[136498] in North American Network Operators' Group
Re: quietly....
daemon@ATHENA.MIT.EDU (Jay Ashworth)
Thu Feb 3 11:27:38 2011
Date: Thu, 3 Feb 2011 11:27:06 -0500 (EST)
From: Jay Ashworth <jra@baylink.com>
To: NANOG <nanog@nanog.org>
In-Reply-To: <9CF17C6A-4A8D-4687-A8A9-5474BD26DEDB@delong.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
----- Original Message -----
> From: "Owen DeLong" <owen@delong.com>
> The point I'm trying to get across to you is that your security does
> NOT come from NAT. It comes from the stateful inspection mechanism and
> the policies you set within that stateful inspection mechanism. The
> unfortunate problem is that an entire generation of engineers has
> grown up not knowing the difference between stateful inspection and
> NAT because hardly any products contained stateful inspection without
> NAT and stateful inspection with address translation is a mouthful
> and NAT is a syllable.
The point you *appear* to be trying to make is that *NO* security comes
from NAT, and that is not a defensible argument.
If that's not what you mean to say, you might want to reexamine your
phrasing. :-)
Cheers,
-- jra
