Anti-NAT

"Anti-NAT" - the system designed  for processing the information about communication services provided to subscribers, as well as for identification of the internal address of the subscriber.

"Anti-NAT" is developed in accordance with the Government Resolution №538 from August 27, 2005 about "the Rules for Interaction by Communication Operators with Authorized Government Agencies conducting operative crime detection activities".

Technical Characterisctics:

4 10GE ports: 2 on the traffic input "before NAT", 2 on the traffic input "after NAT".

Types of saved fields:

  • T (local clock of the device "Anti-NAT" flow-through time);
  • LOCAL-IP (subscriber's local address);
  • LOCAL-PORT (subscriber's port in the local network);
  • GW-LOCAL-IP (local address of the gateway in the subscriber network);
  • GW-GLOBAL-IP (the address from which this flow was seen on the resource);
  • GW-GLOBAL-PORT (the subscriber's port in the global network from which the subscriber was seen on the resource);
  • REMOTE-IP (the global resource address);
  • REMOTE-PORT (the resource service port).

Search fields combinations:

  • T;
  • T+LOCAL-IP;
  • T+REMOTE-IP+REMOTE-PORT;
  • T+GW-GLOBAL-IP+GW-GLOBAL-PORT.

Indication of temporary parameters during the search allows to compensate the possible difference in hours between "Anti-NAT" and other devices.

Issue format:

  • CSV;
  • Table in HTML.

Energy efficiency:

  • Server for installation in the 1U high rack;
  • 2 rays of feed;
  • The maximum power consumption is 460W.

Principle of work:

From logs of the visited resource, for example Apache, define the external IP-adress, port and time, from which the subscriber got behind NAT and define the internal address by it.

The scheme of "Anti-NAT" connection:

 

 

 

 

 

 

 

 

 

 

Brochure "Anti-NAT" (pdf)