Calling all security pros: What are the requirements that make a DMZ a DMZ? If I stand up a server in a segmented network exposed to untrusted with only the ports open that are absolutely necessary? How is that any different than opening ports in the firewall to an internal server other than segmenting the server from other servers?
I know what a DMZ is but don't quite understand what are the different pieces that make a complete DMZ solution or DMZ best practices? Isolate from internal systems by doing more than just putting the server on it's own subnet? Is there specific firewall requirements that make it a 'DMZ' ? How is a DMZ different from an application zone?
Thanks in advance!!