Defining the DMZ Environment

The demilitarized zone (DMZ) is a special network that joins a private corporate network with an untrusted network. That untrusted network might belong to a business partner, a carrier, an Internet service provider (ISP), or other parts of the corporate network. The DMZ supports very specific ingress and egress connectivity between the two networks.

The DMZ contains routers, packet filters, Ethernet switches, DNS servers, web servers, proxy servers, socks servers, and telnet gateways. It’s generally a collection of subnets configured for very specific security-minded functionality. Correct operation of the DMZ is critical and it must be managed proactively.

Ingress into the private network is often restricted to ...

Get OpenView Network Node Manager: Designing and Implementing an Enterprise Solution now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.