It is a complete fallacy that NAT provides any sort of security. It does
no such thing. Security is provide by a firewall, and (more importantly)
by strong security policies that are policed and enforced.
----- Original Message -----
From: Leonid Yegoshin <[EMAIL PROTECTED]>
Newsgroups: cisco.external.ietf
Sent: Tuesday, April 25, 2000 10:11 PM
Subject: Re: NAT->IPv6
> >From: John Stracke <[EMAIL PROTECTED]>
> >
> >"J. Noel Chiappa" wrote:
> >
> >> So, you're the CIO for Foondoggle Corp, and you're trying to figure
out
> >> whether to spend any of your Q3 funds on IPv6 conversion. Let's see,
benefits
> >> are not very many (autoconfig may be the best one), and the cost is
> >> substantial.
> >
> >Sure. Then you buy out Moondoggle Corp, which used some of the same
private IP
> >numbers you did, and you're faced with having to renumber everything.
While
> >you're at it, you decide to convert both networks to v6 so it'll be
easier next
> >time.
> >
> >(Yes, I know you could put a NAT between the two former companies; but
it'll
> >*hurt*.)
>
> Once in company where I worked somebody brought a virus and it crashed
> a lot of Windows host. I don't remember details about it's fast
propogation
> but I remember how terrific IS staff wanted to put firewalls/NATs between
> each floor ! They considered it as the only warranty and _asked_ money
> for that.
>
> - Leonid Yegoshin, LY22
>
