Enterprise Efficiency - Curtis Franklin Jr.

MOBILE HELP REGISTER LOGIN
HOME DELL INFORMATION RESOURCES BLOGGERS MESSAGES ABOUT US WEBINARS RSS
Cloud Mobile Virtualization Storage End-User Productivity Recovery Business Management IT Efficiency Security OEM E2 India
Visit Our E2 Forums \| Education \| Financial Services \| Government \| Healthcare \| Manufacturing \| Retail New! Focus on: End User Computing

	CURTIS FRANKLIN JR. IPv6: No NAT Is Good NAT Curtis Franklin Jr., Executive Editor \| 6/8/2011 \| 9 comments Tweet Comment \| Print \| RSS Login to Rate Welcome to World IPv6 Day. I hope yours is going better than mine -- I have a UTM from a vendor that's lagging woefully behind the IPv6 curve -- but I've yet to hear of any major problems due to the global testing taking place. That's a good thing, but I don't come here today to praise IPv6, but to worry about it. That's because the transition from IPv4 to IPv6 has some potentially serious security "gotchas," and they start with three little letters: NAT. Network Address Translation (NAT) is the crutch that has kept IPv4 hobbling along as well as it has for the last few years. With NAT, a single IP address on the outside interface of the router is matched to a whole network's worth of IP addresses on the inside interface. Translating requests and traffic between the one and the many is handled by the router itself. It's a decent way to magnify the address space of the Internet, but some folks have decided it's good for more than addressing -- it's also a security feature. That has led to the opening line of many a Router Guy's speech to the masses: NAT is NOT Security. There are a surprising number of folks who will tell you that a NAT network is inherently more secure because the address of each machine is not directly exposed on the Internet. That's true, if you assume that anyone attacking your network is lazy, stupid, and incompetent. Think of it as the electronic equivalent of hanging one of those fake "security system installed" decals in your car window, and you're on the right track. Reaching through the router to a machine on the inside is trivial once you've installed a piece of software delivered via email or web application, so you're really only stopping some fairly basic port scans. But that doesn't stop a lot of companies from including it as part of the "security program." The security aspect of NAT, such as it is, may disappear completely with IPv6. Why? Since IPv6 has a sufficiently large address space to give every user about as many addresses as exist on the Internet today, NAT just isn't necessary. That means network designers won't be able to include it as part of their security designs (that's a good thing) and will have to deal with each machine having an address that's exposed to the Internet as a whole. It would be easy, or at least easier, to be confident in the brave new world of NAT-less security if we could be confident in the IPv6 implementations themselves. Unfortunately, there are indications that many of the networking stacks (the software that binds the addressing to the physical interface) for IPv6 and IPv6 transition are not as robust as we might hope. The combination of new internal/external network dynamic and immature network stacks could lead to serious security issues for companies making the transition, if they don't pay special attention to the issues. The big news in this for IT shops is two-fold. First, if you're depending on NAT for any sort of security, stop it -- now. Next, when you're planning the transition to IPv6, be sure to prepare for vulnerabilities in networking components you've come to think of as stable -- components like the TCP/IP stack. Those two actions alone will go a long way toward keeping your network more security during the long transition to IPv6. Comment \| Print \| RSS Comments View Comments: Newest First \| Oldest First \| Threaded View [close this box] CurtisFranklin IPv6: No NAT Is Good NAT 6/9/2011 3:39:03 PM Login to Rate Re: No NAT Is Good NAT @Sane, you're right: organizations large enough to employ a decent router jockey will be in good shape. I think that this is going to wreak havoc in the mid-market, the kind of shop that has an IT staff of four or five generalists to handle everything. They're either going to have to up their game on the routing and directory administration front, get a good contractor in to change their address-space architecture, or become roadkill. User Ranking: Reply \| Post Message \| Messages List \| Start a Board SaneIT IPv6: No NAT Is Good NAT 6/9/2011 3:00:21 PM Login to Rate Re: No NAT Is Good NAT @Curtis - Most companies big enough to worry about NAT are proxying