"Anti-NAT" - the system designed  for processing the information about communication services provided to subscribers, as well as for identification of the internal address of the subscriber.

"Anti-NAT" is developed in accordance with the Government Resolution №538 from August 27, 2005 about "the Rules for Interaction by Communication Operators with Authorized Government Agencies conducting operative crime detection activities".

Technical Characterisctics:

4 10GE ports: 2 on the traffic input "before NAT", 2 on the traffic input "after NAT".

Types of saved fields:

  • T (local clock of the device "Anti-NAT" flow-through time);
  • LOCAL-IP (subscriber's local address);
  • LOCAL-PORT (subscriber's port in the local network);
  • GW-LOCAL-IP (local address of the gateway in the subscriber network);
  • GW-GLOBAL-IP (the address from which this flow was seen on the resource);
  • GW-GLOBAL-PORT (the subscriber's port in the global network from which the subscriber was seen on the resource);
  • REMOTE-IP (the global resource address);
  • REMOTE-PORT (the resource service port).

"The registered information of NAT-translations in automatic mode is transferred to the Information System of the Operative-Search Activities DB "Yakhont" for processing and accumulation"

Energy efficiency:

  • Server for installation in the 1U high rack;
  • 2 rays of feed;
  • The maximum power consumption is 460W.

Principle of work:

From logs of the visited resource, for example Apache, define the external IP-adress, port and time, from which the subscriber got behind NAT and define the internal address by it.

The scheme of "Anti-NAT" connection: