchronization

Turning off java services
If NTP is used, the LIOS-proprietary time synchronization mechanism should be turned off. This can be
done by setting datagram port for the LIOS-proprietary time server and time client to 0. In
lios.properties set:
TsyncThread. TsyncOff = 1
Turning off native services
In lios.cfg there is time synchronization section:
[TimeSynchronization]
GFTS1 -t /cua31
-s /dev/cua/a
The first parameter (e.g. GFTS1) is the name of the host where the timesync process (trying to set
system time according to radio device time) will be started by lirecovery script. We do not want this
process to be started. Therefore specify as time sync server any host name except LIOS servers. For
example if LIOS servers are TS1 and TS2 specify value TS3:
[TimeSynchronization]
TS3
-t /cua31
-s /dev/cua/a
4.16 Changing export format (field delimiter) in the LIOS.properties file

The format for LIOS data export is CSV (comma-separated values) format, this means, commas are used
as separators (field delimiters). Also TXT format with tab stops as separators is supported.
To change export format and field delimiter, edit the lios.properties configuration file.
ExportFormat = TXT
Text format; field delimiters: tab stops
ExportFormat = CSV
Field delimiters: commas; The CSV format can be modified in

the following ExportFormat properties:
ExportFormat.extension = csv
File name extension automatically added
ExportFormat.delimiter = ,
Field delimiter (separator). Default is comma (,).
ExportFormat.surround = "
Character automatically inserted before and after each field.
For the modifications to take effect, you have to stop and restart the LIOS services (see 4.3).
4.17 Ticket time stamp conversion according to the time zone of the NE
The tickets generated by NEs of Type EWSD and hiQ/E9200 contain always GMT time and not the local
time where the NE is located. This could be a problem if the NEs connected to LIOS are located in
152/185
A30828-X9410-B082-35-7619

Issue 35
different time zones. To avoid this the time stamp can be converted in LIOS to the correct time based on
the time zone the NE is located. To activate this feature set the following LIOS property:
TicketRouter.TimeZone = 1
Additionally for each NE concerned the correct time zone has to be set in LIOS Host administration ->
NEs -> General by the LIOS Administrator.
E.g.: NE provides ticket with GMT time: 2006/12/18 11:06:28
1. example:
NE is located in time zone 'Europe/Istanbul': GMT+2 (= +2 hours)
LIOS converts the time stamp to GMT+2:
2006/12/18 13:06:28
2. example:
NE is located in time zone 'Australia/Sydney': GMT+10 + 1 hour DST (= +11 hours)
LIOS converts the time stamp to GMT+11:
2006/12/18 22:06:28
A30828-X9410-B082-35-7619
153/185

Issue 35
System configuration
Root permission on the LIOS servers is needed for performing the system configuration tasks described
in this chapter. All tasks described here should not be carried out during normal operation.
For more detailed information and troubleshooting advice see the LIOS Troubleshooting
Guide.
5.1 Symmanager
5.1.1
Overview
Symmanager is an administration tool for configuring X.25 cards. It enables you to do the following:
Specifying X.25 parameters, e.g.:
X.25 timer
X.25 channel number space (outgoing, incoming, both-way)
Repetition counter setting
Default packet size and default window size setting
Specifying HDLC parameters, e.g.:
DTE or DCE functions
Maximum HDLC window size
Maximum HDLC frame length
Specifying the card configuration, e.g.:
Size of internal buffer (DTSX INTERNAL BUFFER SIZE)
Number of internal buffers (MAXIMUM BUFFERS/VC TRIGGER)
Switching external clock on and off
Usually the default values are sufficient. It may be necessary to adapt the channel number space or size
and number of internal buffers (see 5.1.2).
To start Symmanager, log in as root and type symmanager. For further information see [5].
5.1.2
Specifying size and number of internal buffers of the X.25 card
The values to be specified for the size (DTSX INTERNAL BUFFER SIZE) and number (MAXIMUM
BUFFERS/VC TRIGGER) of internal buffers depend on the X.25 packet size used.
When setting the two parameters, observe the following rules:
DTSX INTERNAL BUFFER SIZE = maximum X.25 packet size used
The value range for this parameter is between 256 and 1024.
MAXIMUM BUFFERS/VC TRIGGER = max TPDU/(min. X.25 packet size) +1;
The value range for this parameter is between 1 and 33.
The maximum TPDU size accepted by LIOS is 2048.
The following examples show how optimum or necessary values for the two parameters above are
defined with respect to the X.25 packet size used.
154/185
A30828-X9410-B082-35-7619

