Owen DeLong <owen@delong.com> writes:
In all reality:
1. NAT has nothing to do with security. Stateful inspection provides security, NAT just mangles addresses.
You know that, I know that and (hopefully) all people on this list know that. But NAT == security was and still is sold by many people.
Most customers don't know or care what NAT is and wouldn't know the difference between a NAT firewall and a stateful inspection firewall.
I Agree. But there are also many people who want to believe in NAT as security feature. After one of my talks about IPv6 the firewall admins of a company said something like: "So we can't use NAT as an excuse anymore and have to configure firewall rules? We don't want this." cheers Jens -- ------------------------------------------------------------------------- | Foelderichstr. 40 | 13595 Berlin, Germany | +49-151-18721264 | | http://blog.quux.de | jabber: jenslink@guug.de | ------------------- | -------------------------------------------------------------------------