Why should the users be limited to what IT managers decide is good or bad?
Internet is build on dumb network, smart terminal. End-users are suppose
to be able to put up their own services, not just running some apps.
This has been the Internet principles and have serves us well so far.
(The telcos model, OTOH, is the inverse, assuming smart network and very
very dumb terminal.)
What applications that people want to run--and the IT managers would
want to enable--are actually inhibited by NAT? It seems to me that
most of the applications inconvenienced by NAT are ones that IT
managers would want to screen off anyway.