ابدأ بالتواصل مع الأشخاص وتبادل معارفك المهنية

أنشئ حسابًا أو سجّل الدخول للانضمام إلى مجتمعك المهني.

متابعة

Why its required to configure DMZ on a network?

user-image
تم إضافة السؤال من قبل Dheeraj Chopra , Assistant Manager , Grant Thornton
تاريخ النشر: 2016/06/18
Mohan Subramaniam Rajan Iyer
من قبل Mohan Subramaniam Rajan Iyer , Technical Consultant

DMZ  is required to be configured as a separate zone, In case any attack on the end user takes place the DMZ configuration which helps in secluding the main network from the external users network to smoothly on the internet usage for the end users without any compromise on the main network to function smoothly and effectively.

Umar Sa'ad
من قبل Umar Sa'ad , Assistant Network & Security Manager , Dangote Petroleum & Petrochemicals FZE

The main idea behind a DMZ is to allow you share internal services and resources with the outside world in a secure manner without exposing internal networks

hafiz waqas arshad
من قبل hafiz waqas arshad , Network Administrator , gujranwalla

dmz is a host services  for client like web service or file server and other use many purpose use

like client server access

Jerwin Taduran
من قبل Jerwin Taduran , DATACOM ENGINEER , HUAWEI TECHNOLOGIES PHILIPPINES

DMZ or Demilitarize Zone is the who face outside network from your network. 

it is responsible for filtering/checking all traffic outside your network(Internet).

NOUFAL kUTTIPORICHATHIL
من قبل NOUFAL kUTTIPORICHATHIL , Sr.IT Support Engineer , OryxGTL

DMZ configuration for secure network

Hemza ATOUB
من قبل Hemza ATOUB , Sr. CYBER SECUIRITY Consultant IT/OT Certified IBM QRadar| Arcsight SIEM | ISO 27k1 | ICS | 20 CSC , CONFIDENTIAL

The DMZ on any network is needed to publish internal company ressources and make it accessible from outside the netwok or company and make restrictions on those ressources using differente devices and control policies

i.e : make internal company ressources accessible from outside ---->  To be published on DMZ

Syed Abdul Muqtader Razvi
من قبل Syed Abdul Muqtader Razvi , IT Infrastructure and Cyber Security Specialist , AL Rowad Educational Group

Best practice is to place servers in Demiliarized zone or DMZ. DMZ in simple term will ensure the security of local hosts in private network from external attacks, if there is any attack on servers from internet. 

Ansari Mohammed Badarudeen
من قبل Ansari Mohammed Badarudeen , IT Solutions Architect , ICIT

Reasons why you want a DMZ and the benefits it offers. The general idea is that you put your public faced servers in the "DMZ network" so that you can separate them from your private, trusted network. The use case is that because your server has a public face, it can be remotely rooted. If that happens, and a malicious party gains access to your server, he should be isolated in the DMZ network and not have direct access to the private hosts (or to a database server for example that would be inside the private network and not on the DMZ).

How to do it: There are several ways, but the 'book example' is by utilizing two firewalls (of course you can achieve the same result with one firewall and smart configuration, although hardware isolation is nicer). Your main firewall is between internet and the server and the second firewall between the server and the private network. On this second firewall, all access from the server to the private network ideally would be forbiden (of course it would be a statefull firewall so if you initiate a connection from the private network to the server it would work)

مستخدم محذوف‎
من قبل مستخدم محذوف‎

In computer security, a DMZ, or demilitarized zone is a physical or logical subnetwork that contains and exposes an organization's external services to a larger untrusted network, usually the Internet. The term is normally referred to as a DMZ by IT professionals. It is sometimes referred to as a Perimeter Network. The purpose of a DMZ is to add an additional layer of security to an organization's Local Area Network (LAN). When employing the DMZ concept they are configured to reside within their own subnetwork. This allows the remainder of the network to be protected if a rogue actor or hacker is able to succeed in attacking any of the servers.

Rajesh Gangwani
من قبل Rajesh Gangwani , Senior Consultant Risk & Compliance , Infopercept Consulting Pvt Ltd

DMZ(De-Militarized Zone) or in simple language the place where critical servers & other IT infrastructure is kept safe. DMZ's have been a standard component of network design ever since firewalls were invented. A DMZ is a network segment that contains all resources, such as Web servers and mail servers, accessible from the Internet. Implementing a DMZ allows you to limit network traffic from the Internet to these resources in the DMZ, while preventing any network traffic from the Internet to your internal network. As a general rule, a DMZ server should never contain any valuable data, so even if someone managed to break into a server in the DMZ, the damage would be minor.

The DMZ concept relies on firewall rules that allow network traffic to move between different security zones based on IP addresses and ports. Some firewalls add inspection of application-layer filtering to the mix, inspecting application protocols like HTTP.

Muhammad Salem
من قبل Muhammad Salem , Sr. Technology Project Manager , HealthOne Alliance

To keep certain traffic from entering the local network and keep potential hackers from penetrating or seeing other devices that they should not be seeing

المزيد من الأسئلة المماثلة