renzev@lemmy.world to Programmer Humor@lemmy.mlEnglish · 5 months agoBasically the extent of my IPv6 knowledgelemmy.worldimagemessage-square85fedilinkarrow-up11arrow-down10file-text
arrow-up11arrow-down1imageBasically the extent of my IPv6 knowledgelemmy.worldrenzev@lemmy.world to Programmer Humor@lemmy.mlEnglish · 5 months agomessage-square85fedilinkfile-text
Template source: https://web.archive.org/web/20210304000634/https://www.government.nl/topics/coronavirus-covid-19/visiting-the-netherlands-from-abroad/checklist
minus-squareeclipse@lemmy.worldlinkfedilinkarrow-up0·5 months agoThis article is biased to selling you more F5 equipment but is a reasonable summary: https://www.f5.com/resources/white-papers/the-myth-of-network-address-translation-as-security Long story short is that NAT is eggshell security and you should be relying on actual firewall rules (I wouldn’t recommend F5) instead of the implicit but not very good protections of NAT.
minus-squaremaccentric@sh.itjust.workslinkfedilinkEnglisharrow-up0·5 months agoWhat would you recommend? I have a client with some pretty old hardware (FVS 318) installed that I suspect is causing some issues on their network.
This article is biased to selling you more F5 equipment but is a reasonable summary:
https://www.f5.com/resources/white-papers/the-myth-of-network-address-translation-as-security
Long story short is that NAT is eggshell security and you should be relying on actual firewall rules (I wouldn’t recommend F5) instead of the implicit but not very good protections of NAT.
What would you recommend? I have a client with some pretty old hardware (FVS 318) installed that I suspect is causing some issues on their network.