Issue 35
Example 1:
Only the X.25 packet size 1024 is used:
DTSX INTERNAL BUFFER SIZE = 1024
Because the maximum X.25 packet size of 1024 lies within the permissible range of values, the value can
be used.
MAXIMUM BUFFERS/VC TRIGGER = 3
The maximum TPDU size accepted by LIOS is 2048 and the minimum X.25 packet size is 1024.
Example 2:
Only the X.25 packet size 128 is used:
DTSX INTERNAL BUFFER SIZE = 256
Because the maximum X.25 packet size of 128 lies below the permissible range of values, the lower limit
of the range of values(256) is used.
MAXIMUM BUFFERS/VC TRIGGER = 17
The formula yields the value 17 if the LIOS TPDU size of 2048 is used.
5.2 Symmonitor
Root permission on the LIOS servers is needed for performing the operations described in this section.
Symmonitor enables you to localize problems in the transport system (X.25) located between LIOS and
the NEs. With Symmonitor you can view the X.25 communication on the OSI layers 1 to 3.
Proceed as follows:
1. Login as root on the LIOS server which has problems with the X.25 communication.
2. Enter symmon. A self-explaining window is displayed which enables you to trace the X.25
communication over the Symicron card. For details see [5]. Make sure you have selected the correct
port to be traced.
5.3 FTAM configuration

The FTAM configuration does not apply to the LIOS Admin mode.
With LIOS of version 3 and higher, FTAM (File Transfer Access and Management) is used for the
following tasks:
Transfer of event tickets to the LEA
Transfer of event tickets from NE, when delivery of event tickets via Q3 is not possible.
FTAM to the LEA is handled via native X.25.

Depending on the hardware configuration of LIOS, FTAM to NE is handled either via native X.25 network
or via X.25/ISDN, if the network element is connected to LIOS via ISDN. In this case the FTAM data is
transferred via LAN to the ISDN router (X.25 via LAN LLC2) and from there via ISDN to the network
element.
Therefore additional administration of the X.25 software is necessary (see 5.3.3).
Root permission on the LIOS servers is needed for performing the operations described in this section.
5.3.1
Administering FTAM file transfer
FTAM must be installed and configured on every LIOS server.

Before the configuration of the FTAM file transfer can be started, the following prerequisites must be
fulfilled:
The HSI card must be installed in every LIOS server.
The driver software for the HSI card must be installed.
A30828-X9410-B082-35-7619
155/185

Issue 35
The standard software products HSI software, Solstice X.25, Solstice OSI and Solstice FTAM must
be installed.
Configuring FTAM file transfer consists of the following tasks:

1. Collecting X.25 configuration data (see 5.3.2).
2. Configuring every LIOS server for FTAM transfer:
Configuring Solstice X.25 software (see 5.3.3). The Solstice X.25 software provides X.25 for the
data link layer and network layer (layers 2 and 3) of the OSI reference model.
Configuring Solstice OSI software (see 5.3.4). The Solstice OSI software provides the transport
layer, session layer, presentation layer and part of the application layer (layers 4 to 7) of the OSI
reference model.
Configuring Solstice FTAM software (see 5.3.5). The Solstice FTAM software provides an FTAM
implementation for the application layer (layer 7) of the OSI reference model. This FTAM
implementation satisfies the ISO (International Systems Organization) requirements for an FTAM
application.
5.3.2
Collecting X.25 configuration data
Before starting FTAM file transfer administration, the necessary X.25 configuration data for the local X.25
Link listed in Table 5-1 should be collected.
Configuration parameter Explanation
local NSAP address
local DTE address
Logical channel numbers
(start/end point)
Request Size Negotiation
Default and maximum X.25

Packet size
Default and maximum

Window size
local NSAP address of LIOS as configured in every EWSD database.

local DTE address of the HSI card.
Defines the range of logical channel used in layer 3 of the OSI reference model. The
start and end points must be the same for the local LIOS and the network provider.
Negotiate packet size and window size = yes/no
This parameter permits both partners to negotiate an optimum packet size. This option
must be activated or deactivated for both partners.
The default X.25 packet size is used if the packet size is not negotiated. The default
packet size must be the same for LIOS and the network provider. The maximum Packet
size is used for packed size negotiation between LIOS and LEA, if Size Negotiation is
enabled.
Number of layer 3 packets after which an acknowledgment must be sent. The Default
Window size must be the same for LIOS and the network provider. The maximum
Window size is used for window size negotiation between LIOS and LEA, if Size
Negotiation is enabled.
Table 5-1: Configuring Solstice X.25 software: X.25 Link

For FTAM file transfer to network elements connected via X.25/ISDN the necessary configuration data of
the local LLC2 Link listed in Table 5-2 should be collected:
Configuration parameter Explanation
Logical channel numbers
(start/end point)
Request Size Negotiation
MAC address of the ISDN