traffic for things like web surfing from desktops so I'm not sure why they would think that IPv6 means that they have to make things like desktops accessable from outside their own network. Anyone working at a level that is comfortable talking about routing will instintively know just how easy it is to blackhole inbound traffic for an entire subnet and I don't suspect that outbound proxies will vanish either. Personally I'm looking forward to the day that I can assign 50 publically accessable addresses to a single web server instead of everything depending on host headers. User Ranking: Reply \| Post Message \| Messages List \| Start a Board CurtisFranklin IPv6: No NAT Is Good NAT 6/9/2011 12:48:45 PM Login to Rate Re: No NAT Is Good NAT @SaneIT, one of the things that many people feel is that the only choices are NAT and every device open to the Internet. More discussion about the advantages (necessity?) of directory systems and intelligent gateways is necessary before we see wide-spread adoption of IPv6 at the medium-sized business level. There are a lot of reasons to like IPv6, but a lot of mis-information to cut through before it's embraced by everyone. User Ranking: Reply \| Post Message \| Messages List \| Start a Board CurtisFranklin IPv6: No NAT Is Good NAT 6/9/2011 12:41:59 PM Login to Rate Re: NAT-less @Gigi, you're right: device traceability is one of the things that has privacy proponents very worried, indeed. There has been a great deal of discussion about how IPv6 will affect networks down around layers 2 and 3, but relatively little discussion about the impact the change will have farther up the ISO stack. As we get closer to large-scale implementation, those discussions must happen if we're to avoid some truly unfortunate consequences. User Ranking: Reply \| Post Message \| Messages List \| Start a Board SaneIT IPv6: No NAT Is Good NAT 6/9/2011 8:53:13 AM Login to Rate Re: No NAT Is Good NAT I have to agree, NAT is handy but it's rarely 100% necessary and IPv6 will put an end to those rare cases where it's the best option. One thing that I haven't heard much is how IPv6 will affect network security as a whole. I highly doubt that any company out there is going to open the flood gates and allow bi-directional traffic to every address on their network, but I do wonder if companies are going to start auditing route tables a little more closely now. In the long term I think it will make well managed networks more secure since it removes a layer of complexity on most networks. User Ranking: Reply \| Post Message \| Messages List \| Start a Board Gigi IPv6: No NAT Is Good NAT 6/9/2011 3:47:51 AM Login to Rate Re: NAT-less In IPv 6 we have to enable the Privacy extensions manually, other than Windows platform. Since it’s not happening as default, system administrators have to take acre about this; otherwise the unique MAC address will exposed to internet and makes devices traceable. From one of the analysis report it seems that because of this issue, migration from IPV4 to 6 caused criticism of data privacy in various countries. User Ranking: Reply \| Post Message \| Messages List \| Start a Board Gigi IPv6: No NAT Is Good NAT 6/9/2011 3:47:47 AM Login to Rate Re: NAT-less In IPv 6 we have to enable the Privacy extensions manually, other than Windows platform. Since it’s not happening as default, system administrators have to take acre about this; otherwise the unique MAC address will exposed to internet and makes devices traceable. From one of the analysis report it seems that because of this issue, migration from IPV4 to 6 caused criticism of data privacy in various countries. User Ranking: Reply \| Post Message \| Messages List \| Start a Board LadyIT IPv6: No NAT Is Good NAT 6/8/2011 8:07:08 PM Login to Rate Re: NAT-less @cvargas: but with the advent of Active Directory this should have been on the table for removal. Couldn't agree more. And even though I've been away from day to day network security for a bit, must admit I'm surprised that some admins would still be relying on NAT for security. This was a bit of an eye-opener, and makes me wonder how many orgs are still doing so... User Ranking: Blogger Reply \| Post Message \| Messages List \| Start a Board cvargas IPv6: No NAT Is Good NAT 6/8/2011 5:38:49 PM Login to Rate NAT-less Anyone who has been responsible for network security should have gotten rid of NAT years ago. This is especially true for Windows domain structures. In the days of peer to peer networking for small environments, NAT was a godsend because it allowed for easy connectivity between computers, but with the advent of Active Directory this should have been on the table for removal. By