NAT Firewall Security Debate
Comments debate the misconception that NAT provides security like a firewall, stressing that NAT is an IPv4 address workaround and firewalls are essential for protection in both IPv4 and IPv6 environments.
Activity Over Time
Top Contributors
Keywords
Sample Comments
That's what a firewall is for, NAT does nothing here.
NAT is not a firewall, it's a hack to keep ipv4 working today.
NAT doesn't protect anything, firewall does that
NAT is not a security measure. You want a firewall regardless of whether you’re running IPv4 or IPv6
You can no longer rely on NAT to provide a default firewall, can you?
Home routers are doing IPv6 firewalling by default, no need for NAT. NAT is strictly inferior to firewalling.(Of course you shouldn't put things on your internet-connected network that need the firewall, just look at it as a porous defense-in-depth element, just like with IPv4)
Your appliance 'router' can (and probably does) run a firewall to give you that kind of control. NAT never really gave you that.
NAT is not a security measure but a way to save on IP space or avoid remaking a topology on network addresses changes. For actual security you need a firewall
The lack of NAT has no bearing on security. Despite an old mistaken belief.
AFAIK NAT goes away but firewall don't (but then firewalls have a horrible fail-open problem since all IPs are routable).