Re: Does ICS or Firewall have a NAT

In article <OzS9IrfGGHA.3936@xxxxxxxxxxxxxxxxxxxx>, "Kerry Brown"
<kerry@xxxxxxxxxxxxxxxxxxx*a*m> wrote:
>Descartes wrote:
>>> Yes, ICS uses NAT.
>>>
>>> What do you mean by "static mapping"? What exactly do you want to
>>> do? --
>> Well I read somewhere, that a NAT creates a mapping of an intranet
>> computers request out to the Internet. When a response arrives from
>> the internet, the NAT looks in its mapping, to which intranet
>> computer it should forward the response. This mapping is created
>> dynamically and deleted when not needed anymore. The side effect of
>> this is that the NAT actually works as a kind of fire wall neglecting
>> all inbound traffic for which it does not have a mapping. This is all
>> OK and does not require static mapping. But, if I would set up a server
>> (on the intranet) to be accessible
>> from the Internet, the NAT would need a static (persistent) mapping
>> to know to which computer forward the requests coming from the
>> Internet and addressed to the server.
>> Please correct me if this doesn't make sens at all.
>
>Yes, ICS can do what you want. A stand alone router is a better idea for a
>couple of reasons.

I agree that a router is usually better than ICS, Kerry. But a router
can't do the job if you're sharing a non-Ethernet Internet connection,
like a dial-up modem or a USB cable modem.

>1) Using ICS the gateway computer is dirctly exposed to the Internet on the
>public interface. A router will give all computers some level of protection
>from malware. ICS will give all the other computers this level of protection
>but the computer running ICS will still be exposed.

The ICS computer should be fine if it's running Windows Firewall.
However, a router plus firewall gives two layers of protection.

>2) The computer running ICS must be on for the other computers to access the
>Internet. The computer running ICS will run slower because of ICS. You may
>or may not notice this depending what else the computer is used for.

I can't imagine that ICS would have a noticeable effect. A typical
broadband router has much less memory and a much slower processor than
any computer that can run XP. For example, my SMC Barricade router
has a 40 MHz CPU and less than 1MB of memory

>Kerry
--
Best Wishes,
Steve Winograd, MS-MVP (Windows Networking)

Please post any reply as a follow-up message in the news group
for everyone to see. I'm sorry, but I don't answer questions
addressed directly to me in E-mail or news groups.

Microsoft Most Valuable Professional Program
http://mvp.support.microsoft.com
.

Relevant Pages

  • Re: Does ICS or Firewall have a NAT
    ... >> Yes, ICS uses NAT. ... that a NAT creates a mapping of an intranet ... > computers request out to the Internet. ... ICS can do what you want. ...
    (microsoft.public.windowsxp.network_web)
  • Re: Firewall for Network
    ... network card with MS ICS turned on connected to the hub. ... Now I unplug everything form the router and plug them into computer and hub, ... >>> There are several commercial products that do NAT and Windows ICS also ... > know know that using connection sharing is only connecting from one NIC ...
    (comp.security.firewalls)
  • Re: Does ICS or Firewall have a NAT
    ... that a NAT creates a mapping of an intranet ... >>> computers request out to the Internet. ... > I agree that a router is usually better than ICS, ...
    (microsoft.public.windowsxp.network_web)
  • Re: ICS and Nortel Contivity VPN Client
    ... This is typical of L2TP tunnels through NAT, which ICS and any SOHO router ... If we gave the laptop with the client installed ... ICS network? ...
    (microsoft.public.win2000.networking)
  • Re: Firewall for Network
    ... > since ISPare starting to home in on more then one computer using ICS ... > without additional IPand not using a router, ... > If NAT can block the ISP from seeing the MAC address of addition computers ... >> Duane Arnold wrote: ...
    (comp.security.firewalls)
Loading