[c-nsp] Best Practices for Enterprise networks
Mohacsi Janos
mohacsi at niif.hu
Mon Aug 30 02:56:04 EDT 2004
On Sat, 28 Aug 2004, Tracy Smith wrote:
> Hello. I am tyring to gauge what the Best Practices are for Enterprise
> network connections to the Internet. Specifically, to NAT or not to
> NAT? At what point should NAT-ting be performed ... exclusively at the
> Egress point or at decentralized points? What about firewalling -
> centralized/decentralized?
I recommend you to not NAT. You can achieve the same result with proper
firewalling. Using NAT making your life harder: bottleneck, prevent you to
setup certain services. Firewalling of course is very important: depending
on your situation: what to protect? different protection shemes for
different departments etc.
Regards,
Janos Mohacsi
Network Engineer, Research Associate
NIIF/HUNGARNET, HUNGARY
Key 00F9AF98: 8645 1312 D249 471B DBAE 21A2 9F52 0D1F 00F9 AF98
More information about the cisco-nsp
mailing list