Question

DMZ. What is the purpose of implementing a DMZ in your enterprise network? Is the DMZ just another segment of the intranet? Elaborate your answer.

Answer 1

DMZ:

It stands for Demilitarized Zone and is a subnet that exists between untrusted networks and the services safe behind a firewall. They provide access to services without exposing the entire intranet.

Purpose:

The purpose of implementing DMZ is to add security and protect the hosts which are vulnerable to attack. In order to not let the entire network get compromised, the subnetwork is monitored. It acts as a border which safeguards the information behind it which is internal. DMZ can also have an additional firewall. So those hackers or intruders who wish to get into the network would be dealing with DMZ, and the data which is important to the Enterprise is kept safe. The traffic is filtered between the DMZ and private network.

Is the DMZ just another segment of the intranet?

Intranet is a restricted network where the people in organization can store and organize the information. DMZ isn’t a segment of intranet, it’s to provide the security layer to this internal network. DMZ contains all the services to be exposed in the Internet which is an external network. It does allow the untrusted resources to interact such as emails, web servers, etc. The intranet and DMZ are generally on separate networks. Single firewall or a double firewall can be used, the latter provides more security to the intranet. Hence DMZ isn’t just a segment of intranet.

comment for any queries!