NAT refers to network address translation.  NAT (Network Address Translation) is Firewall Software Blade's feature and ensures greater security by replacing/translating IPv4 and IPv6 addresses. NAT hides internal IP addresses from the Internet in order to protect the identity of a network. A firewall can alter both the source and destination IP addresses of a packet.

The firewall, for example, translates the source IP address (to a new one) of packets that go from an internal computer to an external computer. Firewalls translate the new IP addresses back to the original IP addresses as packets RETURN from the external computer. When packets return from the external computer, they are routed to the correct internal computer.

Example: Suppose a network has 1,000 computers but one internet connection. What makes it possible that 1000 devices can access one internet connection, right? This is made possible by NAT. A private IP address is assigned to each of the 1000 computers, i.e., (10.0._._), and they are all connected to the ROUTER. It is connected directly to the internet and has NAT settings configured.

When PC 1 (which has an IP address of 10.0.0.1) attempts to access the internet (www.google.com), it will first send a request to the router, and the router converts the private IP address into a public IP address (10.0.0.1 - 12.0.0.1) and FORWARDS the request to the Google web server. This information is, however, saved in the NAT forwarding table by the router before forwarding this request. So, when the RESPONSE comes from the web server, the router can CONVERT the public IP back to the private IP (12.0.0.1 - 10.0.0.1), and deliver the information back to the requested PC.