DMZ vs Port Forwarding
DMZ (Demilitarized Zone) and Port Forwarding are two terms often used when dealing with internet security. Although they are both used in security, the main difference between the two is how they improve the security. A DMZ is a small part of the network that is openly accessible to the public network or the internet. In comparison, port forwarding is the technique to still have the certain functionalities available even with a firewall in place. Port forwarding doesn’t really add security per se but it does so indirectly by eliminating the reason for not putting up a firewall.
A DMZ doesn’t seem to make sense when you consider that it exposes a part of the network to intrusions from the public network. The main reason behind the DMZ is the protection of the rest of the network. Parts of the network that should be accessible to the public create a security risk since the possibility of the entire network being compromised once that part is. Relocating these services to the DMZ allows the admin to implement tighter security on the rest of the network. Additional firewalls are often put-up between the DMZ and the internal network.
Port forwarding is not really essential and you can still use the internet without it. The problem arises when you want an external application to have the ability to connect to certain services on your machine. It would automatically be blocked by the firewall since the connection was not initiated from within. Once port forwarding is implemented, the router would forward the requests received on a certain port to a specific machine on the network, which services the request. An example where port forwarding is applicable is if you plan to run a web, email, or file server on your computer.
Port forwarding is very common and many people have it in place even if they are not running servers. Some applications, like peer to peer file sharing applications, need port forwarding to function at optimum speeds. In comparison, DMZs are not as common and is used mainly by large companies or institutions that offer web services. It serves their need to separate the public and private parts of their networks.
Summary:
1.A DMZ is a location while port forwarding is a technique
2.Port forwarding is used by almost all while DMZs are only used by large institutions