A demilitarized zone (DMZ) is defined as an isolated networking space or sub-network that is cut off from the rest of the organization’s connected footprint using logical or physical blockers to facilitate access to untrusted connections in a safe space.
The Working of a DMZ
Demilitarized zones are isolated network spaces on the enterprise perimeter serving as a secure and intermediary network between an organization’s internal and non-proprietary networks. It prevents illegal traffic from entering a company’s internal local-area network. In military parlance, a demilitarized zone (DMZ) is an area where warring parties agree to lay aside their disagreements to achieve a state of peace — for instance, the narrow strip of land that divides the Korean Peninsula, separating North and South Korea.
Network components and services like the domain name system (DNS), file transfer protocol (FTP) server, web servers, proxy servers, etc., are typically placed inside a DMZ. These servers and resources are compartmentalized and have limited local area network (LAN) access to ensure one can access them via the internet rather than the internal LAN. The DMZ technique makes it challenging for hackers to gain direct internet access to an organization’s data and internal systems.
