In it's most common configuration, NAT maps all of the private IP addresses on a home network to the single IP address supplied by an Internet Service Provider (ISP). This allows computers on the home LAN to share a single Internet connection. Additionally, it enhances home network security by limiting the access of external computers into the home IP network space.
NAT works by snooping both incoming and outgoing IP datagrams. As needed, it modifies the source or destination address in the IP header (and the affected checksums) to reflect the configured address mapping. NAT technically supports either fixed or dynamic mappings of one or more internal and external IP addresses.
NAT functionality is usually found on routers and other gateway devices at the network boundary. NAT can also be implemented entirely in software. Microsoft's Internet Connection Sharing (ICS), for example, adds NAT support to the Windows operating system.
By itself, NAT does not provide all the features of a true firewall, but it is often used on servers that feature other firewall and antivirus support. NAT was designed originally to conserve public Internet address space. Internet RFC 1631 contains the basic NAT specification.