- Enables mobile network operators and IT security administrators to detect unauthorised network devices
- This uncovers mobile tethering fraud and prevents cyberattacks
ipoque GmbH, a Rohde & Schwarz company for providing deep packet inspection (DPI) software, announces the launch of an easy-to-integrate software plug-in for network address translation (NAT) detection and mobile tethering transparency suitable for analytics and cybersecurity vendors. The plug-in, in combination with the OEM DPI software R&S®PACE 2 detects NATing and devices behind the corresponding routing device, as well as the applications used.
Detecting NATing and the devices behind it is difficult. Routers, wireless access points or smartphones with tethering option, are capable of mapping multiple devices to one publicly exposed IP address. Private and public network areas are separated with NAT. Since multiple network devices with their distinct private IP addresses hide behind a single public IP address, network resources can be misused.
This promotes tethering fraud, as subscribers exploit tethering to use mobile internet access for laptops or tablets or to grant secondary users free access to their data plans. It also poses a threat to enterprise environments as unauthorised devices such as personal devices are outside the scope of traditional IT security and are able to create an insecure access point to the internal enterprise network.
Detecting any misuse
With the new NAT/ mobile tethering transparency plug-in, analytics and cybersecurity vendors can now enhance their solution with cutting-edge IP traffic analytics to reveal devices behind a NATing device and tethering fraud in a specific network. By using such a solution, mobile network operators can detect and bill subscribers for unauthorised use of their data plans, and IT administrators can secure their networks.
The NAT/ mobile tethering transparency plug-in requires R&S®PACE 2. It adds IP traffic analytics capabilities to network analytics, traffic management and network security solutions by classifying thousands of applications and protocols and providing content and metadata extraction regardless of whether the protocols use advanced obfuscation, port-hopping techniques or encryption. With no vendor lock-in and thanks to open APIs, both R&S®PACE 2 and the plug-in itself are easy to integrate and simple to manage.