[Term of the Day]: DMZ

[Term of the Day]: DMZ

Term of the Day


"DMZ" 


DMZ in computer networks referred to as "Demilitarized Zone" it's designed to protect an organization’s internal network (such as a LAN) from the untrusted public network, commonly the Internet. It acts as a perimeter network ( which can be either a physical or logical subnet) and secures the internal network from the external network. DMZ allows servers to provide services to both the external and internal networks.

All services accessible to users on communicating from an external network can be quarantined inside the DMZ, most common services found in DMZ are Web servers, Mail servers, FTP servers, DNS servers, etc. Users through the internet can access webpages in the DMZ web server and can get required details, however confidential information about the company stored in the LAN, will be restricted. 

As DMZ is exposed to the internet, it becomes highly vulnerable to cyber-attacks. If they intend to breach or attack the organization’s network, they can only penetrate the DMZ network, still the private network will be safe and secured. 

The architecture of the DMZ network 

There are various ways to design a network with a DMZ. The two fundamental ways are to apply either Single or Dual firewalls

Single Firewall (Three Legged DMZ Model)

The three-legged DMZ model uses a single firewall with at least three network interfaces to make the architecture that holds a DMZ. In this arrangement, the outside network gets created or made from the Internet Service Provider to the network’s firewall on the first network interface. The network DMZ is created from the third network interface and the internal network is then taken from the second network interface.

In the three-legged model, the firewall becomes the single point of failure for the whole network. It is also important to be capable to manage all traffic bound for both the DMZ and the internal network.

Dual Firewall 

To form a more reliable network DMZ, two firewalls can be utilized to set up the architecture. The “Front-End” firewall is set up to enable traffic to pass to and fro the DMZ only. The “Back-End” firewall is then set up to cross traffic from the DMZ to the inside network.

The two firewall or dual firewall model is regarded to be safer than the three-legged DMZ option as there would have to be two firewalls that would have to be negotiated for the network to be endangered.

You can secure ServiceDesk Plus in the DMZ network, in addition, you need to open Ports between DMZ and LAN along with mail server port.  
        New to M365 Manager Plus?
        New to M365 Manager Plus?
          New to RecoveryManager Plus?
          New to RecoveryManager Plus?
            New to Exchange Reporter Plus?
            New to Exchange Reporter Plus?
              New to SharePoint Manager Plus?
              New to SharePoint Manager Plus?
                See all integrations
                New to ADManager Plus?
                See all integrations
                New to ADManager Plus?

                  New to ADSelfService Plus?

                  Start your free trial
                  Start your free trial





                            Related Products