DMZ - what it is and how it works

In this article we will discuss the concept of DMZ in detail. Let's try to answer the questions about what a DMZ is, how it appeared, and how to set up the DMZ. Everyone will be able to gather at least general information on this topic.

The causes of the demilitarized zones

Now it's less and less common to see any companies without computers. And where there are computers, there is an internal local network that unites them.

The presence of a common internal local network is very practical and safe in itself. But with the advent of the worldwide Internet, everything has become a bit more complicated. Now the vast majority of companies use the services of the World Wide Web. This greatly facilitates the workflow, as everyone can find any information of interest in a matter of seconds.

But with the development of the Internet there was also a threat of penetration into the company's general network from outside. First of all, it concerned companies that have public Internet services, available to any user of the World Wide Web. The danger was that the attacker, having access to the web service, could also gain access to personal information stored on any of the computers connected to the internal local network. This caused a number of difficulties, which are solved by creating a DMZ.

Original Source

The first thing that is worth knowing about DMZ is that it is, first of all, a military term, originating from the designation "demilitarized zone". It means a certain part of the territory located between two opposing states. It prohibits any form of military activity - be it a special operation, diversion or espionage.

DMZ demilitarized zone: architecture and implementation

From the interpretation of the original term it becomes clear to us that the DMZ is a certain section of the terrain on which all kinds of harmful activity are prohibited. And this is extremely successful characterizes the whole essence of this, let's say, tricks.

We need to understand the very concept of DMZ, which is an extremely simple solution, which is the creation of a separate segment of a computer network that is isolated from all external Internet hosting and from the internal network of the company. Also this restriction of control or a complete prohibition of access to both the Internet and the internal network.

Create a separate segment of the network is easy enough. For this, firewalls or firewalls are used. The very word "firewall" to an ordinary user can be known from films about known hackers, but very few people know what he is.

A firewall is a software and hardware unit of a computer network that divides it into sectors and allows filtering incoming network traffic according to the rules specified by the operator (administrator). Also, in case of unauthorized access, the attacker only gets access to those files that are located within the separated sector, without prejudice to the rest.

There are at least two types of configurations of demilitarized zones - with one firewall or with a multitude. In the first configuration, the firewall splits the network into three sectors:

• Internal network;
• DMZ;
• Internet channel.

But still, this method provides an insufficient level of protection. In most large companies, the second method is still used - with a large number of firewalls. In this case, the attacker will have to overcome at least one additional system perimeter with his traffic filter, which significantly increases security.

Customize

Sure, many have already sufficiently inquired about DMZ, that this is a simple and effective way to ensure the security of your computer network. Users of multi-channel Internet routers can themselves assess this ingenious trick for hackers.

All that is required to configure the DMZ is to output one device as a local network, connecting it, respectively, via a separate cord to the free socket of the router, then assign it a static IP address, then activate it in the DMZ window and restart the device.

Before all manipulations, you should make sure that all devices have the latest protection. After that, you can freely use this though simple, but effective protection against encroachment on your personal data.

This article briefly described all the most important facts about the DMZ: what it is, how it works, and, most importantly, its purpose.