continuing to run NAT, admins basically were not thinking security and were thinking ease. There will always be a need for name to IP translation. DNS is not only quicker and has less security concerns but is far more easy to maintain. My vote is to say NAT should not be considered in any size network. User Ranking: Reply \| Post Message \| Messages List \| Start a Board The blogs and comments posted on EnterpriseEfficiency.com do not reflect the views of TechWeb, EnterpriseEfficiency.com, or its sponsors. EnterpriseEfficiency.com, TechWeb, and its sponsors do not assume responsibility for any comments, claims, or opinions made by authors and bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose.	More Blogs from Curtis Franklin Jr. Predict the Future Curtis Franklin Jr. 5/15/2013 13 comments Remember the old highway safety slogan, "Speed Kills"? In today's business environment, it's lack of speed that's fatal. The Interop Wrap-Up Curtis Franklin Jr. 5/14/2013 1 comment Between webcasts, con calls, and Internet chats, you need a pretty good reason to actually get on a plane and go to a meeting. Last week's Interop gave me a lot of great reasons to be in ... The Cost of Bad Security Curtis Franklin Jr. 5/10/2013 21 comments It's rare to hear that security breaches are too cheap to matter. That's exactly what I heard yesterday in Las Vegas. The Innovation Culture Curtis Franklin Jr. 5/8/2013 8 comments Innovation is a matter of discipline and culture in the enterprise. CIOs can help build that culture of innovation -- but only if they understand what's involved and what's at stake. E2 Radio: Executive Interview -- Brian Lillie of Equinix Curtis Franklin Jr. 5/3/2013 9 comments Big computers and big datacenters equal big problems -- unless you're an innovative CIO. Then it's the opportunities that are large. More from Curtis Franklin Jr. SUSAN NUNZIATA: Putting M2M to Work LEARN MORE ANDRE YEE: What You Need to Succeed With Big-Data LEARN MORE GEORGE COLOMBO: Your Brain on DDoS LEARN MORE DAVID WAGNER: Lessons in Turnaround Leadership LEARN MORE CURTIS FRANKLIN JR.: Predict the Future LEARN MORE For All CIO Content, Click Here Poll See the full archive of polls E2 Radio Latest Archived Broadcast Big Picture CIOs Data visualization can make complex data easier to grasp. Our expert guest will talk about the hows, whys, and whats of bringing the big picture to your enterprise. Listen May 28th 2pm EDT Tuesday CIO Coaching Session: Gerber & Hugos Remind Me May 30th 2pm EDT Thursday Executive Interview: Glenn Evans of Acrux Remind Me Full schedule Archived shows Download to calendar Video Symposium On-demand Video with Chat NBA's Big-Data Slam Dunk: The CIO's Story NBA CIO Michael Gliedman will tell us why the NBA decided to create NBA.com/stats Watch Full schedule Archived shows Download to calendar Webinars IT Convergence Strategies: Why, When and How 6/18/2013 - Please join us for the "IT Convergence Strategies: Why, When and How " to learn more about: • 5 truths about infrastructure convergence today that go beyond the hype • How to exploit the 4 phases of convergence maximum efficiency and agility • Key milestones to plan for on the convergence journey • Why integrated management is a critical component of convergence plans • The importance of an open, modular approach, such as Dell’s active infrastructure, to building a converged data center More information and registration All Upcoming Webinars Archive of Past Webinars E2 IT Migration Zones Office 365 Finds Fans Cutting Through the Modern App Confusion Microsoft Hints at Changes to Windows 8 S’équiper ou non d’un logiciel anti-virus ? Microsoft passe au facteur deux Windows Azure Infrastructure Services est disponible ! Microsofts Surface Pro kommt nach Deutschland Zum Schmunzeln: drei neue Werbeclips für Windows 8 Internet Explorer 10 auf dem Vormarsch Like Us on Facebook Twitter Feed follow us Dell IT Insights Site Moderators Wanted Enterprise Efficiency is looking for engaged readers to moderate the message boards on this site. Engage in high-IQ conversations with IT industry leaders; earn kudos and perks. Interested? E-mail: moderators@enterpriseefficiency.com Whitepapers and Analytics Reports Dell's Efficiency Modeling Tool The major problem facing the CIO is how to measure the effectiveness of the IT department. Learn how Dell’s Efficiency Modeling Tool gives the CIO two clear, powerful numbers: Efficiency Quotient and Impact Quotient. These numbers can be transforma¬tive not only to the department, but to the entire enterprise. Read the full report The State of Enterprise Efficiency in the Virtual Era: Virtualization – Smart Approaches to Maximize Gains Virtualization