Register now or log in to join your professional community.
DMZ is "De Militarized Zone", we create this zone not only for Cisco PIX/ASA, but any firewall installed on our LAN. The devices mainly in DMZ will be servers, which will be separated from the LAN zone (inside) and WAN zone (outside)
One of the main reasons for the servers to be kept separate is, if any of the servers is compromised, the risk can be mitigated to DMZ zone itself, for example, if servers and LAN devices are kept together and if any device is compromised, then the risk is, the malware can spread to other devices easily.
Hope I answered your question.
