We use Juniper SRX5800 firewalls at the border, and NAT turnover is extremely
quick. The STRM software makes identifying private IPs for a specific day/time
very easy (query public IP at X time, and it IDs the private for you). Then,
we use ISC for DHCP, so just query the logs for that private
Our NAT is performed by our firewalls (Cisco ASAs) at the last hop
before the border router. Everything "inside" (packet shaping, IPS/IDS,
etc) is dealing with the internal addresses, the only use of the
external IPs is when we receive "external" reports.
We have adequate NAT pools to do 1-to-1 d
I will be out of the office until Thursday June 27th. Please direct all
tech needs to the Tech Helpdesk. Thank you!
GO BEYOND!
Founded in 1821, New Hampton School is a coeducational, independent,
college preparatory boarding and day school for students in grades 9-12
and postgraduate.
www.newhamp
We are currently investigating different NAT solutions and deployments, and I
would be curious how other schools handle the legal aspects of connection
tracking, and keeping users accountable for their actions.
We are starting from scratch, and open to trying and investigating different
soluti