Tracing Network Activity with CGNAT and Subscriber-Aware Logging (A10 LightTalk 101)

In this video we look at implementing Carrier-Grade NAT (CGNAT) with subscriber-aware logging in a service provider deployment. To comply with federal regulations, service providers keep track of network activity of subscribers by maintaining logs of mapping from a subscriber’s private IP address to public IP address as the subscriber traverse the internet. However this is not sufficient to trace malicious network activity to the real subscriber and the process of doing so involves going through different sets of logs maintained by different groups. This process can take a long time and involves multiple groups.

A10’s solution of CGNAT with subscriber-aware logging resolves this challenge by logging a single unified message with all the subscriber details along with CGNAT mapping. This greatly reduces the time to trace network activity to the actual subscriber as well enables consolidation of multiple log databases into a single one.