North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: IPv6 NAT
On 31 Oct 2003, at 11:43, Patrick W. Gilmore wrote: It's not the NAT that those boxes are doing which protected Joe User (no relation). It's the firewall function of those boxes -- the function which stops certain traffic being permitted through the front door -- which stopped the viruses outside the front door infecting the windows box in the dining room.Disagree.There is NO security benefit to NAT/PAT/NAPT. The $50 NAT device performs the firewall function as well as the NAT function. A $50 device which just provided the firewall function would protect Joe User just as well from viruses. The NAT function is required because Joe User requires multiple addresses, but his ISP will only give him one. That's orthogonal to the firewall function. Let's move on. Joe
|