Apparatus and method for lawful interception

1 . An apparatus in a communication system, said apparatus configured to control a network switch of the communication system, said apparatus comprising: at least one processor; and at least one memory including computer program code, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus at least to perform: receive from a gateway apparatus an intercept request regarding user equipment in the communication system; create or modify a processing rule regarding the user equipment by including interception in the rule; transmit to the network switch processing user equipment connections a command to clone and encrypt each signalling or data packet of the user equipment connection and to transmit the encrypted signalling and data packets to a given network apparatus. 2 . The apparatus of claim 1 , wherein the apparatus is configured to if a processing rule regarding the user equipment exists, modify the processing rule by including interception in the rule. 3 . The apparatus of claim 1 , wherein the apparatus is configured to if a processing rule regarding the user equipment does not exist, create the processing rule and include interception command in the rule. 4 . The apparatus of claim 1 , wherein the user equipment connection is identified by an Internet Protocol (IP) address or a General packet radio service (GPRS) tunnelling protocol (GTP) tunnel endpoint identifier (TEID). 5 . The apparatus of claim 1 , wherein the apparatus is configured to send the network switch processing user equipment connections a command utilising an OpenFlow secure channel. 6 . The apparatus of claim 1 , wherein the apparatus is configured to obtain information that the user equipment connection is terminated; send the network switch a command to cease cloning and encrypting. 7 . The apparatus of claim 1 , wherein the apparatus is configured to direct cloned packets to a given output port; and wherein the apparatus comprises an encryption module configured to encrypt all packets directed to the given output port and forward the encrypted packets to a given network apparatus. 8 . The apparatus of claim 1 , wherein the apparatus is configured to prohibit Operation & Maintenance interfaces access to the rules related to interception. 9 . An apparatus in a communication system, said apparatus configured to be controlled by a controlling network element of the communication system, said apparatus comprising: at least one processor; and at least one memory including computer program code, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus at least to perform: process user equipment connections by directing data signalling packets between user equipment and a gateway apparatus; receive from a controlling network element an intercept command related to a given user equipment connection; clone each signalling or data packet of the given user equipment connection; encrypt the cloned signalling and data packets; and transmit the encrypted signalling and data packets to a given network apparatus. 10 . The apparatus of claim 9 , wherein the user equipment connection is identified by an Internet Protocol (IP) address or a General packet radio service (GPRS) tunnelling protocol (GTP) tunnel endpoint identifier (TEID). 11 . The apparatus of claim 9 , wherein the apparatus is configured to receive the command utilising an OpenFlow secure channel. 12 . The apparatus of claim 9 , wherein the apparatus is configured to receive from a controlling network element a command to cease cloning and encrypting; cease the cloning and encrypting on the basis of the command and delete the intercept command. 13 . The apparatus of claim 9 , wherein the apparatus is configured to prohibit Operation & Maintenance interfaces access to the cloned signalling and data packets. 14 . The apparatus of claim 9 , wherein the apparatus is an OpenFlow switch. 15 . An apparatus in a communication system, said apparatus comprising: at least one processor; and at least one memory including computer program code, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus at least to perform: receive from a network apparatus an intercept request regarding a user equipment in the communication system, obtain information that a connection has been set up for the user equipment; transmit, to controlling network element that is controlling a network switch, a command to intercept the user equipment connection, the command comprising identification of the connection; transmit to the network apparatus interception related information (IRI). 16 . The apparatus of claim 15 , wherein the user equipment is identified by Mobile Subscriber Integrated Services Digital Network Number, International mobile subscriber identity or International Mobile Station Equipment Identity. 17 . The apparatus of claim 15 , wherein the user equipment connection is identified by an Internet Protocol (IP) address or a General packet radio service (GPRS) tunnelling protocol (GTP) tunnel identifier (TEID). 18 . A method in a communication system, comprising: receiving, by a controlling network element, from a gateway apparatus an intercept request regarding user equipment in the communication system; creating or modifying a processing rule regarding the user equipment by including interception in the rule; transmitting to a network switch processing user equipment connections a command to clone and encrypt each signalling or data packet of the user equipment connection and to transmit the encrypted signalling and data packets to a given network apparatus. 19 .- 25 . (canceled) 26 . A method in a communication system, comprising: processing, by a network switch, user equipment connections by directing data signalling packets between user equipment and a gateway apparatus; receiving from a controlling network element an intercept command related to a given user equipment connection; cloning each signalling or data packet of the given user equipment connection; encrypting the cloned signalling and data packets; and transmitting the encrypted signalling and data packets to a given network apparatus. 27 .- 30 . (canceled) 31 . A method in a communication system, comprising: receiving, by a gateway apparatus, from a network apparatus an intercept request regarding user equipment in the communication system; obtaining information that a connection has been set up for the user equipment; transmitting, to a controlling network element that is controlling a network switch, a command to intercept the user equipment connection, the command comprising identification of the connection; transmitting to the network apparatus interception related information (IRI). 32 . (canceled) 33 . (canceled) 34 . A non-transitory computer readable storage medium storing instructions which, when executed by one or more processors of an apparatus, at least one of a first method, a second method, and a third method, wherein the first method comprises: receiving from a gateway apparatus an intercept request regarding user equipment in the communication system; creating or modifying a processing rule regarding the user equipment by including interception in the ru