Generally, people
use NAT or Proxy as firewalls. Would it be more secure to use a NAT Proxy
combination ?
Say, a NAT connected
to Proxy connected to NAT. Would this prevent external as well as internal
attacks.
Also, use static
routes between the NAT/proxy/NAT to prevent internal route
spoofing.
Most proxies I have
known are software based and NAT's are firmware based.
Assumption being all required
application level
gateways are available for NAT.
e.g. Use
hardware NAT's are from two different vendors (with different
packet
processing algorithm), and proxy is squid.
--
Atul
_______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf