NAT or transparent mode for firewall?

[herura]

I recently purchased a SonicWall firewall for a server I have at a datacenter. It supports both NAT and transparent mode. Both would work for my use. The server backs up user files (compressed and enycrypted) for my clients. It also provides DNS, Web and Mail services for these same clients. It runs win2k server.

My question is under what conditions would you use one over the other?

Thanks

[Sixpac_XP]

It depends on what IP addressing you are using. Are you using internal private IP address's or routable internet IP's?

Do you want to seperate the networks completely and put them in their own subnet?

[Sixpac_XP]

Oh and for what purpose are you using this firewall? I have installed and used 4 sonicwalls (Pro 100's) untill we put in Cisco Pix firewalls.

[herura]

My primary purpose is to prevent hackers from getting to my server. I have used the PIX (505 and 515) as well, and while is an excelent firewall, I find it difficult to use, just as any cisco IOS based device is. I prefer the sonicwall because it is simply easier to setup and will work just fine for my use.

As for IP's. I have public routable IP's.

[bdj]

Unless there is some reason not to, I would use NAT. Even though you have a routable IPs, there is no reason to give any one an easy way into your network. If the IP / IPs assigned to you by your ISP are different than your internal address, than NAT is the way to go.

bdj

[Sixpac_XP]

I would really need to see a network diagram to understand what you are trying to do since you are talking about other services that this server is doing such as DNS and Webmail.

[DVNT1]

I would normally go with Transparent mode when possible. At least less NAT mappings to worry about.