image
De-militarised zone (DMZ)

De-militarised zone (DMZ)

In this step, you're going to being looking at what is referred to as the De-Militarised Zone (DMZ). Later you'll consider Firewall Policy and, finally, Boundary Controls.

The name for this control is taken from the term demilitarised zone, an area between states in which military operations are not permitted.

What do you think a DMZ is in a computing context?  How do you think an area of this type can help cyber security?

Most firewall architectures involve the creation of a De-Militarised Zone, or DMZ. Which is a small network segment inserted as a neutral zone between an organisation’s private network and an untrusted network, like the Internet.

Here in the diagram, an external webserver is being hosted in the DMZ and users attached to the internet will come through the outer firewall to access this webserver. However, remote users needing access to the internal network must go through both the outer and inner firewalls.

The DMZ provides secure segregation of networks for services to users, visitors, or partners. Separating the external webserver from the internal network can reduce many threats and vulnerabilities. All untrusted web traffic (e.g., internet traffic/email/webservers) will go through DMZ and allow more targeted checks and controls to be implemented such as mail/web gateways, which you explore later in this step.

Diagram showing De-militarised zone featuring inner and outer firewalls to show neutral zone between the private and unrestricted networks.

Figure 1:De-militarised zonev

What’s next

Next, you will look at Firewall policy.

Difficulty
Beginner
Duration
31m
Students
125
Ratings
5/5
Description

In this course you’ll take a deep dive into networks and communications controls, looking at Firewalls, DMZ and VPN among others.

About the Author
Students
44063
Labs
168
Courses
1754
Learning Paths
45

A world-leading tech and digital skills organization, we help many of the world’s leading companies to build their tech and digital capabilities via our range of world-class training courses, reskilling bootcamps, work-based learning programs, and apprenticeships. We also create bespoke solutions, blending elements to meet specific client needs.