is a presence in nearly all enterprise data centers. But not all companies are using it to its best effect. Learn the common characteristics of success, what barriers companies face, and how to get the most from your efforts. Read the full report Informed CIO: Dollars & Sense: Virtual Desktop Infrastructure Cut through the VDI hype and get the full picture -- including ROI and the impact on your Data Center -- to make an informed decision about your virtual desktop infrastructure deployments. Read the full report See the full archive of reports here. Dell Information Resources SPONSORED BY DELL BRIEFINGS Gartner: Virtualization Consulting Service Provider Profiles Executive Q&A: Dell CIO Robin Johnson Discusses Becoming An Efficient Enterprise CASE STUDIES Salesforce.com: Building a Scalable Cloud EBOOKS Bringing the Cloud Down to Earth PUBLIC SECTOR RESOURCES Virtualizing Mission-Critical Applications: 5 Storage Imperatives VIDEOS Dell and Trend Micro Desktop Virtualization DDVS Overview Video DDVS Process Methodology Video DDVS Deliver Models Video WHITE PAPERS Don't Let Security Slow Down Your VDI Deployment The State of IT Consumerization: Mobility Trends in SMBs Mobile Refresh: 3 Business Reasons to Leave Desktops Behind How to Manage Mobile Devices Is Your Infrastructure Mobile Ready? SMBs and Consumerization of IT Cloud Computing: Five Trends that will Impact Your IT Planning in 2012 Crossroads in the Cloud: How IT Leaders and Business Stakeholders Make Smarter Decisions on Cloud Computing How to Manage Mobile Devices Is Your Infrastructure Mobile Ready? SMBs and Consumerization of IT eBay Drives Data Center Efficiencies to a Higher Level while Lowering Costs Seeing Green in the Benefits of Cloud: Copenhagen Airports Maximizes Green Efficiency Journey to the Cloud: What IT Enterprises Should Expect Balancing Cost-Cutting Measures with the Need to Grow Fixing the Relationship Between the CIO and the Rest of the C-Suite Backup and Recovery: How to Avoid the Coming Crunch Business Continuity with Cloud Based Data Protection Data Protection Modernization: Technology and Strategy Revealed Easily Manage, Scale and Protect Storage Data While Delivering Optimal Performance Data Protection and Recovery: When And Where You Need It Driving innovation in your IT organization Better Healthcare Starts With Better Information Keeping It Lean and Competitive: Server Virtualization with Hyper-V(TM) R2 The AMD Opteron(TM) 6000 Series Platform: Revolutionizing Server Price/Performance How the Right Infrastructure Delivers Real SQL Database Virtualization Benefits AMD processors put Union Pacific on the fast track Forrester: Market Overview Of Cloud Service Offerings From Global IT Providers Gartner: Planning For The Security Features Of Windows 7 All Resources Cloud Computing: Rip & Replace or System Upgrade? Upcoming Debates \| Debate archive \| Register Final Results 60% Yes 40% No Debate details Listen to the archive Debate wrap-up Continue the discussion On the Case ALL ON THE CASE A Video Case Study – Translational Genomics Research Institute 10 08:12 On the Case TGen IT: Where We're Going Next 12 02:24 On the Case Better Care Through Better Communications... 5 06:58 On the Case TGen IT: Where We Are Now 10 06:45 On the Case TGen IT: Where We Were 12 02:27 On the Case 1,200% Faster 8 02:12 On the Case IT May Improve Children's Chances... 5 1:25 On the Case Medical Advances in the Cloud 3 2:25 On the Case TGen: Living the Mission 8 1:59 On the Case TGen Speeding Up Biomedical Research... 3 2:13 On the Case Computing Power Helping to Save Children's... e2 Video ALL VIDEOS 0 2:42 Ivan Schneider Clash of the Tableau 8: Release the... 0 2:10 Tom Nolle Using Virtualization - for Real! 0 2:12 Tom Nolle Is UC Becoming Oxymoronic or Just... 5 4:45 E2 Editors Windows vs. Integrated Circuit CPU... 14 4:34 E2 Editors Radio vs. Public Internet Access 16 4:34 E2 Editors Mainframes vs. Servers 5 3:07 E2 Editors TCP/IP vs. Printing Press 11 3:12 E2 Editors BYOD vs. E-Commerce 7 4:19 E2 Editors Telecommuting vs. Outsourcing 20 4:28 E2 Editors Personal Computer vs. Mobile Devic... 13 3:09 E2 Editors Smartphones vs. Productivity Softw... 5 2:03 Tom Nolle There's More to Mobility Than the... 9 3:21 Ivan Schneider From Kim Jong-Un's Trackball to Nuance... 1 2:19 Tom Nolle Data/Storage Wish List for Enterpr... 12 3:22 E2 Editors E2 Editors Go Mad! Episode 3



UBM TECH OUR MARKETS: Business Technology \| Channel \| Electronics \| Game & App Development Working With Us: Advertising Contacts \| Event Calendar \| Tech Marketing Solutions \| Corporate Site \| Contact Us / Feedback Terms of Service \| Privacy Statement \| Copyright © 2013 UBM Tech, All rights reserved

