DMZ’s make the corporate network a much harder target, but isn’t always effective. It could even be an exponential vulnerability.

Medium to large organisations may have a De-Militarised Zone (DMZ), which protects the private corporate network from the public internet.

Like a gate and air gap to an office block, the DMZ controls what traffic from the internet may enter the corporate network and what traffic may flow back out to the internet. It allows the users of the corporate network to interact over the internet without having to deal directly with it. The corporate provides subsets of information to servers in the DMZ. Those DMZ servers send that information out to, or allow access to it from, the internet. The DMZ servers then take in information from the internet and provide it back to the corporate network.

Firewalls provide the protection between the internet and the corporate network. Give or take a few bells and whistles, there will likely be a firewall between the DMZ and the internet and another firewall between the DMZ and the corporate network.

Leave a Reply

Your email address will not be published. Required fields are marked *