In message <001501bfaf43$127e4d00$3490130a(_at_)cisco(_dot_)com>, "Eliot Lear"
writes:
It is a complete fallacy that NAT provides any sort of security. It does
no such thing. Security is provide by a firewall, and (more importantly)
by strong security policies that are policed and enforced.
Eliot is absolutely right. A NAT box *might* be part of a firewall, but by
itself it isn't one. It's no more secure, and often less so, than an
application-level firewall.
The myth that NATs per se provide strong security is one of the greatest
barriers to their elimination.
--Steve Bellovin