This is an old revision of the document!

SCAT DPI exports statistics by protocols and by directions in netflow5 format. This format is supported by most of free and commercial tools to collect and analyse stat data. For your convenience, we deliver free SW to view and analyse statistics - slightly adopted version of nfsen, with extensions to build reports by protocols and independent systems' names.

Transmission of the DPI information by netflow5 has some peculiarities:

1. The information on the used protocol is defined in dstport field (port number). The port number specified by IANA association for the protocol is used when available. However, for the protocols with floating number (torrents, skype and so on) the special number in the upper range (49152-65534) is reserved. This range is specified by IANA for private ports. The port number 65535 is assigned for protocols that failed to be detected.
2. The statistics by protocols is transmitted in aggregated format. DPI accumulates statistics by the protocol by combining an information from various sessions. Then DPI sends this information to a collector within the specified schedule. This method allows dramatical reduction of amount of transmitted data.
3. Direction information is defined by dst_as field (independent system's number)
4. The statistics by directions is transmitted in aggregated format. DPI accumulates statistics by the direction (AS number) by combining an information from various sessions. Then DPI sends this information to a collector within the specified schedule. This method allows dramatical reduction of amount of transmitted data.

The scheduled development: