A DMZ serves as a front-line network that interacts directly with the external networks while logically separating it from the internal network.
A demilitarized zone may also be known as a network perimeter or perimeter network.
DMZ is primarily implemented to secure an internal network from interaction with and exploitation and access by external nodes and networks. DMZ can be a logical sub-network, or a physical network acting as a secure bridge between an internal and external network.
A DMZ network has limited access to the internal network, and all of its communication is scanned on a firewall before being transferred internally. If an attacker intends to breach or attack an organisation’s network, a successful attempt will only result in the compromise of the DMZ network - not the core network behind it. DMZ is considered more secure, safer than a firewall, and can also work as a proxy server.
Also see: What are Honeypots?
Have something to say about this article? Comment below or share it with us on Facebook, Twitter or LinkedIn.