[Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Port forwarding and reverse proxy, somewhat different question

Posted on 2014-03-27
2
Medium Priority
?
1,406 Views
Last Modified: 2014-03-27
Are port forwarding mostly performed by routers and switches with router capability ?

Or are there other products that would perform this within the context of a firewall and DMZ based system

Thanks
0
Comment
Question by:Anthony Lucia
2 Comments
 
LVL 9

Accepted Solution

by:
rfportilla earned 1000 total points
ID: 39959144
Without a specific example, I'm not sure what you are looking for.  

Port forwarding would typically be a NAT function or firewall function.  The purpose is to allow certain traffic through.  Many routers have NAT and Firewall capabilities, but the primary purpose of a router is to send traffic accross different IP subnets regardless of port number.

In the case of a firewall, Port forwarding is primarily for security.  This can be direct translation from port number to port number.  (a request on port 80 on the firewall translates to port 80 on a server.  

In the case of NAT, which is very common, it is used to counter the IP range compression.  In other words, NAT takes all IP requests from the internal network and sends them out to the public network as being from 1 IP address, typically.  Therefore, all hosts from the outside see only 1 IP address.  If you have multiple computers on the inside network that host the same service on the same port, a direct translation scheme won't work.  For instance, if you have 3 computers on your network that require remote access via port 3389 and the NAT only has one public IP address, the public port 3389 can only map to one computer.   There for you can do what is called PAT (Port Address Translation) to forward one port to another, such as port 3390 on the NAT to port 3389 of a specific computer in the protected network.

This concept is independent of private network and DMZ, although typically, in a secure network, you should provide public services from a DMZ.  

I don't know if this answers your question.  Please provide feedback.  Thanks.
0
 
LVL 10

Assisted Solution

by:0xSaPx0
0xSaPx0 earned 1000 total points
ID: 39959152
Port forwarding is usually performed by a firewall or a router. Basically whatever filtering device is being used to filter network traffic.

If you have an internal service on an internal address and you need external clients to access it you can use port forwarding to allow the traffic to pass to the internal network.

Switches generally are not used for port forwarding unless there are VLANs implemented that require that functionality. However since switches are not as efficient as firewalls or routers for this purpose it is generally not recommended to do so.
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

An overview of cyber security, cyber crime, and personal protection against hackers. Includes a brief summary of the Equifax breach and why everyone should be aware of it. Other subjects include: how cyber security has failed to advance with technol…
Securing your business data in current era should be your biggest priority. Numerous people are unaware of the fact that insiders commit more than 60 percent of security breaches. You need to figure out the underlying cause and invoke your potential…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question