Router
MAC address of the LIOS

server
Defines the range of logical channel used in layer 3 of the OSI reference model. The
start and end points must be the same for the local LLC Link and the corresponding
port of the ISDN router.
Negotiate packet size and window size = yes/no
This parameter permits both partners to negotiate an optimum packet size and window
size. This option must be activated or deactivated for both partners: LIOS and network
elements.
MAC address of the TCP/IP port of the ISDN Router. This MAC address can be
determined by the following commands:
1. ping to the IP address of the ISDN router
2. Reading of the ARP cache of the LIOS server by arp a'
MAC address of the TCP/IP port of the LIOS server. This address can be determined
with the following command: ifconfig hme0.
Table 5-2: Configuring Solstice X.25 software: LLC2 Link
156/185
A30828-X9410-B082-35-7619

Issue 35
5.3.3
Configuring Solstice X.25 software
The configuration of the Solstice X.25 software is divided into two sections, the administration of the X.25
Link and of the LLC2 Link.
For configuring the Solstice X.25 software, log in to the LIOS server under the root user ID.
1. Start of the Solstice X.25 configuration program: enter the following command:
/opt/SUNWconn/bin/x25tool
The X.25 Administration Tool main window is displayed:
Figure 5-1: X.25 Administration Tool of the Solstice X.25 software Main window
2. Deletion of all existing default entries:

All preinstalled links are not suitable for the required X.25 functionality. Select all preinstalled links and
then delete them by press the Delete button. Afterwards no link is displayed in the main window.
5.3.3.1 Configuration of the X.25 link
1. Generation of a new X.25 link:
To create a new link, press the Add button in the main window and select dte84. The Link Editor window
is displayed. It is divided into 3 parts according to the OSI layers defined:
Layer 1: Physical Layer
Layer 2: HDLC
Layer 3: X.25 Packet Layer
For all these layers the proper configuration values are to be administered:
A30828-X9410-B082-35-7619
157/185

Issue 35
Figure 5-2: Solstice X.25 software X.25 Link Link Editor window
In the Link Editor window enter the following parameters:
Link Number
<link number>
Unique number for identifying the X.25 link.
Link Type
WAN
Device
HSIP
Port Number
<number of used port of X.25 card (1-4)>
The HSI card connects the LIOS server to the X.25 network via this port.
Tx Clock:
External. The Clock is usually generated by the connected modem.
Interface
DTE
LAP Protocol
LAPB
Local X.121 Address <DTE address of HSI port>
Version
1984
Packet Size
Here the collected values for the X.25 Packet Size (default and maximum) are to be
entered.
Logical Channel
The collected values for SVC-Channel Range are to be entered. These values must
Range
correspond to the X.25 link of the network provider.
Confirm the settings with Apply and OK.
2. Administration of the local NSAP Address:

To administer the local NSAP Address, select Addressing. The Addressing Parameters window is
displayed.
158/185
A30828-X9410-B082-35-7619

Issue 35
Figure 5-3: Solstice X.25 software Addressing Parameters window

Enter the following values:
Extended Address
Extension
OSI
Local NSAP Address
3. Closed User Group and Size Negotiation:

To administer Basic Closed User Group Handling and Size Negotiation, select the CUG and Facilities
button. The Closed User Group and Facilities window is displayed:
Figure 5-4: Solstice X.25 software Closed User Group and Facilities window
A30828-X9410-B082-35-7619
159/185

Issue 35
Closed User Group (CUG) is an optional X.25 feature. It should only be selected, you want to use it for
your FTAM connection to the Partner System.
For LIOS select the following settings:
Closed User Group
CUG, no other access. Only FTAM to members of the

given Closed User Group is possible. Select this box only
if CUG is used!
CUG Format
Basic
Size Negotiation
Select one of the offered settings, depending on the

configuration.
6. Throughput Class and Window Size:

To Administer the X.25 Window Size, select the Throughput button. The Throughput Class and Window
Size window is opened:
Figure 5-5: Solstice X.25 software Throughput Class and Window Size window
Enter the collected values for X.25 Window Size.
4. Administration of Timers and Counters:

To administer the X.25 Timers and Counters, select the Timers and Counters button. The
Timers and Counters window is opened.
160/185
A30828-X9410-B082-35-7619

Issue 35
Figure 5-6: Solstice X.25 software Timers and Counters window

The Timers and Counters are to be administered in such a way that the X.25 Communication between
LIOS and LEA works well.
Normally no changes of the default values are necessary.
If the OSI Layer 2 (HDLC) between LIOS and the corresponding X.25 Link of the network provider shall
always be active, the timer Idle Disconnect (LAN or Dialup) is to be set to 0.
5.3.3.2 Configuration of the LLC2 link
The configuration of the LLC2 Link is only necessary when the network element (e.g. EWSD) is
connected to LIOS via X.25/ISDN.
1. Generation of a new X.25 link:

For creating a new link, press the Add button in the main window and select LAN. The Link Editor
window is displayed. It is divided into 3 parts according to the OSI layers defined:
Layer 1: Physical Layer
Layer 2: HDLC
Layer 3: X.25 Packet Layer
For all these layers, you have to administer the proper configuration values:
A30828-X9410-B082-35-7619
161/185

