On Wed, Mar 21, 2007 at 2:41 AM, Tarig Ahmed <tariq198487@hotmail.com> wrote:
We have wide range of Public IP addresses, I tried to assign public ip directly to a server behined firewall( in DMZ), but I have been resisted. Security guy told me is not correct to assign public ip to a server, it should have private ip for security reasons.
Is it true that NAT can provide more security?
Thanks,
Tarig Yassin Ahmed
I assume you are talking about the protection to the current running "public facing" servers, hence the NAT could not provide more protection to them compares to a proper configed firewall. However, for a small business who does not have its own ASN & Provider Independent IP block(s), a NAT (NAT44 and NAT66) could provide lots of protection on IT resources when there is a need to install multiple Internet access lines for providing quickly failover (manual or automatic, doesn't matter) and/or load-sharing capability to end users. -- Michel~