[e2e] Re: NAT usage at large companies

Valentin Ossman Valentin at TehutiNetworks.com
Sat Oct 19 02:07:39 PDT 2002

The only way to really secure the network is to establish IPSec tunnels
en-to-2nd between all the servers and workstations.

Best Regards,
Valentin Ossman

Tehuti Networks
Fax:   +1 (763) 201 3225
mailto:Valentin at TehutiNetworks.com

> -----Original Message-----
> From: end2end-interest-admin at postel.org 
> [mailto:end2end-interest-admin at postel.org] On Behalf Of David P. Reed
> Sent: Friday, October 18, 2002 10:20 PM
> To: RJ Atkinson; end2end-interest at postel.org
> Subject: Re: [e2e] Re: NAT usage at large companies
> At 02:27 AM 10/18/2002 -0400, RJ Atkinson wrote:
> NAT without some other kind of security (e.g. stateful packet
> >inspection firewall) does not provide meaningful security.
> I'll take that, and raise you 5 - stateful packet inspection doesn't 
> provide meaningful security either (if you can figure out how 
> to set it up 
> correctly in the first place, you gain no benefit unless you 
> carefully 
> control what is on the "inside" of the firewall.   A good 
> first step: no 
> Microsoft application software (such as Outlook or Word).  A 
> good second 
> step: no Microsoft networking code, such as NetBIOS over TCP. 
> A good third 
> step: no users.).

More information about the end2end-interest mailing list