MOBILE HELP REGISTER LOGIN
HOME DELL INFORMATION RESOURCES BLOGGERS MESSAGES ABOUT US WEBINARS RSS
Cloud Mobile Virtualization Storage End-User Productivity Recovery Business Management IT Efficiency Security OEM E2 India
Visit Our E2 Forums \| Education \| Financial Services \| Government \| Healthcare \| Manufacturing \| Retail New! Focus on: End User Computing

	CURTIS FRANKLIN JR. IPv6: No NAT Is Good NAT Curtis Franklin Jr., Executive Editor \| 6/8/2011 \| 9 comments Tweet Comment \| Print \| RSS Login to Rate Welcome to World IPv6 Day. I hope yours is going better than mine -- I have a UTM from a vendor that's lagging woefully behind the IPv6 curve -- but I've yet to hear of any major problems due to the global testing taking place. That's a good thing, but I don't come here today to praise IPv6, but to worry about it. That's because the transition from IPv4 to IPv6 has some potentially serious security "gotchas," and they start with three little letters: NAT. Network Address Translation (NAT) is the crutch that has kept IPv4 hobbling along as well as it has for the last few years. With NAT, a single IP address on the outside interface of the router is matched to a whole network's worth of IP addresses on the inside interface. Translating requests and traffic between the one and the many is handled by the router itself. It's a decent way to magnify the address space of the Internet, but some folks have decided it's good for more than addressing -- it's also a security feature. That has led to the opening line of many a Router Guy's speech to the masses: NAT is NOT Security. There are a surprising number of folks who will tell you that a NAT network is inherently more secure because the address of each machine is not directly exposed on the Internet. That's true, if you assume that anyone attacking your network is lazy, stupid, and incompetent. Think of it as the electronic equivalent of hanging one of those fake "security system installed" decals in your car window, and you're on the right track. Reaching through the router to a machine on the inside is trivial once you've installed a piece of software delivered via email or web application, so you're really only stopping some fairly basic port scans. But that doesn't stop a lot of companies from including it as part of the "security program." The security aspect of NAT, such as it is, may disappear completely with IPv6. Why? Since IPv6 has a sufficiently large address space to give every user about as many addresses as exist on the Internet today, NAT just isn't necessary. That means network designers won't be able to include it as part of their security designs (that's a good thing) and will have to deal with each machine having an address that's exposed to the Internet as a whole. It would be easy, or at least easier, to be confident in the brave new world of NAT-less security if we could be confident in the IPv6 implementations themselves. Unfortunately, there are indications that many of the networking stacks (the software that binds the addressing to the physical interface) for IPv6 and IPv6 transition are not as robust as we might hope. The combination of new internal/external network dynamic and immature network stacks could lead to serious security issues for companies making the transition, if they don't pay special attention to the issues. The big news in this for IT shops is two-fold. First, if you're depending on NAT for any sort of security, stop it -- now. Next, when you're planning the transition to IPv6, be sure to prepare for vulnerabilities in networking components you've come to think of as stable -- components like the TCP/IP stack. Those two actions alone will go a long way toward keeping your network more security during the long transition to IPv6. Comment \| Print \| RSS Comments View Comments: Newest First \| Oldest First \| Threaded View [close this box] CurtisFranklin IPv6: No NAT Is Good NAT 6/9/2011 3:39:03 PM Login to Rate Re: No NAT Is Good NAT @Sane, you're right: organizations large enough to employ a decent router jockey will be in good shape. I think that this is going to wreak havoc in the mid-market, the kind of shop that has an IT staff of four or five generalists to handle everything. They're either going to have to up their game on the routing and directory administration front, get a good contractor in to change their address-space architecture, or become roadkill. User Ranking: Reply \| Post Message \| Messages List \| Start a Board SaneIT IPv6: No NAT Is Good NAT 6/9/2011 3:00:21 PM Login to Rate Re: No NAT Is Good NAT @Curtis - Most companies big enough to worry about NAT are proxying traffic for things like web