10.5. DMZ and Subnets
A demilitarized zone (DMZ) is a perimeter network, or a network area that sits outside an organization's internal network. A DMZ is used to hold public-facing servers that need to be accessible to the Internet, and are therefore more likely to face attacks. The purpose of this is to mitigate the damage should one of these hosts be compromised. Important or sensitive information should never be kept in a DMZ. On consumer-grade routers, a DMZ typically refers to an address to which all suspect traffic is forwarded. In home environments, the DMZ is often configured incorrectly. We often find that it is used to forward all traffic to a specific address, rather than researching which ports need to be accessible for each service ...
Get Enterprise Mac Security: Mac OS X Snow Leopard now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
