It is now common for VPN providers to offer NAT firewall feature either as a built-in or separate paid service. But what does it mean by NAT Firewall and why do you need one? If you are connected to the internet you’re probably using a NAT Firewall function right now.
What is NAT? What Does It Do?
- NAT – Network Address Translation – is a standard that allows Local Area Network to separate out traffic into internal and external through sets of different IP addresses.
- (in routers) is located between two networks, the external network (e.g. the internet) and the internal network (e.g. home Wi-Fi network).
- Systems in the internal network have assigned private IP addresses that cannot be routed to the outside network. The gateway is assigned with a few valid public IP addresses.
- The Gateway makes the traffic (requests) coming from an internal network appear as coming from one of the public IP addresses, and transfers incoming data to the system requesting that traffic.
- NAT helps improve the security of the organization and decreases the number of IP addresses.
What is a Firewall? What Does It Do?
A firewall is a piece of hardware or a software program that handles the flow of traffic between a local network (e.g. home Wi-Fi network) and the Internet to help screen out viruses, hackers, and worms from reaching out to your computer.
All internet packets must pass through the firewall, which examines each packet and block the ones that do not pass the security criteria.
What NAT firewall has to do with VPNs?
All the above discussion simply meant NAT Firewall provides security to your network infrastructure. But the problem arises when you use a VPN. As it encrypts all the outgoing and incoming data via an encrypted tunnel, your NAT firewall fails to filter the internet packets thus making you vulnerable to bad packets sent by malicious attackers.
VPN providers which aim to offer NAT firewall as well simply installs a NAT firewall between their VPN server and the internet to mitigate the loss of your built-in NAT firewall.
What if I use only built-in OS firewall software?
It is encouraged to use your OS firewall for basic NAT filtering and added an extra layer of security. However, it utilizes your computer resources while performing the function and prompts you every time it detects suspicious activity which is frustrating. Hardware NAT firewall, on the other hand, filters all the internet packets in instant and accurately without you even knowing.
Also, your mobile devices do not come with a built-in firewall support and are vulnerable to malicious attacks, therefore using a VPN service that offers NAT firewall is always a good choice as it supports NAT firewall filtering on the cloud.