Issue 35
Figure 5-7: Solstice X.25 software: LLC2 Link Link Editor window
In the Link Editor window, enter the following parameters:
Link Number
<link number>
Unambiguous number for identifying the LLC2 link. It will be used for the X.25
routing table later in this section.
Link Type
LAN
Device
HME
Port Number
0
Interface
DTE
LAP Protocol
LAPB
Local X.121 Address This entry must not be changed! Otherwise the LLC2 Link will not work!
Version
1984
Packet Size
Enter the collected values for the X.25 Packet Size (default and maximum) here.
Logical Channel
Enter the collected values for SVC-Channel Range. These values must correspond
Range
to the LLC2 Link of the ISDN router.
LLC2 and Addressing must not be changed for the requested configuration.
2. Closed User Group and Size Negotiation:

Basic Closed User Group Handling and Size Negotiation are to be administered by selecting the CUG
and Facilities button. The Closed User Group and Facilities window will be opened:
162/185
A30828-X9410-B082-35-7619

Issue 35
Figure 5-8: Solstice X.25 software: LLC2 Link Closed User Group and Facilities window
Closed User Group (CUG) is an optional X.25 feature. It must not be selected for the LLC2 Link.
For the LLC2 Link, select the following settings:
Size Negotiation
Select one of the offered settings depending on the

configuration.
3. Link Modes:
To administer Link Modes parameters for the LLC2 link, select the Link Modes button. The Link Mode
Parameters for link #1 window is opened:
A30828-X9410-B082-35-7619
163/185

Issue 35
Figure 5-9: Solstice X.25 software: LLC2 Link Closed User Group and Facilities window
For configuring the LLC2 Link, select the following parameters:
Keep X.121 address in Call Request to LAN
YES.
4. Throughput Class and Window Size

To administer X.25 Window Size, select the Throughput button. The Throughput Class and Window Size
window is opened:
164/185
A30828-X9410-B082-35-7619

Issue 35
Figure 5-10: Solstice X.25 software Throughput Class and Window Size window
Enter the collected Values for X.25 Window Size.
5.3.3.3 Administration of the X.25 routing table
This task must only be executed, when the network element is connected to LIOS via X.25/ISDN. In this
case the X.25 software has to decide whether an X.25 connection has to be established via the X.25 Link
or via the LLC2 Link depending on the called DTE address. Therefore a routing table is necessary.
In the main window of x25tool choose Services -> Routing to get the routing table.
1. Administration of the Default Route

After selection of the routing service a window like the following will appear:
A30828-X9410-B082-35-7619
165/185

Issue 35
Figure 5-11: X.25 Routing Table Definition of the default route.

The default route should be configured for the X.25 link. That means that every connection to the LEA will
be handled via X.25 without any further configuration. Press the Add button and enter the following
parameters:
Route Type
X.121 default
Link Number
<Number of the X.25 link>
Comment:
Any comment describing the default entry.
2. Administration of the host routes to NE

When an NE is connected to LIOS via ISDN/X.25, LI tickets from the NE will be fetched via the LLC2 link.
Because the default route for FTAM connections is defined via X.25 link, for every NE one routing table
entry has to be configured as follows:
166/185
A30828-X9410-B082-35-7619

Issue 35
Figure 5-12: X.25 Routing Table Definition of host routes

Press the Add button followed by the Top button. Because the routing table is read from beginning to end,
it is important, that all host route entries are configured before the default route entry.
Enter the following parameters:
Route Type
X.121 host
Link Number
<Number of the LLC2 link>
X.121 Address
DTE address of the NE
MAC Address
MAC Address of the corresponding ISDN Router
Comment:
Any comment describing the host route to the given NE.
The configuration of a host route must be repeated for every connected NE!
5.3.3.4 Activation of the X.25 configuration
After configuring the necessary X.25 links (X.25 and LLC2 if necessary), activate the configuration:
1. Enabling automatic start of the X.25 network software:

In the main window, select the Options menu and the Start X.25 automatically when booted menu item.
2. Start of X.25 network software:

In the main window, select the Network menu and the Start X25 menu item.
A30828-X9410-B082-35-7619
167/185

Issue 35
Messages like the following are written into the output area of the window:
<07/15/98
<07/15/98
<07/15/98
<07/15/98
<07/15/98
<07/15/98
<07/15/98
<07/15/98
11:18:21>
11:18:21>
11:18:22>
11:18:22>
11:18:22>
11:18:22>
11:18:22>
11:18:32>
Starting the X.25 software - please wait

X.25 : Creating link 0...
X.25 : link 0 has been started
X.25 has found a valid license
The network has been brought up.
--> X.25 output has been saved in /tmp/x25_output.
This was the last task of the X.25 Configuration. Now you can stop the X.25 Configuration program.
5.3.4
Configuring the Solstice OSI software
To configure the Solstice OSI software, carry out the following steps:
1. Login to the LIOS server with root user ID.
2. Check whether the osinetd process is running. If not, start it:
/etc/rc2.d/S90osinetd start
The Solstice OSI software you can configure as follows:
1. Start of the Solstice OSI Configuration program:

