SPI and NAT:
SPI stands for stateful paket inspection, essentially it looks at each packet of information that passes through it and determines its purpose. Basically it can identify what kind of information or traffic, is being transfered, and make decisions on how to handle that traffic based on that identification. For instance you can filter web sites based on key words that, in some cases are preconfigured and in other cases, are completly self configured. You could look at an SPI firewall as a Network Highway partrol-person, setup to look for the bad guys and it will do just that. This is a very simplified description of SPI, for more information on SPI and NAT try the manufacturers web sites, Lynksis, DLink, US Robotics, Buffalo, KarlNet, Cisco and so on.
NAT stands Network Address translation. All it really does is allows a single public IP address or a subnet(a group) of public IP address to be used by multiple computers. What does this mean...well when you make a connection to a web site to request information to be viewed on your computer, that website need to know where to send the information back to. Your computer, if it behind a NAT firewall, is likely to have a private IP address, (a private IP address in not routable on the internet - just like speed boats dont work well on interstate highways, square peg in a round hole....you get the idea) anyway....the NAT translates you private IP to one the Public IPs on its WAN connection. Basically it maps your Private IP to a TCP port and sends the connection on to the web you are requesting information from with a reply IP of one of the public IPs on your router AND the TCP that your router assigned to your connection. So if this is all just giberish and you just want the bottom line.....well here it is...NAT is like hiding someone in the underground...without the secret decoder ring and a map, you just cant be found.
Are MAC address filtering, MAC authentication, MAC address control the same thing?
Yes, they all mean the same thing essentially, or at least as it relates to access control. Every single network card, be it a modem, a router, an AP has a UNIQUE MAC address, sometimes several (one for each port). MAC authentication allows you to specify which MAC addresses are allowed access to your network or to the internet through your network. It is a powerful feature with very low cost to resources. It does not protect information that is transmitted to or from the WiFi router, in other words it has nothing to do with encryption only with access to a Medium. Medium or media is the transport mechanism through which data is tranmitted. Types of media include: airwaves(RF), copper(ethernet 802.3), fiber optic (SONET) and so on. The acronym MAC stands for Media Access Control, in a sense, MAC authentication becomes self explanitory.
Hope this helps....sorry about the spelling/typing errors....perpetual fat fingers
regards
Tbaggin
