For industrial wireless routers. Its function is relatively strong, the data transmission speed is fast, the signal is stable. Users will also encounter some more professional problems in the process. Today, Ruigu Zhilian will explain to you that DMA is the same and different from NAT for industrial wireless routers.

  

1. Introduction to NAT

  

NAT -- translates private network addresses (such as enterprise intranets) into public addresses (such as the Internet) Internet, thus hiding internal management IP addresses and translating them into a small number of external registered IP addresses, This reduces the cost of IP address registration and the increasing scarcity of address space (i.e. IPV4) while also hiding the internal network structure, thus reducing the risk of internal network attacks.

  

NAT routers, firewalls, and individual functions often integrate NAT. Of course, most popular operating systems or other software (mainly proxy software, such as WINROUTE) also have NAT capabilities. The NAT device (or software) is used to ensure that the private status table IP address of the internal network is mapped to the valid IP address of the external network. Each packet is translated into the correct IP address by the NAT device (or software) and sent to the next level. Unlike a normal router, a NAT device actually modifies the packet header, changing the source address of the internal network to the external network address of the NAT device itself, whereas a normal router only reads the source address and destination address before reading the local address of the source and destination.


  微信截圖_20220121174941.png


 2、Introduction to DMZ


DMZ stands for demilitarized zone. Its Chinese name is DMZ. To prevent the external network from accessing the internal network server after the firewall is installed, the buffer between the non-secure system and the secure system is set. A buffer is a small network area between an enterprise's internal network and its external network. Some server facilities that must be exposed, such as enterprise Web servers, FTP servers, and forums. On the other hand, the DMZ protects the internal network more effectively in this way, because this network deployment provides another checkpoint for attackers than a typical firewall solution.


  

Using this technology, network equipment developers have developed corresponding firewall solutions. It's called the non-military structure model. The DMZ is usually a filtered subnet. The DMZ establishes a security zone between the internal network and the external network. The DMZ firewall scheme adds a security perimeter to the internal network to be protected and is generally considered very secure. At the same time, it provides an area to place a common server, which can effectively avoid some interconnected applications in conflict with internal security policies. The DMZ typically includes fortress hosts, Modem pools, and all public servers, but it is important to note that the e-commerce server is only used for user connections, and the actual e-business background data needs to be kept on the internal network.