nanog mailing list archives

Re: quietly....

From: Jay Ashworth <jra () baylink com>
Date: Thu, 3 Feb 2011 11:27:06 -0500 (EST)

----- Original Message -----

From: "Owen DeLong" <owen () delong com>
The point I'm trying to get across to you is that your security does
NOT come from NAT. It comes from the stateful inspection mechanism and
the policies you set within that stateful inspection mechanism. The
unfortunate problem is that an entire generation of engineers has
grown up not knowing the difference between stateful inspection and
NAT because hardly any products contained stateful inspection without
NAT and stateful inspection with address translation is a mouthful
and NAT is a syllable.


The point you *appear* to be trying to make is that *NO* security comes
from NAT, and that is not a defensible argument.

If that's not what you mean to say, you might want to reexamine your
phrasing.  :-)

Cheers,
-- jra

Current thread:

Re: quietly...., (continued)
- Re: quietly.... Brandon Butterworth (Feb 02)
- Re: quietly.... Tim Franklin (Feb 02)
  - Re: quietly.... Tony Finch (Feb 02)
- Re: quietly.... Brandon Butterworth (Feb 02)
  - Re: quietly.... Jimmy Hess (Feb 02)
    - Re: quietly.... Derek J. Balling (Feb 03)
    - RE: quietly.... Jamie Bowden (Feb 03)
- Re: quietly.... Brandon Butterworth (Feb 03)
- Re: quietly.... Brandon Butterworth (Feb 03)
- Re: quietly.... Jay Ashworth (Feb 03)
- Re: quietly.... Jay Ashworth (Feb 03)
- Re: quietly.... Pekka Savola (Feb 04)
- Re: quietly.... Jay Ashworth (Feb 13)