/opt/SUNWconn/bin/ositool
The OSI Administration Tool main window is opened:
Figure 5-13: OSI Administration Tool main window (Solstice OSI software)
2. Stack configuration:
To configure the local OSI stack, select the Stack Manager icon.
The Stack Manager window is opened:
168/185
A30828-X9410-B082-35-7619

Issue 35
Figure 5-14: Window Stack Manager of Solstice OSI software
3. Device configuration:
Select Devices from the Configuration pull-down list.
The Device Configuration window is opened:
Figure 5-15: Window Device Configuration of Solstice OSI software

From the Add pull-down list select X.25 Device.
A30828-X9410-B082-35-7619
169/185

Issue 35
For the required parameters, enter the following values:

Link Number
Number of the X.25 link specified in X.25 configuration.
Connection Pool
Maximum Number of simultaneously active

connections.
SNPA Address
local DTE address of HSI port
Confirm the settings with Apply and Save and close the Device Configuration window.
4. Application Selector configuration:

From the Configuration pull-down list in the Stack Manager select Application Selectors.
The Application Selectors window is opened.
From the Network Access pull-down list select X.25 and from the Applications pull-down list select
FTAM.
Figure 5-16: Window Application Selectors in Solstice OSI software

Define the Selectors of the local FTAM Initiator Application here. You can make entries in character and
hexadecimal format. For communication to many FTAM Partner systems these Application Selectors
must correspond to the entries for the remote system administered in the partner systems.
Confirm the entries with Apply and Save and close the Device Configuration window.
5. Configuration of Transport Layer:
In the Stack Manager window select Transport over CONS. The parameters for Transport over CONS
are displayed in the Stack Manager window:
170/185
A30828-X9410-B082-35-7619

Issue 35
Figure 5-17: Stack Manager in Solstice OSI software Configuration of Transport over CONS
Perform the following administration tasks:
Max PDU Size
4096
Class Options
Class 0 Only
Confirm the entries with Apply.

In the Stack Manager window, select the CONS entry. The parameters for CONS are displayed in the
Stack Manager window:
A30828-X9410-B082-35-7619
171/185

Issue 35
Figure 5-18: Stack Manager in Solstice OSI software Configuration of CONS
Check/Edit the correct value for Default X.25 Packet Size.

Confirm the entries with Apply and close the Stack Manager window.
7. Network Layer Addresses:

To define the access points to the X.25 Network, select the Network Layer Addresses icon from the Main
Window of ositool. The Network Layer Addresses window is opened.
From the NSAP Family pull-down list select Free form. For the Type used, select CONS:
Figure 5-19: Window Network Layer Addresses of Solstice OSI software

In the NSAP field, enter the complete NSAP address of the LIOS server as it is configured at every NE,
without separator.
172/185
A30828-X9410-B082-35-7619

Issue 35
Confirm the entries with Apply and close the Network Layer Addresses window.
5. Route Manager:
Configure the route manager of the OSI Stack for two kinds of partner systems, LEA and NE.
For FTAM to LEA, you must configured the routing software of the OSI Stack in such a way that the DTE
address of a partner system is derived from the NSAP address. Therefore you must configure prefix
routes.
For FTAM to NE a routing entry for each NE is necessary. Therefore you must configure host routes.
To define the routing entries of the OSI Stack, select the Route Manager icon in the main window of
Ositool.
Figure 5-20: Route Manager window Prefix Routes

Configuration of Prefix Routes to LEA
From the Category list select Prefix Routes and from Network select CONS.
Remove all existing (preconfigured) routes not needed for the applications to be used (e.g. routes with
NSAPs beginning with AFI = 52).
Configure all routes needed for the applications. Care is to be taken when you are configuring more
routing entries for the same AFI. The routing software walks through the entries from the beginning of the
table to the end. E.g. you have to configure the route for a DTE address with only 13 digits (SNPA Offset
3) before the route for a DTE address with 14 digits (SNPA Offset 2). Otherwise the Routing entry for
DTE addresses with 14 digits would be used for the DTE addresses with 13 digits, too.
For each routing entry to be configured select Extract Route. Define SNPA Offset (leading digits of the
NSAP address, that are not part of the DTE address) and the SNPA Length (length of the DTE address).
In addition, define the X.25 Service... parameters for each entry:
A30828-X9410-B082-35-7619
173/185

Issue 35
Figure 5-21: Remote X.25 Features window

Select Use Flow Control Parameter Negotiation if Flow Control is required for the connections used and
select the parameter values to be negotiated (Local/Remote Packed Size, Local/Remote Window Size).
Select Use Closed User Group and define the CUG Value if Closed User Group is required for the
connections used.
For X.25 Link Type you must select the value 1988 or 1984. For Addressing Mode you must
select CONS-84/88. Otherwise deriving of the DTE address from the NSAP address will not work.
Configuration of Host Routes to NE

