I want to create a new DMZ from scratch and I don't know how. What are the basic steps for a DMZ setup?
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Fortunately, a demilitarized zone (DMZ) deployment on a network is quite simple. A DMZ is a protected middle ground network where you can deploy servers that offer services to the public. Building one is a simple matter of using a firewall with three network interface cards, configured as shown in the diagram below:
Then, using the firewall, create rules that allow the minimum necessary traffic between zones, subject to the following conditions:
- Systems from the Internet may not connect directly to the intranet.
- Systems from the intranet may not connect directly to the Internet.
The second rule is sometimes omitted for simplicity of implementation. When you do choose to implement your network in this fashion, place a proxy server in the DMZ that users may access when they wish to request information from an Internet-based Web server (for example).
The use of a DMZ implementation to isolate publicly accessible systems is one of the longest-standing principles of information security. I encourage you to pursue this avenue as quickly as possible if you have not already done so. For more information on this topic, read Placing systems in a firewall topology.
- If one server in a DMZ network gets attacked from outside, will other servers be corrupted? Read more.
- Learn whether it's a good idea to place a domain controller within a DMZ.
Dig Deeper on DMZ Setup and Configuration
Related Q&A from Mike Chapple
New guidance from the PCI SSC includes some essential aspects of tokenization security and what merchants need to know about tokenization products.continue reading
HIPAA data breach reporting now uses an electronic Web portal, so what does this mean for covered entities? Expert Mike Chapple explains.continue reading
Complex compliance mandates can lead to compliance fatigue. Expert Mike Chapple explains how to develop an effective compliance management plan.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.