Understanding DMZ

by cisspfix Posted on December 7, 2009

A demilitarized zone (DMZ) is a physical or logical sub-network that contains and exposes external services of an organization to a larger network, usually the Internet. The purpose of a DMZ is to add an additional layer of security to an organization’s Local Area Network (LAN); an external attacker only has access to equipment in the DMZ, rather than the whole of the network. Hosts in the DMZ have limited connectivity to specific hosts in the internal network, though communication with other hosts in the DMZ and to the external network is allowed. This allows hosts in the DMZ to provide services to both the internal and external network, while an intervening firewall controls the traffic between the DMZ servers and the internal network clients.

In a DMZ configuration, most computers on the LAN run behind a firewall connected to a public network like the Internet. One or more computers also run outside the firewall, in the DMZ. Those computers on the outside intercept traffic and broker requests for the rest of the LAN, adding an extra layer of protection for computers behind the firewall.

Traditional DMZs allow computers behind the firewall to initiate requests outbound to the DMZ. Computers in the DMZ in turn respond, forward or re-issue requests out to the Internet or other public network, as proxy servers do.

Share
This entry was posted in Security. Bookmark the permalink.

7 Responses to Understanding DMZ

  1. Melissia Iacovone says:
    July 2, 2010 at 5:20 PM

    We are a group of volunteers and starting a new initiative in our neighborhood. Your post provided us with valuable information to help us get started|.You have done an impressive job!

  2. Cassey Hunneyman says:
    July 2, 2010 at 7:55 PM

    Thanks for taking the time to discuss this, I feel strongly about it and love learning more on this topic. If possible, as you gain expertise, would you mind updating your blog with more information? It is extremely helpful for me.

  4. eve isk says:
    May 20, 2011 at 12:08 AM

    You made a few good points there. I did a search on the theme and found a good number of persons will have the same opinion with your blog.

  5. Relationship Advice says:
    May 20, 2011 at 2:04 AM

    Thanks, my group has been looking for this kind of stuff.

  6. Cheap Glasses says:
    May 20, 2011 at 3:02 AM

    Cheers for a fantastic blog write-up, wherever do you uncover all of your facts?

  7. eve isk says:
    May 27, 2011 at 2:21 AM

    This website is pretty cool. How was it made .

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>