General discussion


Strengthen security by implementing NAT

By MaryWeilage Editor ·
Does your organization use Network Address Translation on its network? If so, what type of NAT have you implemented? What problems did you encounter with your deployment? Share your comments about implementing NAT to help bolster security, as discussed in the Oct. 15 Security Solutions newsletter.

If you haven't subscribed to our free Security Solutions newsletter, sign up today! Click this link to subscribe automatically:

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

Home and business uses

by Roger In reply to Strengthen security by im ...

I use NAT on home computers and business computers. I have found that the frequency of virus attacks on my computers has dropped significantly since installing a router between the internet and my computers (even if using only 1 computer) since the router does not allow access to the computer(s) unless the internal PC initiates the connection. Even with a good, up to date virus scanner, there are virus programs that can sneak into a computer, but those programs don't seem to be able to go through a router that is also doing NAT. If a router can not do secure communications then don't allow computers outside your network to manage your router. The router password would be passed as plain text across the internet, and your security would be gone. Also, I would suggest that you use a secure password for router access that includes at least 8 characters and includes random letters and numbers. I sometimes use part of the serial number of the router if it fits in. For example a company named ABC computing with a router SN of 123456 might become a123b456c. Using this technique but not using sequential numbers or letters might be better for example: a123c654b if the serial number is sequential. I have a real device (not visible on my network) with the serial number tw23721860. If I merge this with my name my password would become rtowg2e3r721860. This would be harder to guess.

Collapse -

Of Course

by dallas_dc In reply to Strengthen security by im ...

We have had NAT enabled for years. I haven't really thought about it in a while. We use Novell's Border Mgr firewall with both static (for things like ftp servers, and smtp gateways) and dynamic (users and server which do not need to be accessible from the outside). Works great.

Collapse -

YaBut Costello

by megatech In reply to Strengthen security by im ...

Use Nat for all connections to internet. Saves many Headaches. However just recently ISP won't allow trace route with NAT. Really sucks when routing gets fubar...megatech

Related Discussions

Related Forums