Hi,
There are several conflicting requirements, including:
- requirement to run a business which makes money - constraints on IPv4 addresses which mandate NAT - law enforcement requirements, mandating either logging / port tracking - network telemetry
law enforcement requirements aren't generally an issue until you get hit up by a LEA / court order, at which point they become critical to ensuring that your management doesn't end up displaying contempt of court. For some reason, management can get quite excited about this - more so than any enthusiasm they might ever show for good quality network telemetry.
I am so glad that Dutch law enforcement officially confirmed that logging is not allowed by law because of privacy impact, and that port tracking is not required. Yes: they see that this will cause problems. But "it's the law" (at least, the current law). - Sander