Skip to main content

what is a DMZ

what is a DMZ DMZ stands for a demilitarized zone so that's what we're going to talk about in this video now a DMZ is used to improve the security of an organization's network by segregating devices such as computers and servers on the opposite sides of a firewall so it's sort of like creating two separate networks so the question is why would you want to do this and how does a dmz accomplish this so let's do an example here so here we have a network that belongs to a company and this company has computers and servers that are behind a firewall and in this company we have servers that need to be accessed by people from the internet so that the company can stay in business so for example these servers could be a web server and an email server now because these servers are behind the company's firewall they are inside the company's private network so that would mean that this company is letting in people from an untrusted Network such as the Internet be given access behind the company's firewall and into the company's private network where the servers are but this could cause a security concern because as people are accessing these servers hackers could use this as an opening to cause havoc on the company's network because remember they already got past the firewall because the servers are behind the firewall so now hackers can try and access other sensitive data from other devices that are behind the firewall such as a database server where sensitive data is kept or they may even try and plant a virus so this is a security concern but what if the company put to public access to web and email servers outside the company's internal network and put them on a opposite side of the firewall now the servers would still be in the same building but they would be on the other side of the firewall so now when people access these servers from the internet they are not going to be accessing them behind the company's internal firewall where the company's sensitive data is kept these servers are now out in front facing the internet and fully exposed so this is exactly what a dmz is so these servers are now in a DMZ which is also known as a perimeter Network and this perimeter network can also act like a screened network to detect any malicious activity before it can get behind the firewall and into the company's internal network so a DMZ divides a network into two parts by taking devices from inside the firewall and then putting them outside the firewall now this dmz setup only uses one firewall but a more secure dmz will use two firewalls an extra firewall will be added and then put in front of a DMZ this second firewall adds an extra layer of protection to make sure that only legitimate traffic can access the DMZ and it also makes it a lot harder for hackers to penetrate into the company's internal network because they would have to go through two different firewalls if they want to try and access the company's internal network now there's also a DMZ that you can configure in your home and this is done by using a typical home router now those of you who have configured a home router may have seen a section in the Advanced Settings of the routers configuration page that talks about setting up a DMZ so for example here are the DMZ setup pages from a Linksys and a Netgear home router now this type of setup is not really a true DMZ this is just setting up a DMZ host setting up a DMZ in your home router dezik a device as a DMZ host and will forward all the ports to that device so for example a common use of a DMZ in your home is to put a gaming console such as an Xbox or Playstation and configuring it as a DMZ host and this is done because a lot of these gaming consoles are often used for online gaming and gamers don't want any interference that could happen from a firewall so they don't want to have to mess with any kind of port forwarding configuration which can sometimes be a hassle so they can just go into the DMZ settings in the router and put in the gaming consoles IP address as the DMZ and it's also important to note that the device in the DMZ should be configured with a static IP rather than a dynamic IP so in this set up the home router serves as the firewall and these computers here are safe behind the routers firewall but the gaming console is on the opposite side of the routers firewall and placed in the DMZ and fully exposed to the Internet so in conclusion that's what DMZ means a demilitarized zone in the real world it's an area where the military is forbidden or in the computing world it's where firewall protection is forbidden
Labels:

Comments

Post a Comment

Popular posts from this blog

Printers Explained - Laser, Inkjet, Thermal, & Dot Matrix

hello everyone in this article we're going to talk about different types of printers now printers allow the ability to print copies of documents or photos onto paper from a computer now there are several different types of printers but the most common types that are used in homes and businesses are inkjet and laser printers and there are also a couple of less common printers such as thermal printers and dot matrix printers which we'll talk about later so let's first talk about inkjet printers now inkjet printers are the most common printers that are used in homes they are affordable and they produce photo quality results and they are enough to suit the needs of a typical home user now an inkjet printer works by the printhead moving back and forth across the paper during printing and during this process the printhead places ink on the paper in very tiny dots in fact these dots are so tiny that they are smaller in diameter than a human hair and as these dots are precisely pla...
Post a Comment
Read more

BIOS, CMOS, UEFI - What's the difference?

what is the BIOS CMOS and UEFI so that's what we're going to talk about in this video now BIOS stands for basic input/output system the BIOS is firmware that's built into the motherboard that initializes the computer's hardware as the computer is being booted and then after it initializes the hardware it then searches for a boot device such as an optical drive or a storage drive to boot software such as an operating system so from the start when you first turn on the computer the computer does what's called a power-on self-test or post which is run by the bios it tests the computer to make sure all the requirements are met and if the hardware is working correctly before starting the operating system if the computer passes the test the internal speaker will make a short single beep which indicates that the computer has passed the test and is booting up normally however if there are no beeps or multiple beeps then that means that the computer has failed the test and s...
Post a Comment
Read more

Port Forwarding Explained

what is port forwarding now maybe you've heard about it but you weren't exactly sure what it was or how it works so basically port forwarding allows computers over the Internet to connect to a specific computer or service within a private network it's basically making your computer accessible over the Internet even though you're behind a router so for example let's say a friend of yours at their home wants to remotely control your computer at your home using a service such as remote desktop connection now remote desktop connection is a service built into Microsoft Windows that enables you to connect to another computer running Microsoft Windows and then once you're connected to the remote computer you can use that computers programs and files just as if you were sitting in front of it so now your friend is ready to connect to your computer so we starts up the remote desktop connection and sends the request to your public IP address with a specific port number no...
Post a Comment
Read more