Saturday, July 9, 2011

NAT Is Not Security

At best, Network Address Translation is security by obscurity. In other words, NAT is not security. Where did this idea come from? Even worse, it comes up regularly when discussing IPv6, which does not have NAT, a condition that that is seen as a huge negative of IPv6.

Of course, a properly configured stateful firewall will have exactly the same effect as NAT. I suppose the problem is the "properly configured" part. People expect things to just work without requiring any knowledge or skills.

No comments:

Post a Comment