Hello Turget, nice video. I don't get why natting internal LAN traffic over an IPSec tunnel should improve security (apart from the obvious need in case of overlapping networks). Even without NAT IPSec traffic is handled at the FG level that can do any kind of L3/L7 firewalling. Am i missing something? Thanks!
Thanks for your comments, You right. But when I talk our cyberteam and also I mentioned to video with this sentence : - prevents against address-based spoofing protocols; providing isolation at multi-tenant structure. In Fact I want to prepare new video in order to show restrict to cyber team as continue video series. In that plan I work with our cyber team. I couldn't promise but when i was prepare this video this is our road map. Thanks for your comments, ı hope useful for all.
Hello Turget, nice video. I don't get why natting internal LAN traffic over an IPSec tunnel should improve security (apart from the obvious need in case of overlapping networks). Even without NAT IPSec traffic is handled at the FG level that can do any kind of L3/L7 firewalling. Am i missing something? Thanks!
Thanks for your comments, You right. But when I talk our cyberteam and also I mentioned to video with this sentence : - prevents against address-based spoofing protocols; providing isolation at multi-tenant structure. In Fact I want to prepare new video in order to show restrict to cyber team as continue video series. In that plan I work with our cyber team. I couldn't promise but when i was prepare this video this is our road map. Thanks for your comments, ı hope useful for all.