Bayt.com

Communiquez avec les autres et partagez vos connaissances professionnelles

Inscrivez-vous ou connectez-vous pour rejoindre votre communauté professionnelle.

Suivre

Why its required to configure DMZ on a network?

Computer Science Network Security Network Systems Network Applications Internet
user-image
Question ajoutée par Dheeraj Chopra , Assistant Manager , Grant Thornton
Date de publication: 2016/06/18
Apprécier (1) Vues (30) Suiveurs (16) Réponses (14) Report Question
Ajoutez Une Réponse
Inscrivez-vous ou connectez-vous pour répondre.
Mohan Subramaniam Rajan Iyer
par Mohan Subramaniam Rajan Iyer , Technical Consultant

DMZ  is required to be configured as a separate zone, In case any attack on the end user takes place the DMZ configuration which helps in secluding the main network from the external users network to smoothly on the internet usage for the end users without any compromise on the main network to function smoothly and effectively.

Umar Sa'ad
par Umar Sa'ad , Assistant Network & Security Manager , Dangote Petroleum & Petrochemicals FZE

The main idea behind a DMZ is to allow you share internal services and resources with the outside world in a secure manner without exposing internal networks

hafiz waqas arshad
par hafiz waqas arshad , Network Administrator , gujranwalla

dmz is a host services  for client like web service or file server and other use many purpose use

like client server access

Jerwin Taduran
par Jerwin Taduran , DATACENTER ENGINEER , STAR SERVICES L.L.C

DMZ or Demilitarize Zone is the who face outside network from your network. 

it is responsible for filtering/checking all traffic outside your network(Internet).

NOUFAL kUTTIPORICHATHIL
par NOUFAL kUTTIPORICHATHIL , Sr.IT Support Engineer , OryxGTL

DMZ configuration for secure network

Hemza ATOUB
par Hemza ATOUB , Sr. CYBER SECUIRITY Consultant IT/OT Certified IBM QRadar| Arcsight SIEM | ISO 27k1 | ICS | 20 CSC , CONFIDENTIAL

The DMZ on any network is needed to publish internal company ressources and make it accessible from outside the netwok or company and make restrictions on those ressources using differente devices and control policies

i.e : make internal company ressources accessible from outside ---->  To be published on DMZ

Syed Abdul Muqtader Razvi
par Syed Abdul Muqtader Razvi , IT Infrastructure and Cyber Security Specialist , AL Rowad Educational Group

Best practice is to place servers in Demiliarized zone or DMZ. DMZ in simple term will ensure the security of local hosts in private network from external attacks, if there is any attack on servers from internet. 

Ansari Mohammed Badarudeen
par Ansari Mohammed Badarudeen , IT Solutions Architect , PAR Technology

Reasons why you want a DMZ and the benefits it offers. The general idea is that you put your public faced servers in the "DMZ network" so that you can separate them from your private, trusted network. The use case is that because your server has a public face, it can be remotely rooted. If that happens, and a malicious party gains access to your server, he should be isolated in the DMZ network and not have direct access to the private hosts (or to a database server for example that would be inside the private network and not on the DMZ).

How to do it: There are several ways, but the 'book example' is by utilizing two firewalls (of course you can achieve the same result with one firewall and smart configuration, although hardware isolation is nicer). Your main firewall is between internet and the server and the second firewall between the server and the private network. On this second firewall, all access from the server to the private network ideally would be forbiden (of course it would be a statefull firewall so if you initiate a connection from the private network to the server it would work)

Utilisateur supprimé

In computer security, a DMZ, or demilitarized zone is a physical or logical subnetwork that contains and exposes an organization's external services to a larger untrusted network, usually the Internet. The term is normally referred to as a DMZ by IT professionals. It is sometimes referred to as a Perimeter Network. The purpose of a DMZ is to add an additional layer of security to an organization's Local Area Network (LAN). When employing the DMZ concept they are configured to reside within their own subnetwork. This allows the remainder of the network to be protected if a rogue actor or hacker is able to succeed in attacking any of the servers.

Rajesh Gangwani
par Rajesh Gangwani , Senior Consultant Risk & Compliance , Infopercept Consulting Pvt Ltd

DMZ(De-Militarized Zone) or in simple language the place where critical servers & other IT infrastructure is kept safe. DMZ's have been a standard component of network design ever since firewalls were invented. A DMZ is a network segment that contains all resources, such as Web servers and mail servers, accessible from the Internet. Implementing a DMZ allows you to limit network traffic from the Internet to these resources in the DMZ, while preventing any network traffic from the Internet to your internal network. As a general rule, a DMZ server should never contain any valuable data, so even if someone managed to break into a server in the DMZ, the damage would be minor.

The DMZ concept relies on firewall rules that allow network traffic to move between different security zones based on IP addresses and ports. Some firewalls add inspection of application-layer filtering to the mix, inspecting application protocols like HTTP.

Muhammad Salem
par Muhammad Salem , Sr. Technology Project Manager , HealthOne Alliance

To keep certain traffic from entering the local network and keep potential hackers from penetrating or seeing other devices that they should not be seeing

Plus de Réponses
Ecrivez Votre Réponse
More Questions Like This

Avez-vous besoin d'aide pour créer un CV ayant les mots-clés recherchés par les employeurs?

Obtenir de l'aide