Install ZoneAlarm on all of your end nodes first. Just go to the website and download the free version. What you really need to do to have a managed firewall solution would be to install the ZoneAlarm pro with Integrity to manage your personal firewall endpoints. Since Integrity is not going to be launched for about 30 days you could use the Sygate secure enterprise solution if you must have something today. NAT won't compromise your VPN connection, in fact it will help to protect your network since it won't give hackers direct route access to your machines. It is not a fullproof solution, though (since you can piggyback on a connection via NAT if you know how to) but it is better than not using NAT at all. If you use this in conjunction with a managed personal firewall, then you should be OK.
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.