Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

what does "DMZ"  which is between the inner & outer firewall means?

Posted on 2004-11-18
15
Medium Priority
?
2,679 Views
Last Modified: 2013-11-16
what does "DMZ"  which is between the inner & outer firewall means?
0
Comment
Question by:she1
15 Comments
 
LVL 41

Expert Comment

by:stevenlewis
ID: 12614804
demilitarized zone
0
 
LVL 41

Expert Comment

by:stevenlewis
ID: 12614814
0
 
LVL 9

Expert Comment

by:TannerMan
ID: 12616392
The DMZ is an area for you to place servers/machines that you need exposed to the internet and do not want to open up holes into your internal network for accessing them. Some people refer to the DMZ as the anything goes territory because, unless you properly restrict the DMZ machines, they are wide open to attack. In summary,,,,a place to allow direct internet access to machines wihtout having to get to your internal network.
0
Cyber Threats to Small Businesses (Part 2)

The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.

 

Author Comment

by:she1
ID: 12625099
so it is inbetween the the inner & outer firewall, inside the inter firewall is the intranet which is your  internal network, is it right?


militarized  zone is fully exposed to the outside attack, is it right?

thanks
0
 
LVL 41

Expert Comment

by:stevenlewis
ID: 12625132
>militarized  zone is fully exposed to the outside attack, is it right?


the demilitarized zone is

>>so it is inbetween the the inner & outer firewall, inside the inter firewall is the intranet which is your  internal network, is it right?
No, it is outside your firewall
0
 
LVL 41

Expert Comment

by:stevenlewis
ID: 12625135
did  you check the link I provided, it explains it well
0
 
LVL 9

Expert Comment

by:TannerMan
ID: 12625159
Well, the best way to look at it is this.

Internet
       ^
       |
FIREWALLL --->DMZ network
       |
       V
Internal network


It is another network card on your firewall, but can visually be looked upon as setting out to the side. The firewall still is used to regulate the DMZ access.
The DMZ is somewhat fully exposed.  You can still control access, but it is MORE exposed than your private network by far.
It is just a way to get machines that MUST be accesssed by internet to a place that will limit the exposer to your ENTIRE netowrk.

Hope that helps.
0
 
LVL 41

Expert Comment

by:stevenlewis
ID: 12625257
>>The firewall still is used to regulate the DMZ access
I disagree with this
the firewall is by passed in the DMZ
dmz explained in laymans terms
http://computer.howstuffworks.com/firewall4.htm
0
 
LVL 41

Expert Comment

by:stevenlewis
ID: 12625287
>>The firewall still is used to regulate the DMZ access
I disagree with this
Of course I'll read any documentation that proves me wrong (always trying to learn) :-)
0
 
LVL 9

Expert Comment

by:TannerMan
ID: 12626479
Here you go
Trihomed DMZ
I have used this in ISA and Checkpoint Firewalls.
There are many, many diffrent ways to set it up.

http://www.isaserver.org/tutorials/ISA_Server_DMZ_Scenarios.html
0
 
LVL 41

Expert Comment

by:stevenlewis
ID: 12626513
Cool, but I think that is a different scenario than a router/gateway firewall dmz?
0
 
LVL 9

Expert Comment

by:TannerMan
ID: 12626716
I am not going to debate here on she1's dime, but there was no mention of a router/gateway dmz in the posting. It was asked, however, about DMZ between Inner and Outer firewall wich really, my example to she1 was not indicative of.
In the same article you'll see the same setup known as Back to Back Private DMZ. That would be a DMZ that sets between and inner and outer firewall.

You disagreed that the firewall can still be used to regulate DMZ access. Using Checkpoint and ISA I have done just that. Hope that helps clarify where I was coming from in my personal opinion/experience of DMZ configuration options.
0
 
LVL 41

Expert Comment

by:stevenlewis
ID: 12626796
:-)
0
 
LVL 7

Accepted Solution

by:
JJ2 earned 80 total points
ID: 12652039
0
 
LVL 9

Expert Comment

by:jabiii
ID: 12659650
basicly and most simplisticly.

A DMZ can either be a "extra" network off your FW or it can be a "safezone" for your internal network.

as an extra network it is just that you basicly have 2 internal networks and 1 external. (yes each internal has 2 external networks)

as a safezone you can route traffic incoming/outgoing through your dmz to be scanned/snooped/pooped before passing to either the internal or external

everything coming from outside your network can either go to your dmz, through your dmz to your internal, or straight to your internal, (reverse for outgoing)

and ofc, as stevenlewis said: demilitarized zone
0

Featured Post

Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Loops Section Overview
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question