Enterprise services that must be exposed to untrusted networks, such as Web servers and SMTP servers, should be placed in the DMZ. This arrangement ensures that, in the event of a compromise, internal users and systems have a firewall that protects them from an affected server. Placing enterprise users (who belong on the intranet) in the DMZ eliminates this layer of protection and puts them at risk to systems on the untrusted network.
Dig Deeper on Enterprise network security
Related Q&A from Mike Chapple
Examine the important differences between stateful and stateless firewalls, and learn when each type of firewall should be used in an enterprise ... Continue Reading
Explore the differences between wired and wireless network security, and read up on best practices to ensure security with or without wires. Continue Reading
Choosing to encrypt confidential data with AES or DES encryption is an important cybersecurity matter. Learn about the important differences between ... Continue Reading