DMZ stands for Demilitarized Zone and is also called a Permiter
network. A DMZ adds another layer of security between an external and
internal network. The purpose of the DMZ is that if someone is able
to break into your network like the WAN router or other device they
won't be able to see the traffic passed between hosts on your Internal
network, because the intruded upon device is on an external network on
a completely different segment than your LAN traffic. Some companies
place their mail servers and webservers on a separate segment from
their Internal LAN. If the web, mail, or DNS server is compromised,
your Internal LAN traffic is still protected from the intruder since
the hosts/devices in the DMZ aren't seeing indirect LAN traffic
because of the internal router.
Sample diagram:
{ Internet }
|
|
( + ) External router
| __
|__________________| | Server on DMZ segment
| ----
|
( + ) Internal router
|
------------------------------------------------------
| |
[ ] [ ]
| __| Host A |__] Host B
On 2 Feb 2001 12:32:36 -0500, [EMAIL PROTECTED] ("Snyder, LeRoy F")
wrote:
>Could anyone explian the DMZ process in a little
>more detial?
>
>-----Original Message-----
>From: John Chang [mailto:[EMAIL PROTECTED]]
>Sent: Sunday, January 28, 2001 4:25 PM
>To: [EMAIL PROTECTED]
>Subject: DMZ
>
>
>Does anyone know a good book or article on the web that explains DMZ in
>great detail? Thank you.
>
>_________________________________
>FAQ, list archives, and subscription info:
>http://www.groupstudy.com/list/cisco.html
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
>_________________________________
>FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
