TZ400/Comcast Router - effect on Anti-Virus, Anti-Spyware and intrusion prevention
DaveInPA
Newbie ✭
I have a TZ400 on a LAN port of a Comcast modem/router.
WAN IP on the firewall is set to DHCP to get IP from router (10.1.10.x).
LAN on the firewall is a different network (192.168.1.x)
No VPN, VOIP or other complications. It works fine.
My question is: Does the fact that the firewall is looking at NAT traffic reduce the functionality of the firewall features (Anti-Virus, Anti-Spyware and intrusion prevention)?
Thanks,
Dave
Category: Entry Level Firewalls
Tagged:
0
Best Answer
-
MasterRoshi Moderator
Upstream NAT should not effect your security posture unless you have a very niche circumstance.
1
Answers
"Does the fact that the firewall is looking at NAT traffic reduce the functionality of the firewall features (Anti-Virus, Anti-Spyware and intrusion prevention)?"
Antivirus, antispyware, etc. are functions of the 'UTM' features of the platform, not the 'firewall' features. Either way, since you are double NATd and double firewalled I suppose that, yes the UTM functionality of the Sonicwall is being 'reduced'.
Thank you for the reply TKWITS - I'll rephrase.
Does the fact that the traffic passing through the TZ400 is NAT'd make it more likely that harmful/malicious traffic will not be blocked, etc. by the TZ400?