How do I set up a DMZ?

How do I begin to set up a demilitarized zone (DMZ)?

The answers to this question are many, depending on what you want to do. Here are a few basics.

First, there are two types of DMZs.

In a three-homed perimeter network, the firewall has three network connections. One for connection to the Internet, one for connection to your network and a third, the DMZ on which you place your Web server and other Internet-facing servers.
In a second type of DMZ, the back-to-back perimeter network, you use two firewalls, each with two network connections. One firewall, the Internet facing firewall, has a network connection to the Internet and another to the DMZ network. The second firewall has a connection to the DMZ network and then to your Internal network. In this type of DMZ, the DMZ network is sandwiched between your network and the Internet.

In both cases, you must then configure the firewall to restrict traffic coming to and from one network. For example, you could restrict traffic coming from the Internet to the Web server (only port 80, if that is all you need), then you could prevent port 80 traffic from traversing the second firewall and entering your Internal network. Three-homed perimeter network configuration and Back-to-back perimeter network configuration may be useful to you. Both articles provide pictures.

Dig Deeper on Windows legacy operating systems

DMZ (networking) In computer networks, a DMZ (demilitarized zone), also sometimes known as a perimeter network or a screened subnetwork, is a physical or logical subnet that separates an internal local area network (LAN) from other untrusted networks -- usually the internet.

A glossary of 10 essential network security terms This network security glossary covers both old and new key terms -- such as zero trust networks and microsegmentation -- that can bolster anyone's security vocabulary.

Prevent a network security attack by isolating the infrastructure It may sound like network security basics, but don't underestimate the power of proper segmentation and isolation as an effective way to protect your enterprise network from attack.

Do DMZ networks still provide security benefits for enterprises? DMZ networks were once widely used by enterprises, but are they still common today? Expert Judith Myerson explains why DMZs may be a good security option for some organizations.

How DMZ design improves VM security in the cloud With VM hosting in the cloud, your main concern is VM security. But with a solid DMZ design, you can keep VMs properly isolated.

Next-generation firewalls not ready to replace all legacy firewalls Application-aware firewalls enhance network security by offering deeper visibility, but enterprises will hang on to old-style firewalls.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

Meet all of our Enterprise Desktop experts

View all Enterprise Desktop questions and answers

How do I set up a DMZ?

Dig Deeper on Windows legacy operating systems

Have a question for an expert?

Start the conversation

0 comments

Please create a username to comment.

-ADS BY GOOGLE

SearchVirtualDesktop

Benefits of virtualization highlighted in top 10 stories of 2019

VMware vs. Citrix: VDI security showdown

Understand VDI market shifts from traditional VDI to cloud

SearchWindowsServer

What admins need to know about Azure Stack HCI

How to manage Exchange hybrid mail flow rules

How to repair Windows Server using Windows SFC and DISM

Dig Deeper on Windows legacy operating systems

Have a question for an expert?

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.