A DMZ (demilitarized zone) is a small network which lies between a company's private network and the
outside public network. It prevents outside users from getting direct access to
a server that has company data. A DMZ is more secure approach to a firewall and
effectively acts as a proxy server as well.
In a DMZ configuration for
a company, a separate computer receives requests from users within the private
network for access to Web sites or other companies portal companies accessible
on the public network. The DMZ host then initiates sessions for these requests
on the public network. However, the DMZ host is not able to initiate a session
back into the private network. It can only forward packets that have already
been requested.
Users of the public network outside the company can access only
the DMZ host. The DMZ may typically also have the company's Web pages so these
could be served to the outside world. However, the DMZ provides access to no
other company data
