Comment by skywhopper

Networking folks love to write this article. “NAT isn’t a security layer.” I’ve been hearing it for 20 years. But while that’s not its purpose and while there are other layers that can provide the same features, it’s still a very useful piece of a larger puzzle of defining borders in a network architecture. Sometimes it helps if those borders are obvious to the eye, via the use of a private address zone, or if opening a port on the server can never “just work”, regardless of your external firewall rules. All sorts of trivial mistakes can be avoided with This One Weird Trick. So sure, it’s not technically required, and doesn’t solve every problem. But the constant harping about “NAT isn’t security” is sorta pointless.