From the Category list, select Host Routes from and Network select CONS.
Remove all existing (preconfigured) routes not needed for the applications to be used.
For each NE, configure a host routing entry as is shown in the following figures.
Figure 5-22: Route Manager window Host Routes
174/185
A30828-X9410-B082-35-7619

Issue 35
For each routing entry to be configured, select Direct Route and define NSAP (NSAP address) and
SNPA (DTE address).
In addition, define the X.25 Service... parameters for each entry:
Figure 5-23: Remote X.25 Features window

If Flow Control is required for the connections used, select Use Flow Control Parameter Negotiation and
the parameter values to be negotiated (Local/Remote Packed Size, Local/Remote Window Size).
If Closed User Group is required for the connections used, select Use Closed User Group and define the
CUG Value.
For X.25 Link Type you must select the value 1988 or 1984. For Addressing Mode you must select
CONS-84/88.
Save all administration tasks saved with Save in the main window and stop Ositool.
If the entries made are not saved before Ositool is stopped, all changes will be lost!
Now the local configuration of the OSI Stack is finished.

5.3.5
Configuring the Solstice FTAM software
For configuring the Solstice FTAM software proceed as follows:

1. Login into the LIOS server with root user ID.
2. Disable the automatic start of the FTAM responder by renaming the startup file:
mv /etc/rc3.d/S147osiftrd /etc/rc3.d/s147osiftrd
(replace S with s)
The Responder function is not used for LIOS. A running FTAM Responder can be a security risk!
Start the Solstice FTAM Configuration tool ftamtool:
/opt/SUNWconn/bin/ftamtool
The main window of the FTAM Configuration Tool is displayed.
A30828-X9410-B082-35-7619
175/185

Issue 35
Figure 5-24: FTAM Configuration Tool of Solstice FTAM software main window
3. Configuration of local Initiator:
In the main window of the FTAM Configuration Tool, select the Local Initiator icon. The Local
Initiator Configuration window is opened:
Figure 5-25: Local Initiator Configuration of Solstice FTAM software

Disable the FTAM-2, NBS-9 and INTAP-1 document types (these document types are not used for
LIOS).
Confirm the entries made with Apply and OK.
Close the FTAM Configuration Tool.
176/185
A30828-X9410-B082-35-7619

Issue 35
The Responder function of Solstice FTAM is not used for LIOS, so you need not configure the Local
Responder. The Remote Systems Database is not configured by the ftamtool. This is done by the
LIOS applications Host Administration and LEA Administration, which allow partner administration from
remote hosts (NEs and LEAs).
This finishes the configuration of the local FTAM Stack.
5.4 Installing TopSec System (optional)

5.4.1
Overview
The Siemens TopSec System is used for Encryption of User Data in ISDN B Channel between two
Communication Partners. It contains the following products:
TopSec 702(703)
ISDN Encryption Box for ISDN BRI Interface
TopSec 730
ISDN Encryption Box for ISDN PRI Interface
TopSec administration software
For LIOS one TopSec 730 is installed between BinTec Bianca XL2 and the Network Terminator. The
TopSec 702 (or TopSec 703) are placed between the Network Terminator and the ISDN Terminaladapter.
The following picture gives a short overview about the hardware configuration of the TopSec Boxes in
combination wit LIOS:
A30828-X9410-B082-35-7619
177/185

Issue 35
LIO S client
LIO S server
( X.25)
X25/ISD N Router
BinTec Bianca XL2
TopSec
730
N etwork
term inators
ISD N N etw ork
N etwork term inator
TopSec
703 (702)
ISD N Term inaladapter
N etwork Elem ents

EW SD
Figure 5-26: Hardware Configuration overview of LIOS
5.4.2
Installation of administration software
The Installation of the administration software has to be done on one of the LIOS Servers.
The following steps have to be executed:
1. Install the administration software as described in [6], Section 2.
2. Initialize the administration software and define an administrator password as described in [6],
Section 5.
3. Login to the System as described in [6], Section 5.1 and create a Key Backup as described in [6],
Section 5.2 on a floppy disk. With this Key Backup file it is possible to login to the administration
software if you have forgotten your administrator password.
4. Define the system configuration of the administration program as described in [6], Section 5.4.
178/185
A30828-X9410-B082-35-7619

Issue 35
Figure 5-27: Configuration of the TopSec Administration Tool

5. Define the default configuration of the TopSec Boxes as described in [6] Section 5.5.1.
The following parameters have to be entered (for the other parameters the default values should be
used):
Parameter
Parameter value
Speech, going out
Always encrypted
Plain incoming speech
Not selected
Data, going out
Always encrypted
Plain incoming data
Not selected
Membership
Group 1
Layer Activity
Layer 1 and 2 always active
Table 5-3: Default parameters for the administration of TopSec Boxes
A30828-X9410-B082-35-7619
179/185

