On Fri, Jan 7, 2011 at 8:02 PM, Dobbins, Roland <rdobbins@arbor.net> wrote:
NAT has no inherent security benefits whatsoever.
Hi Roland, With that statement, you paint with a remarkably broad brush. As you know, folks use (or perhaps misuse) the term "NAT" to describe everything from RFC 1631 to so-called "transparent proxies" which are basically bastion hosts with some fancy behavior on the interior interface. I presume you don't intend us to conclude that a bastion host firewall provides no security benefit to the equipment it protects. Would you care to clarify which of that range of technologies you consider to serve no security function? Regards, Bill Herrin -- William D. Herrin ................ herrin@dirtside.comĀ bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004