[_d3nx]

CheckPoint can pass traffic without NAT. NAT is only needed when you need to access to internet from private or non-routable IP networks. for more you should check Firewall and Smartdefense document.

Many computers in an organization have private, non-routable IP addresses, but nevertheless require access to the Internet. In most cases it is impossible to simply give them Internet-routable IP addresses, due to the lack of available public IP addresses, and administrative constraints.
IPv4 (the current version of IP) provides only 32 bits of address space, so available IP addresses are becoming scarce, most having already been assigned. Internet Service Providers will usually allocate only one or a few addresses at a time. Larger companies may purchase several addresses for use, but purchasing addresses for every computer on the network is usually impossible.

Even if public IP addresses become available, changing the addresses of every machine in a large network can be an administrative nightmare, being both labor intensive and time consuming.