If you want to address denial of service issues you need protocol enforcement points.
NAT is a denial of service attack, not a means of policy enforcement.