Title :
Network security using NAT and NAPT
Author :
Smith, Matt ; Hunt, Ray
Author_Institution :
Hindin Commun., Canterbury Univ., Christchurch, New Zealand
Abstract :
This paper examines the use of NAT and NAPT as a transparent security mechanism. It discusses the addressing, security and administrative needs in modern secure network design. By way of examples it demonstrates the use of basic static and dynamic NAT, extending these ideas to include NAPT. More recent developments in the use of NAT are discussed which includes Bidirectional NAT, Twice NAT and Multihomed NAT. Although this technology is starting to provide many security benefits there are also a number of problems that remain to be solved. These include packet translation checksum and fragmentation issues, address and port embedding, and complications with using IPSec tunnels with NAT. Finally a variety of recent extensions and developments are discussed which include load-sharing, interworking between NAT IPv4 and IPv6 as well as discussion on recent work aimed at solving the IPSec tunneling issue.
Keywords :
Internet; routing protocols; telecommunication security; transport protocols; Bidirectional NAT; IPSec tunneling; IPv4; IPv6; Multihomed NAT; NAPT; Twice NAT; dynamic NAT; interworking; load sharing; network security; secure network design; static NAT; transparent security mechanism; Computer science; Computer security; Internet; Local area networks; Network address translation; Privacy; Routing; Scalability; TCPIP; Tunneling;
Conference_Titel :
Networks, 2002. ICON 2002. 10th IEEE International Conference on
Print_ISBN :
0-7803-7533-5
DOI :
10.1109/ICON.2002.1033337
