Sun Apr 17 13:10:11 EDT 2011
secure than not. That's such a silly question that I would be reluctant to
pay this consultant, if this is a major piece of his strategy. There are
reasons to use NAT, but security isn't really one of them. Some argue that
NAT obfuscates the structure of the network behind the NAT, but to me
"security through obscurity" is a pretty slim reason for using it.
If the address space isn't constrained, just use public addresses (still
behind the firewall) for your servers. At this point, if you have
public-facing servers, you should at least have a plan that includes IPv6 as
well, which will factor into the NAT/no NAT decision.
htroberts at gmail.com
More information about the TriLUG