Due to the low cost and the convenience of Internet, the Voice over Internet Protocol（VoIP）services are also attracting the subscribers of the traditional telephone to turn to use this new technology. For VoIP to be commercialized, it must support Lawful Interception which is required by the Law Enforcement Agency of each country. In contrast to the Public Switched Telephone Network（PSTN）which has a good monitoring system, it is more difficult to develop a monitoring system for VoIP because the sound transmission in VoIP need not go through the central office (CO). 　 Recently, a few VoIP monitoring systems are proposed, but most of them need to revise the SIP proxy server behavior. They rely on the SIP proxy server to modify the SIP message body to conduct the monitoring. However, SIP is an open communication protocol; anyone may develop his/her own SIP server, so the server-based solution of monitoring will not always work. Moreover, because redirecting the packet flow to the monitoring device will change the route, it may be easy for people to detect that their conversation is being monitored. Users may also apply S/MIME to encrypt the contents of the SIP message body to prevent them from being modified by the SIP proxy server. Furthermore, the system stores the audio conversation in files, so the disk I/O will cause significant performance issues. As the requests for more monitoring increase, this will become the performance bottleneck. 　 To conquer the above pitfalls, this thesis proposes a distributed architecture of VoIP monitoring. We will distribute the monitoring equipment in many subnets, and wiretapping can be done by immediately passing the intercepted audio packets to the Law Enforcement Agency. In a word, this thesis proposes an architecture which is easy to deploy in different environments without amending the existing SIP proxy server, and it can support the real-time monitoring of audio conversation easily.