What really breaks the "end-to-end nature of the Internet"
Published Jul 25, 2008
Version 1.0Was this article helpful?
NAT was not designed as a security measure, but it has morphed into one over the years.
NAT actually minimizes the number of IP addys that need to be managed at the edge on egress assuming that the administrator is properly managing NAT pools and keeping the pools to the minimum size necessary. A well architected network can make use of NAT functionality to further segregate traffic in order to apply appropriate security policies both on egress and ingress.
I don't know any of any reputable organization that does not employ a firewall. NAT isn't used in place of security, it by nature adds another layer of security on egress.