DMZ (Demilitarized Zones) feature in wireless router provides security segregation by segmenting the network when you need to expose a host (Computer or Game console) to be accessible by other users from the internet.
When you need to expose the computer / game console to the un-trusted network (aka the internet), you should provide a security boundary for the exposed host separated from your internal network. Mostly wireless routers have the DMZ or port forwarding features for gaming purposes. Normally in business firewall / router all traffic will be controlled, authenticated, filtered, and logged according to the policies set by forcing the traffic to pass through a single concentrated checkpoint. This way you can significantly reduce, but not eliminate the amount of unauthorized traffic reaching the private network.
Should you expose a host to allow others in the internet access it such as in online gaming; you can utilize the DMZ or port forwarding feature of the router. With DMZ you can provide segmentation for a security boundary. What is actually the concept of the router DMZ or port forwarding?
The DMZ feature allows one network computer to be exposed to the Internet for use of a special-purpose service such as Internet gaming or videoconferencing. DMZ hosting forwards all the ports at the same time to one PC. The Port Forward feature is more secure because it only opens the ports you want to have opened, while DMZ hosting opens all the ports of one computer, exposing the computer to the Internet.
The following figure shows the diagram of the firewall with DMZ hosting. All the traffic with green dotted lines are allowed to pass through the exposed host but denied to flow to the internal network.
Should you expose a host / PC to be accessible by other computers in the internet, you should configure the IP address with static IP, do not use automatic setting (DHCP enabled). The IP address of the exposed host with DHCP enabled will change frequently.
From the configuration menu of your router you can select DMZ feature Enabled and type in the selected IP address of your exposed host. Or you can manually enter a specific source IP address of the computer you want to allow access from the Internet. Please consult your user manual book, each router has specific configuration but the concept is the same.
By Ki Grinsing
See also:
- How to choose the best gaming laptop – specs to know
- How to choose the best wireless router for gaming – Specs need to select
- Wireless router with 2 USB ports – TEW-673GRU – allow you share USB printer and Storage in one time
- TEW691GR Wireless n gigabit router by Trendnet – high speeds up to 450 Mbps
- WNDR37-AV Netgear Wireless n router for gaming and video DLNA compliant
- Best dual band wireless routers
Recent Comments