Welcome to Bucaro TecHelp!

Bucaro TecHelp
HTTPS Encryption not required because no account numbers or
personal information is ever requested or accepted by this site

About Bucaro TecHelp About BTH User Agreement User Agreement Privacy Policy Privacy Site Map Site Map Contact Bucaro TecHelp Contact RSS News Feeds News Feeds

Firewall Perimeter Network (DMZ)

Perimeter Network or DMZ

A DMZ (Demilitarized Zone) or Perimeter Network is the area between the firewall that protects the network from untrusted external networks (the Internet) and the firewall that protects the internal network. Intruder attacks on web servers and mail servers are common. Having an additional firewall makes it more difficult for an intruder to gain access to the organizations internal network.

Any service that is being provided to users on the external network can be placed in the DMZ. Hosts in the internal network communicate with services in the DMZ through an intervening firewall, this allows hosts in the DMZ to provide services to both the internal and external network.

The most common services placed in the DMZ are:

web servers
mail servers
FTP servers
VoIP servers

If a web server needs to communicate with an internal database that may contain sensitive information, it can communicate with internal database servers through an application firewall.

You can create a perimeter network with a single firewall, but this configuration is more complicated to configure and is less secure.

To increase security, a reverse proxy server can be used to isolate the servers in the DMZ from direct access by external networks. A reverse proxy server, like a proxy server, is an intermediary, but is used the other way around. A proxy server hides internal host addresses and only exposes its own address to outside clients. A reverse proxy server hides outside clients addresses and only exposes its own address to internal hosts.

More Network Security Articles:
• Domain Name System (DNS) Vulnerabilities
• Denial of Service Attack (DoS) Detection and Mitigation
• Network Security by Filtering
• What's the Difference Between Sniffing, Snooping, and Spoofing?
• Methods to Combat Distributed Denial of Service (DDoS) Attacks
• Difference Between Network Firewall and Web Application Firewall
• Avoid Hacks by Rogue Wireless Devices
• Elementary Information Security
• ARP, MAC, Poisoning, and WiFi Security
• The Use of HoneyPots and HoneyNets to Trick Hackers
Menu - More
Network Security

RSS Feed RSS Feed

Follow Stephen Bucaro Follow @Stephen Bucaro


Computer Networking Sections

Fire HD
[Site User Agreement] [Privacy Policy] [Site map] [Search This Site] [Contact Form]
Copyright©2001-2025 Bucaro TecHelp 13771 N Fountain Hills Blvd Suite 114-248 Fountain Hills, AZ 85268