User Manual Part 1
Table Of Contents
- Check Point Safe@Office User Guide 8.0
- Copyright & Trademarks
- Contents
- About This Guide
- Introduction
- About Your Check Point Safe@Office Appliance
- Safe@Office 500 Product Family
- Product Features
- Wireless Features
- Optional Security Services
- Software Requirements
- Getting to Know Your Safe@Office 500 Appliance
- Getting to Know Your Safe@Office 500W Appliance
- Getting to Know Your Safe@Office 500 ADSL Appliance
- Getting to Know Your Safe@Office 500W ADSL Appliance
- Contacting Technical Support
- Safe@Office Security
- Installing and Setting Up Safe@Office
- Getting Started
- Configuring the Internet Connection
- Managing Your Network
- Using Bridges
- Configuring High Availability
- Using Traffic Shaper
- Working with Wireless Networks
- Viewing Reports
- Viewing Logs
- Setting Your Security Policy
Using NAT Rules
386 Check Point Safe@Office User Guide
Using NAT Rules
Overview
In an IP network, each computer is assigned a unique IP address that defines both the host
and the network. A computer's IP address can be public and Internet-routable, or private
and non-routable. Since IPv4, the current version of IP, provides only 32 bits of address
space, available public IP addresses are becoming scarce, most having already been
assigned. Internet Service Providers will usually allocate only one or a few public IP
addresses at a time, and while larger companies may purchase several such addresses for
use, purchasing addresses for every computer on the network is usually impossible.
Due to the lack of available public IP addresses, most computers in an organization are
assigned private, non-routable IP addresses. Even if more public IP addresses became
available, changing the private IP address of every machine in a large network to a public
IP address would be an administrative nightmare, being both labor intensive and time
consuming. Therefore, organization's computers will most likely remain with private, non-
routable IP addresses, even though in most cases they require access to the Internet.
In addition to the issue of arranging Internet access for computers with non-routable IP
addresses, IP networks present a security challenge. Since making a network’s internal
addresses public knowledge can reveal the topology of the entire network, the network
administrator may want to conceal both routable and non-routable IP addresses from
outside the organization, or even from other parts of the same organization, in order to
enhance security.
The Safe@Office appliance solves both issues through the use of Network Address
Translation (NAT) rules. A NAT rule is a setting used to change the source, destination,
and/or service of specific connections.