Firewalls: Network Address Translation

Firewalls
(April 1995)

Indexed By Thread: [Previous] [Next]

Subject:	Network Address Translation
From:	Brantley Coile <bwc @ translation . com>
Date:	Tue, 11 Apr 1995 07:30:09 -0700
Apparently-to:	firewalls @ greatcircle . com

We at Network Translation build a NAT box called Private Internet Exchange (or PIX). 
Works great.  We've got about 30 in the field.  

One unexpected benefit is the by-product of keeping information on TCP connections
thru the box.  We can do higher-level packet filtering.  Since we have all the knowledge  
of connections that a proxy server has we can do better filtering.  But, since we
wrote all the code from boot rom to command parser, we are as fast as a packet filter;
we designed everything around the packet path.

We don't use UNIX or any other general purpose OS (not even a real-time one.) because
the resources we needed to manage had to do with the traffic thru the box.


We've been shipping since December.

Brantley Coile
CTO  Network Translation, Inc.
bwc @
 translation .
 com

Indexed By Date	Previous:	Improvements to Scanning and Free Scan Set Reset From: fc @ all . net (Dr. Frederick B. Cohen)
Indexed By Date	Next:	Re: Firewall Products From: Adam Shostack <adam @ bwh . harvard . edu>
Indexed By Thread	Previous:	Network Address Translation From: lars @ RNS . COM (Lars Poulsen)
Indexed By Thread	Next:	X proxy service From: kmac @ baosc . com (Keith McCloskey x8110)