“Anti-NAT” – the system designed for processing the information about communication services provided to subscribers, as well as for identification of the internal address of the subscriber.
“Anti-NAT” is developed in accordance with the Government Resolution №538 from August 27, 2005 about “the Rules for Interaction by Communication Operators with Authorized Government Agencies conducting operative crime detection activities”.
4 10GE ports: 2 on the traffic input “before NAT”, 2 on the traffic input “after NAT”.
Types of saved fields:
- T (local clock of the device “Anti-NAT” flow-through time);
- LOCAL-IP (subscriber’s local address);
- LOCAL-PORT (subscriber’s port in the local network);
- GW-LOCAL-IP (local address of the gateway in the subscriber network);
- GW-GLOBAL-IP (the address from which this flow was seen on the resource);
- GW-GLOBAL-PORT (the subscriber’s port in the global network from which the subscriber was seen on the resource);
- REMOTE-IP (the global resource address);
- REMOTE-PORT (the resource service port).
“The registered information of NAT-translations in automatic mode is transferred to the Information System of the Operative-Search Activities DB “Yakhont” for processing and accumulation”
- Server for installation in the 1U high rack;
- 2 rays of feed;
- The maximum power consumption is 460W.
Principle of work:
From logs of the visited resource, for example Apache, define the external IP-adress, port and time, from which the subscriber got behind NAT and define the internal address by it.