The menu Network Protection > NAT allows you to define and manage NAT rules of the gateway. Network Address Translation (NAT) is the process of rewriting the source and/or destination addresses of IP packets as they pass through a router or gateway. Most systems using NAT do so in order to enable multiple hosts on a private network to access the Internet using a single public IP address. When a client sends an IP packet to the router, NAT translates the sending address to a different, public IP address before forwarding the packet to the Internet. When a response packet is received, NAT translates the public address into the original address and forwards it to the client. Depending on system resources, NAT can handle arbitrarily large internal networks.
Sophos UTM Administration Guide