My organization has a facility in Thailand. However, we provide internet service to all of our Asian sites through a regional link in Hong Kong. Late 2007 and early 2008 Thailand passed a law (B.E. 2550) requiring service providers to maintain 90 days of internet traffic data logs. The logging requirements are pretty detailed. Some of the requirements include:
* Data that can identify and trace to the source of origin, starting point, destination point, and the paths of communication of the computer system.
* Data that can specify date, time and period of time of communication of the computer system.
*Internet data arisen from accessing to network system (translated from Thai):
- Access logs specific to authentication and authorization servers, such as TACACS or RADIUS or DIAMETER
- Date and time of connection of client to server.
- User ID
- Assigned IP address
* Internet data on email servers
- SMTP logs:
-- Message ID
-- Sender email address
-- Receiver email address
-- Status indicator which are electronics mail successfully sent, returned electronics mail, delayed electronics mail, etc.
- IP address of client connected to server
- Date and time of connection of client connected to server
- IP address of sending computer
- User ID, if any.
- POP3 or IMAP4 log
There are other similar categories and logging requirements. Is there anyone out there providing internet access to sites in Thailand and you have chosen a solution to meet these logging requirements? If so, what solution did you choose? If you have implemented a logging solution elsewhere what solution did you choose and what solutions did you consider?
Your help is greatly appreciated!