Issue 35
Figure 5-28: Default Configuration of the TopSec Boxes
5.4.3
Initialization of TopSec Boxes
Before any TopSec Box can be used in the administered system it has to be initialized. The initialization
of the TopSec Boxes can only be done via a serial port, Initialization via ISDN is not possible. To connect
the LIOS server with the given TopSec Box, the serial cables delivered with the administration software
have to be used:
TopSec 730: Connect the serial cable with a free serial port of the LIOS server and the serial port
placed on the front side of the TopSec 730 Box
TopSec 702 (703): Connect the serial cable with a free serial port of the LIOS server and the middle
S0 Port (RJ45) of the TopSec 702 (703) Box.
To add a new TopSec Box to the system you have to do the following:
1. Connect the new box to the serial port of the LIOS server as described above
2. Generate a new entry in the Device table as described in [6], Section 5.5.3
The following parameters have to be entered in addition to the default configuration:
Parameter
Parameter value
Device ID
Any unique number higher than 2
Type of the Box
Enter the correct value 730, 702 703
Dial Number
Enter the correct dial number necessary for calling the

TopSec Box via ISDN (administration)
Description
Optional: any describing text
Table 5-4: Parameters for a new TopSec Box
180/185
A30828-X9410-B082-35-7619

Issue 35
Figure 5-29: Device Table with all configured TopSec Boxes

3. Initialize the new box as described in [6], Section 5.5.5
After this initialization task the TopSec box can be put to its operating destination and plugged into the
ISDN connection. Any further configuration task can be done via ISDN if necessary.
5.4.4
Administration of TopSec Boxes
5.4.4.1 Firmware update

For updating the Firmware of any TopSec Box you have to do the following:
1. Select the given TopSec Device in the Devices Table through a double-click on the Device ID field
2. Enter the name of the new firmware file, that resides in the directory specified in the configuration
window. Close the window.
(These two tasks have to be done for every TopSec Box, for which the firmware has to be updated.)
3. Select all TopSec Boxes you want to update.
4. Change to the Jobs window and select Firmware Update.
5. Start the Firmware Update by pressing on Start Selected Job
A30828-X9410-B082-35-7619
181/185

Issue 35
Figure 5-30: Jobs form of the TopSec Administration

The update of the firmware takes a few minutes for every TopSec Box.
5.4.5
Switch to Plain Data Transfer
For test purposes or if there are problems with the encrypted data transfer on the ISDN connection, it is
possible to switch from encrypted to plain data transfer. Therefore you have to do the following:
1. Select every TopSec Box you want to modify and change the following two parameters
Parameter
Parameter Value
Data, going out
Always clear
Plain incoming data
Selected
Table 5-5: Parameter table for changing to plain data transfer
182/185
A30828-X9410-B082-35-7619

Issue 35
Figure 5-31: Device Configuration of TopSec Box for plain data transfer
For proper functioning of the whole LIOS configuration you have to change this behavior for every
Box, that is involved.
2. Select every TopSec Box, that has to be updated.
3. Change to the Jobs form and select Parameter Update.
4. Start the Parameter Update by pressing on Start Selected Job
To configure the functionality back (from plain to encrypted) you have to execute the same steps with the
original parameter values.
A30828-X9410-B082-35-7619
183/185

Issue 35
Annex 1: external alarming email and SMS formats
If external alarming has been purchased, it is possible to send alarms as a message via the PIMS
application to external targets. The PIMS application sends the alarm message to the recipients as email
or SMS. The next sections describe the look of a message for each medium.
6.1 Format of the alarm message for email

The personal name in the From part contains the alarm name. The body of the email contains the rest of
the alarm message. Each line contains a parameter. Possible parameters are:
The creation time of the alarm (format: <d.m hh:mm>). This parameter is mandatory.
The hostname of the LIOS server on which the alarm was processed. This parameter is mandatory.
NE to which the observation belongs (in case of observation-related alarms). This parameter is only
mandatory for group alarms.
LIOS operator to whom the observation belongs. This parameter is only mandatory for group alarms.
LIOS operator group to which the observation belongs. This parameter is only mandatory for group
alarms.
Unique observation identifier. This parameter is only mandatory for group alarms.
Description of the alarm. This parameter is mandatory.
Example:
5.5 23:59
Host1
NE:EWSD1
User:op1
Group:opgroup1
OBSid:123
Desc:Error
6.2 Format of the alarm message for SMS

