Welcome to Bucaro TecHelp!

Bucaro TecHelp
HTTPS Encryption not required because no account numbers or
personal information is ever requested or accepted by this site

About Bucaro TecHelp About BTH User Agreement User Agreement Privacy Policy Privacy Site Map Site Map Contact Bucaro TecHelp Contact RSS News Feeds News Feeds

Firewall Perimeter Network (DMZ)

Perimeter Network or DMZ

A DMZ (Demilitarized Zone) or Perimeter Network is the area between the firewall that protects the network from untrusted external networks (the Internet) and the firewall that protects the internal network. Intruder attacks on web servers and mail servers are common. Having an additional firewall makes it more difficult for an intruder to gain access to the organizations internal network.

Any service that is being provided to users on the external network can be placed in the DMZ. Hosts in the internal network communicate with services in the DMZ through an intervening firewall, this allows hosts in the DMZ to provide services to both the internal and external network.

The most common services placed in the DMZ are:

web servers
mail servers
FTP servers
VoIP servers

If a web server needs to communicate with an internal database that may contain sensitive information, it can communicate with internal database servers through an application firewall.

You can create a perimeter network with a single firewall, but this configuration is more complicated to configure and is less secure.

To increase security, a reverse proxy server can be used to isolate the servers in the DMZ from direct access by external networks. A reverse proxy server, like a proxy server, is an intermediary, but is used the other way around. A proxy server hides internal host addresses and only exposes its own address to outside clients. A reverse proxy server hides outside clients addresses and only exposes its own address to internal hosts.

More Network Security Articles:
• NMAP (Network Mapper) Port Scanner
• The Role of Security Penetration Testers
• How to Tell if Someone is Lurking on Your Wireless Network
• Denial of Service Attack (DoS) Detection and Mitigation
• Types of DoS (Denial of Service) Attacks
• Are You Meeting ISO 27000 Standards for Information Security Management?
• What is Cross Site Scripting?
• How to Become a Professional Ethical Hacker
• Network Security
• Digital Signatures and Certificates

RSS Feed RSS Feed


Follow Stephen Bucaro Follow @Stephen Bucaro


Computer Networking Sections

Fire HD
[Site User Agreement] [Privacy Policy] [Site map] [Search This Site] [Contact Form]
Copyright©2001-2018 Bucaro TecHelp 13771 N Fountain Hills Blvd Suite 114-248 Fountain Hills, AZ 85268