surfing from desktops so I'm not sure why they would think that IPv6 means that they have to make things like desktops accessable from outside their own network. Anyone working at a level that is comfortable talking about routing will instintively know just how easy it is to blackhole inbound traffic for an entire subnet and I don't suspect that outbound proxies will vanish either. Personally I'm looking forward to the day that I can assign 50 publically accessable addresses to a single web server instead of everything depending on host headers. User Ranking: Reply \| Post Message \| Messages List \| Start a Board CurtisFranklin IPv6: No NAT Is Good NAT 6/9/2011 12:48:45 PM Login to Rate Re: No NAT Is Good NAT @SaneIT, one of the things that many people feel is that the only choices are NAT and every device open to the Internet. More discussion about the advantages (necessity?) of directory systems and intelligent gateways is necessary before we see wide-spread adoption of IPv6 at the medium-sized business level. There are a lot of reasons to like IPv6, but a lot of mis-information to cut through before it's embraced by everyone. User Ranking: Reply \| Post Message \| Messages List \| Start a Board CurtisFranklin IPv6: No NAT Is Good NAT 6/9/2011 12:41:59 PM Login to Rate Re: NAT-less @Gigi, you're right: device traceability is one of the things that has privacy proponents very worried, indeed. There has been a great deal of discussion about how IPv6 will affect networks down around layers 2 and 3, but relatively little discussion about the impact the change will have farther up the ISO stack. As we get closer to large-scale implementation, those discussions must happen if we're to avoid some truly unfortunate consequences. User Ranking: Reply \| Post Message \| Messages List \| Start a Board SaneIT IPv6: No NAT Is Good NAT 6/9/2011 8:53:13 AM Login to Rate Re: No NAT Is Good NAT I have to agree, NAT is handy but it's rarely 100% necessary and IPv6 will put an end to those rare cases where it's the best option. One thing that I haven't heard much is how IPv6 will affect network security as a whole. I highly doubt that any company out there is going to open the flood gates and allow bi-directional traffic to every address on their network, but I do wonder if companies are going to start auditing route tables a little more closely now. In the long term I think it will make well managed networks more secure since it removes a layer of complexity on most networks. User Ranking: Reply \| Post Message \| Messages List \| Start a Board Gigi IPv6: No NAT Is Good NAT 6/9/2011 3:47:51 AM Login to Rate Re: NAT-less In IPv 6 we have to enable the Privacy extensions manually, other than Windows platform. Since it’s not happening as default, system administrators have to take acre about this; otherwise the unique MAC address will exposed to internet and makes devices traceable. From one of the analysis report it seems that because of this issue, migration from IPV4 to 6 caused criticism of data privacy in various countries. User Ranking: Reply \| Post Message \| Messages List \| Start a Board Gigi IPv6: No NAT Is Good NAT 6/9/2011 3:47:47 AM Login to Rate Re: NAT-less In IPv 6 we have to enable the Privacy extensions manually, other than Windows platform. Since it’s not happening as default, system administrators have to take acre about this; otherwise the unique MAC address will exposed to internet and makes devices traceable. From one of the analysis report it seems that because of this issue, migration from IPV4 to 6 caused criticism of data privacy in various countries. User Ranking: Reply \| Post Message \| Messages List \| Start a Board LadyIT IPv6: No NAT Is Good NAT 6/8/2011 8:07:08 PM Login to Rate Re: NAT-less @cvargas: but with the advent of Active Directory this should have been on the table for removal. Couldn't agree more. And even though I've been away from day to day network security for a bit, must admit I'm surprised that some admins would still be relying on NAT for security. This was a bit of an eye-opener, and makes me wonder how many orgs are still doing so... User Ranking: Blogger Reply \| Post Message \| Messages List \| Start a Board cvargas IPv6: No NAT Is Good NAT 6/8/2011 5:38:49 PM Login to Rate NAT-less Anyone who has been responsible for network security should have gotten rid of NAT years ago. This is especially true for Windows domain structures. In the days of peer to peer networking for small environments, NAT was a godsend because it allowed for easy connectivity between computers, but with the advent of Active Directory this should have been on the table for removal. By continuing to run NAT, admins basically were not thinking security and were thinking ease. There will always be a need for name to IP translation. DNS is not only quicker and has less security concerns but is far more easy to maintain. My vote is to say NAT should not be considered in any size network. User Ranking: Reply \| Post Message \| Messages List \| Start a Board The blogs and comments posted on EnterpriseEfficiency.com do not reflect the views of TechWeb, EnterpriseEfficiency.com, or its sponsors. EnterpriseEfficiency.com, TechWeb, and its sponsors do not assume responsibility for any comments, claims, or opinions made by authors and bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose.	More Blogs from Curtis Franklin Jr. Predict the Future Curtis Franklin Jr. 5/15/2013 13 comments Remember the old highway safety slogan, "Speed Kills"? In today's business environment, it's lack of speed that's fatal. The Interop Wrap-Up Curtis Franklin Jr. 5/14/2013 1 comment Between webcasts, con calls, and Internet chats, you need a pretty good reason to actually get on a plane and go to a meeting. Last week's Interop gave me a lot of great reasons to be in ... The Cost of Bad Security Curtis Franklin Jr. 5/10/2013 21 comments It's rare to hear that security breaches are too cheap to matter. That's exactly what I heard yesterday in Las Vegas. The Innovation Culture Curtis Franklin Jr. 5/8/2013 8 comments Innovation is a matter of discipline and culture in the enterprise. CIOs can help build that culture of innovation -- but only if they understand what's involved and what's at stake. E2 Radio: Executive Interview -- Brian Lillie of Equinix Curtis Franklin Jr. 5/3/2013 9 comments Big computers and big datacenters equal big problems -- unless you're an innovative CIO. Then it's the opportunities that are large. More from Curtis Franklin Jr. SUSAN NUNZIATA: Putting M2M to Work LEARN MORE ANDRE YEE: What You Need to Succeed With Big-Data LEARN MORE GEORGE COLOMBO: Your Brain on DDoS LEARN MORE DAVID WAGNER: Lessons in Turnaround Leadership LEARN MORE CURTIS FRANKLIN JR.: Predict the Future LEARN MORE For All CIO Content, Click Here Poll See the full archive of polls E2 Radio Latest Archived Broadcast Big Picture CIOs Data visualization can make complex data easier to grasp. Our expert guest will talk about the hows, whys, and whats of bringing the big picture to your enterprise. Listen May 28th 2pm EDT Tuesday CIO Coaching Session: Gerber & Hugos Remind Me May 30th 2pm EDT Thursday Executive Interview: Glenn Evans of Acrux Remind Me Full schedule Archived shows Download to calendar Video Symposium On-demand Video with Chat NBA's Big-Data Slam Dunk: The CIO's Story NBA CIO Michael Gliedman will tell us why the NBA decided to create NBA.com/stats Watch Full schedule Archived shows Download to calendar Webinars IT Convergence Strategies: Why, When and How 6/18/2013 - Please join us for the "IT Convergence Strategies: Why, When and How " to learn more about: • 5 truths about infrastructure convergence today that go beyond the hype • How to exploit the 4 phases of convergence maximum efficiency and agility • Key milestones to plan for on the convergence journey • Why integrated management is a critical component of convergence plans • The importance of an open, modular approach, such as Dell’s active infrastructure, to building a converged data center More information and registration All Upcoming Webinars Archive of Past Webinars E2 IT Migration Zones Office 365 Finds Fans Cutting Through the Modern App Confusion Microsoft Hints at Changes to Windows 8 S’équiper ou non d’un logiciel anti-virus ? Microsoft passe au facteur deux Windows Azure Infrastructure Services est disponible ! Microsofts Surface Pro kommt nach Deutschland Zum Schmunzeln: drei neue Werbeclips für Windows 8 Internet Explorer 10 auf dem Vormarsch Like Us on Facebook Twitter Feed follow us Dell IT Insights Site Moderators Wanted Enterprise Efficiency is looking for engaged readers to moderate the message boards on this site. Engage in high-IQ conversations with IT industry leaders; earn kudos and perks. Interested? E-mail: moderators@enterpriseefficiency.com Whitepapers and Analytics Reports Dell's Efficiency Modeling Tool The major problem facing the CIO is how to measure the effectiveness of the IT department. Learn how Dell’s Efficiency Modeling Tool gives the CIO two clear, powerful numbers: Efficiency Quotient and Impact Quotient. These numbers can be transforma¬tive not only to the department, but to the entire enterprise. Read the full report The State of Enterprise Efficiency in the Virtual Era: Virtualization – Smart Approaches to Maximize Gains Virtualization is a presence in nearly all enterprise data centers. But not all companies are using it to its best effect. Learn the common characteristics of success, what barriers companies face, and how to get the most from your efforts. Read the full report Informed CIO: Dollars & Sense: Virtual Desktop Infrastructure Cut through the VDI hype and get the full picture -- including ROI and the impact on your Data Center -- to make an informed decision about your virtual desktop infrastructure deployments. Read the full report See the full archive of reports here. Dell Information Resources SPONSORED BY DELL BRIEFINGS Gartner: Virtualization Consulting Service Provider Profiles Executive Q&A: Dell CIO Robin Johnson Discusses Becoming An Efficient Enterprise CASE STUDIES Salesforce.com: Building a Scalable Cloud EBOOKS Bringing the Cloud Down to Earth PUBLIC SECTOR RESOURCES Virtualizing Mission-Critical Applications: 5 Storage Imperatives VIDEOS Dell and Trend Micro Desktop Virtualization DDVS Overview Video DDVS Process Methodology Video DDVS Deliver Models Video WHITE PAPERS Don't Let Security Slow Down Your VDI Deployment The State of IT Consumerization: Mobility Trends in SMBs Mobile Refresh: 3 Business Reasons to Leave Desktops Behind How to Manage Mobile Devices Is Your Infrastructure Mobile Ready? SMBs and Consumerization of IT Cloud Computing: Five Trends that will Impact Your IT Planning in 2012 Crossroads in the Cloud: How IT Leaders and Business Stakeholders Make Smarter Decisions on Cloud Computing How to Manage Mobile Devices Is Your Infrastructure Mobile Ready? SMBs and Consumerization of IT eBay Drives Data Center Efficiencies to a Higher Level while Lowering Costs Seeing Green in the Benefits of Cloud: Copenhagen Airports Maximizes Green Efficiency Journey to the Cloud: What IT Enterprises Should Expect Balancing Cost-Cutting Measures with the Need to Grow Fixing the Relationship Between the CIO and the Rest of the C-Suite Backup and Recovery: How to Avoid the Coming Crunch Business Continuity with Cloud Based Data Protection Data Protection Modernization: Technology and Strategy Revealed Easily Manage, Scale and Protect Storage Data While Delivering Optimal Performance Data Protection and Recovery: When And Where You Need It Driving innovation in your IT organization Better Healthcare Starts With Better Information Keeping It Lean and Competitive: Server Virtualization with Hyper-V(TM) R2 The AMD Opteron(TM) 6000 Series Platform: Revolutionizing Server Price/Performance How the Right Infrastructure Delivers Real SQL Database Virtualization Benefits AMD processors put Union Pacific on the fast track Forrester: Market Overview Of Cloud Service Offerings From Global IT Providers Gartner: Planning For The Security Features Of Windows 7 All Resources Cloud Computing: Rip & Replace or System Upgrade? Upcoming Debates \| Debate archive \| Register Final Results 60% Yes 40% No Debate details Listen to the archive Debate wrap-up Continue the discussion On the Case ALL ON THE CASE A Video Case Study – Translational Genomics Research Institute 10 08:12 On the Case TGen IT: Where We're Going Next 12 02:24 On the Case Better Care Through Better Communications... 5 06:58 On the Case TGen IT: Where We Are Now 10 06:45 On the Case TGen IT: Where We Were 12 02:27 On the Case 1,200% Faster 8 02:12 On the Case IT May Improve Children's Chances... 5 1:25 On the Case Medical Advances in the Cloud 3 2:25 On the Case TGen: Living the Mission 8 1:59 On the Case TGen Speeding Up Biomedical Research... 3 2:13 On the Case Computing Power Helping to Save Children's... e2 Video ALL VIDEOS 0 2:42 Ivan Schneider Clash of the Tableau 8: Release the... 0 2:10 Tom Nolle Using Virtualization - for Real! 0 2:12 Tom Nolle Is UC Becoming Oxymoronic or Just... 5 4:45 E2 Editors Windows vs. Integrated Circuit CPU... 14 4:34 E2 Editors Radio vs. Public Internet Access 16 4:34 E2 Editors Mainframes vs. Servers 5 3:07 E2 Editors TCP/IP vs. Printing Press 11 3:12 E2 Editors BYOD vs. E-Commerce 7 4:19 E2 Editors Telecommuting vs. Outsourcing 20 4:28 E2 Editors Personal Computer vs. Mobile Devic... 13 3:09 E2 Editors Smartphones vs. Productivity Softw... 5 2:03 Tom Nolle There's More to Mobility Than the... 9 3:21 Ivan Schneider From Kim Jong-Un's Trackball to Nuance... 1 2:19 Tom Nolle Data/Storage Wish List for Enterpr... 12 3:22 E2 Editors E2 Editors Go Mad! Episode 3



UBM TECH OUR MARKETS: Business Technology \| Channel \| Electronics \| Game & App Development Working With Us: Advertising Contacts \| Event Calendar \| Tech Marketing Solutions \| Corporate Site \| Contact Us / Feedback Terms of Service \| Privacy Statement \| Copyright © 2013 UBM Tech, All rights reserved

IPv6: No NAT Is Good NAT