|
Reece
A DMZ is a "De-Militarized Zone". Its a term that techs have borrowed from the military. The basics are its a spot on your network that is kept seperate from the rest in regards to security - like a web server - so that the world can access its data without actually touching the important stuff INSIDE your network.
If I have a web server that needs to look up some SQL data for example - I don't want all the data available to be stolen. So I don't want to put the database server on the same machine as the web server. I can put the web server outside on a DMZ so that it is more visible (has less security) and can only access my network in a way I specify. This allows me to minimize the risk to my data. If a hacker actually did compromise the web server, he/she still has the limited access since the web server only can touch certain things internally.
Long story short, its an option for how to set things up security wise.
__________________
Good Hunting!
Captain Haplo
|