This document discusses network address translation (NAT) features and how to design a secure NAT network. It describes different types of NAT including static, dynamic, and masquerading NAT. When implementing NAT, considerations include network size, security needs, location, IP addressing, and data flow rates. Securing the NAT network involves using routing/remote access filters, address pools, special ports, and VPN connections. The optimal design devotes one machine to act as the NAT server, connecting over persistent routes with multiple internet connections to enhance performance and availability.