Carrier Grade NAT

THE PROBLEM

Already since 2011 IPv4 Addresses are no longer available from the IANA, yet many operators are still adding customers and devices at a rapid pace. IPv6 is the proposed solution but has not yet been widely deployed and current estimates call for up to a 20-year transition period. This is a problem of high importance for any public or semi-public network operators such as campus network or public Wi-Fi service. Carrier Grade Network Address Translation (NAT) bridges this period by conserving public address through the use of private addressing at scale.

SOLVING THE PROBLEM

Using the Firewall to perform Carrier Grade NAT provides a range of advantages for network administrators who need to manage infrastructure. It eliminates additional hardware and dependencies but also simplifies security and audit intelligence through integrated logging capabilities and holistic analytics applications. The solution supports address translation mechanisms in order to support IPv6 host only translation to IPv4 host only addresses. NAT44 functionality extends the use of IPv4 addresses and support legacy devices not supporting IPv6. NAT64 is required to allow IPv6 endpoints to access IPv4 content and destinations. Stateful address/port/protocol translation is supported as well as stateless address translation, also referred to as SIIT, for a dynamic approach. IP addresses from the external pool can either be allocated in a fixed, stateful or stateless fashion.

THE RESULT

Deploying Carrier Grade NAT is a necessity for network administrators as the migration to IPv6 will take time. Utilizing firewall-based Carrier Grade NAT provides significant advantages such as accurate analytics and logging and base security mitigation services such as the ability to detect and act on abnormal traffic patterns. Integrated in the Firewall Carrier Grade NAT reduces costs, simplifies networking infrastructure and increases availability. 

 

1

Higher level of protection

2

Reduction of cost

3

Business continuity

Check all our Use Cases! Download the booklet

DOWNLOAD BOOKLETALL USE CASES

Products

The following Clavister products are capable of providing this use case.

Clavister NetShield S10 Pro

Clavister NetShield P40 Pro

Clavister NetShield Virtual Series

Solutions & Customers

The following solutions and customers benefit from this use-case:

SOLUTION

Protect WiFi Network Operations

Secure and Control Public Network Access Availibility

SOLUTION

OT Micro Segmentation

Bridging OT with IT networks for efficiency benefits

SOLUTION

SGi/Gi Firewalling – Core Security

Protecting the core network for mobile and fixed service providers

Get in touch! It will only take a minute

CONTACT USFIND RESELLER