The term DMZ stands for demilitarized zone and is derived from a military term for a area between two nations that acts as a buffer between them. In computer security, this buffer is between an internal network and the external network. The internal network is protected by a firewall, while another computer outside the firewall acts as the interface to the external network. Thus, the firewall itself is shielded behind another layer of security. The buffer created between the firewall and this external computer is the DMZ. Usually the internal network is a corporation, home or office network, while the external network is the Internet.
The computer on the outside of the firewall can be either a single computer or a cluster of computers, as determined by the network designers.
In computer security, a DMZ is also known as a demarcation zone or a perimeter network. It is either a physical or logical sub-network created to separate out the internal network from untrustworthy external networks.
A typical configuration of a DMZ contains devices such as Web servers, FTP servers, e-mail (SMTP) servers and even DNS servers. These provide an additional layer of security to the internal network.
Image source: What is a DMZ and how do I build one? 
(WindowSecurity.com)
References
- What is a DMZ? (BroadbandReports.com)
- What is a DMZ and how do I build one? (WindowSecurity.com)
Print view
Email to a friend
Submit to Reddit
Save to del.icio.us
Submit to Digg.com
Stumble It!