Comment by kortilla
25 days ago
I don’t know what to tell you dude. Back in 06 as an admin for campuses where more than half of the machines were XP pre service-pack 2, NAT was 100% used as a security feature.
For public WiFi networks and labs where we couldn’t control software on end devices, we put them behind NAT pools purely for security (we still had enough public v4 IPs to give them to printers).
You can hand wave however you want, but back then NAT was used for an easy first level of security.
“There existed a better thing in a pure stateful firewall” is not an argument against people using NAT instead.
"I have personal experience using it that way" is a much better argument than anything you said in previous posts. Thank you for saying that, no sarcasm.
Was there a reason you didn't firewall those devices? I mean, a basic firewall has to do less work to attain the same security, and needs less configuration.