The purpose of a DMZ is to protect an intranet from external access. By separating the intranet from hosts that can be accessed outside a local network (LAN), internal systems are protected from unauthorized access outside the network. For example, a business may have an intranet comprised of employee workstations. The company's public servers, such as the web server and mail server could be placed in a DMZ so they are separate from the Internal Network. If the servers were compromised by an external attack, the internal systems would be unaffected.
A DMZ can be configured several different ways, but two of the most common include single firewall and dual firewall architectures. In a single firewall setup, the intranet and DMZ are on separate networks, but share the same firewall, which monitors and filters traffic from the ISP. In a dual firewall setup, one firewall is placed between the intranet and the DMZ and another firewall is placed between the DMZ and the Internet connection. This setup is more secure since it provides two layers of defense against external attacks.
Reviewed by Admin
on
September 01, 2021
Rating:
No comments: