[[network:dmz]]
Differences
This shows you the differences between two versions of the page.
|
network:dmz [2010/11/04 09:39] tibor |
network:dmz [2010/11/15 13:59] (current) mats |
||
|---|---|---|---|
| Line 2: | Line 2: | ||
| A DMZ (demilitarised zone) is a "neutral zone" between a private network (LAN) and the outside public network (Internet). You are recommended to put your externally accessible servers (e.g. web servers) on a DMZ, to isolate them from your LAN in case they get attacked. | A DMZ (demilitarised zone) is a "neutral zone" between a private network (LAN) and the outside public network (Internet). You are recommended to put your externally accessible servers (e.g. web servers) on a DMZ, to isolate them from your LAN in case they get attacked. | ||
| + | |||
| + | {{:network:dmz1.jpg}} | ||
| Machines on the DMZ are protected from the Internet by the firewall, using the same firewall rules as other interfaces. There is no protection / restriction of outgoing traffic, though. PC-s on the DMZ have local IP addresses, but on a different subnet than LAN. | Machines on the DMZ are protected from the Internet by the firewall, using the same firewall rules as other interfaces. There is no protection / restriction of outgoing traffic, though. PC-s on the DMZ have local IP addresses, but on a different subnet than LAN. | ||
| Line 9: | Line 11: | ||
| You select DMZ for a subnet on the [[:web GUI:Network page]]. | You select DMZ for a subnet on the [[:web GUI:Network page]]. | ||
| + | Read more: [[wp>Demilitarized_zone_(computing)|DMZ]] | ||
