Manage Learn to apply best practices and optimize your operations.

How to configure and implement a DMZ

Learn how to design and configure a DMZ in this network security Ask the Expert Q&A.

What are the constraints of setting up a DMZ and what are the basic appliances needed?

DMZs (demilitarized zones) are the network equivalent of neutral ground. They provide an isolated network segment for public-facing services, such as Web and mail servers. The private side of your network is protected from these servers, as their public accessibility makes them more vulnerable to compromise.

The standard approach for creating a DMZ involves the use of a firewall with three network interfaces. For more information and an illustration, read Choosing the Right Firewall Topology.

More on this topic

Visit our resource center for news, tips and expert advice on how to configure a DMZ to prevent unwanted external access to your network.

This was last published in July 2006

Dig Deeper on Enterprise network security