Anti-NAT

«Anti-NAT» — the system designed  for processing the information about communication services provided to subscribers, as well as for identification of the internal address of the subscriber.

«Anti-NAT» is developed in accordance with the Government Resolution №538 from August 27, 2005 about «the Rules for Interaction by Communication Operators with Authorized Government Agencies conducting operative crime detection activities».

Technical Characterisctics:

4 10GE ports: 2 on the traffic input «before NAT», 2 on the traffic input «after NAT».

Types of saved fields:

  • T (local clock of the device «Anti-NAT» flow-through time);
  • LOCAL-IP (subscriber’s local address);
  • LOCAL-PORT (subscriber’s port in the local network);
  • GW-LOCAL-IP (local address of the gateway in the subscriber network);
  • GW-GLOBAL-IP (the address from which this flow was seen on the resource);
  • GW-GLOBAL-PORT (the subscriber’s port in the global network from which the subscriber was seen on the resource);
  • REMOTE-IP (the global resource address);
  • REMOTE-PORT (the resource service port).

Search fields combinations:

  • T;
  • T+LOCAL-IP;
  • T+REMOTE-IP+REMOTE-PORT;
  • T+GW-GLOBAL-IP+GW-GLOBAL-PORT.

Indication of temporary parameters during the search allows to compensate the possible difference in hours between «Anti-NAT» and other devices.

Issue format:

  • CSV;
  • Table in HTML.

Energy efficiency:

  • Server for installation in the 1U high rack;
  • 2 rays of feed;
  • The maximum power consumption is 460W.

Principle of work:

From logs of the visited resource, for example Apache, define the external IP-adress, port and time, from which the subscriber got behind NAT and define the internal address by it.

The scheme of «Anti-NAT» connection: