Because an internal network behind a NAT server uses private IP addresses, it is secure from Internet intruders by design.
However, you can host resources on the internal network and make those resources available to Internet users. NAT allows you to control which
resources on the internal network will be available to Internet users without exposing your entire internal network's resources; you limit
access to particular machines, and to particular services on those machines.
By the end of this module, you will know how to do the following things to enhance the security of a NAT solution:
- Describe how IP filters enhance NAT security
- Allow access using address pools and special ports
- Enhance NAT security with VPN connections
- List the strategies used to enhance the availability and performance of NAT
In the next lesson, you will become familiar with the strategies available in Windows® 2000 to secure a NAT solution and to restrict Internet traffic using IP filters.