DMZ: DeMilitarized Zone in Networks

Information, Computer and Network Security Terms Glossary and Dictionary

DMZ: DeMilitarized Zone in Networks

In the computer network world, a DeMilitarized Zone (DMZ) is a part of a network separated from other systems by a Firewall which allows only certain types of network traffic to enter or leave. A DMZ or perimeter network is a network area (a subnetwork) that sits between an organisation's internal network and an external network, usually the Internet. For example, Public web servers might be placed in such a DMZ. With the DMZ approach, large companies with complex e-commerce Internet and extranet applications may have a two-tiered approach to firewall security. The point of a DMZ is that connections from the internal and the external network to the DMZ are permitted, whereas connections from the DMZ are only permitted to the external network---hosts in the DMZ may not connect to the internal network. This allows the DMZ's hosts to provide services to the external network while protecting the internal network in case intruders compromise a host in the DMZ.

Related Terms

Firewall, Authentication