The whole alarm message is sent as a single SMS. Since the length of an SMS is limited to 160
characters, it is possible that the description of the alarm is truncated.
Each line contains a parameter, except the first line (contains two parameters). The line content is:
The alarm name followed by the separator (:) and the creation time of the alarm (format: <d.m
hh:mm>). These parameters are mandatory.
The hostname of the LIOS server on which the alarm was processed. This parameter is mandatory.
NE to which the observation belongs (in case of observation related alarms). This parameter is only
mandatory for group alarms.
LIOS operator to whom the observation belongs. This parameter is only mandatory for group alarms.
LIOS operator group to which the observation belongs. This parameter is only mandatory for group
alarms.
Unique observation identifier. This parameter is only mandatory for group alarms.
Description of the alarm. This parameter is mandatory.
Example:
184/185
A-OIF-00004:5.5 23:59
Host1
NE:EWSD1
User:op1
Group:opgroup1
OBSid:123
Desc:Error
A30828-X9410-B082-35-7619

Issue 35
Annex 2: LIOS supported network elements
The following network elements are supported by LIOS:
Network element
Version
Siemens EWSD
Versions 11 - Version 18
Siemens Surpass hiE9200
Version 1, Version 3, Version 3.2
Version 4
Release 8, Release 10, Release 11
Release 9, Release 10, Release 11
Siemens IN@vantage
Version 7.5 FN
Siemens Mobile (MSC)
Version SR9, SR10, SR11 and SR12
Siemens IP mediation device
Version 3.5
Alcatel S12
MODEL 1400
Huawei C&C08
Version C&C08
Huawei GSM
Based on HUAWEI interface specification version 1.24
Nortel (KCC LIM) *
Version OES-D
Utimaco IMS
RAI 2.0
Table 7-1: LIOS supported network elements
*) Via Lawful Interception Manager (LIM) by KCC.
A30828-X9410-B082-35-7619
185/185

Um Adm V82 35 Ius

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Um Adm V82 35 Ius

Uploaded by

Copyright:

Available Formats

s

User Manual Administrator

All Rights Reserved.

LIOS V8.2 User Manual Administrator

Copyright 2007 Siemens AG sterreich (Siemens Austria)

LIOS V8.2 User Manual Administrator

List of Figures .......................................................................................................................10

List of Tables ........................................................................................................................12

Documentation overview ......................................................................................................14

Target group and structure of this manual ...........................................................................14

SYSTEM DESCRIPTION ....................................................................................15

The Siemens Lawful Interception solution............................................................................15

WORKING WITH LIOS........................................................................................27

The LIOS GUI.......................................................................................................................27

User Administration ..............................................................................................................33

User Administration: Groups ................................................................................................38

Host Administration: NEs......................................................................................................42

LIOS V8.2 User Manual Administrator

Siemens hiQ 4200 and 8000 ................................................................................................48

Host Administration: OS Servers..........................................................................................70

Host Administration: LIOS Servers.......................................................................................80

Host Administration: NE Networks .......................................................................................85

LEA Administration ...............................................................................................................89

LIOS V8.2 User Manual Administrator

Siemens MSC observation parameters................................................................................96

LEA Administration: CUGs .................................................................................................110

About alarms ......................................................................................................................112

Alarm browser ....................................................................................................................119

MML Handling ....................................................................................................................127

MML console ......................................................................................................................127

MML browser ......................................................................................................................133

SPECIAL WORKING PROCEDURES...............................................................141

Ticket buffer management (only for EWSD and hiQ/E9200) .............................................141

Configuring LI NE alarm filtering (lios.properties file).........................................................143

Configuring cyclic DB synchronization ...............................................................................144

Automatic DN synchronization following a Massive DN modification alarm.....................144

Upgrading the LIOS license................................................................................................144

Setting up a new EWSD or hiQ/E9200 NE in the LIOS system ........................................145

Handling an EWSD / hiQ/E9200 upgrade ..........................................................................145

Setting ETSI properties for NE ID (X.25 and E.164) ..........................................................146

Configuring maximum number of NE connections for EFD Administration .......................146

LIOS V8.2 User Manual Administrator

Setting active/passive FTP to LEAs and MCs (LIOS.properties file) .................................147

Switching parallel ticket sending on and off (LIOS.properties file) .....................................147

NTP Configuration for LIOS................................................................................................148

Turning off the LIOS-proprietary time synchronization.......................................................152

Changing export format (field delimiter) in the LIOS.properties file ...................................152

SYSTEM CONFIGURATION .............................................................................154

FTAM configuration ............................................................................................................155

Installing TopSec System (optional)...................................................................................177

ANNEX 1: EXTERNAL ALARMING EMAIL AND SMS FORMATS ................184

Format of the alarm message for email..............................................................................184

Format of the alarm message for SMS ..............................................................................184

ANNEX 2: LIOS SUPPORTED NETWORK ELEMENTS ...............................185

LIOS V8.2 User Manual Administrator

Application Entity Qualifier

Address Facility Identification

Application Program Qualifier

BInTec Advanced Network Communication Architecture

ISDN Basic Rate Interface

Call Data Channel

Common Gateway Interface

LIOS V8.2 User Manual Administrator