DMZ - what is it and how does it work

Table of contents:

DMZ - what is it and how does it work
DMZ - what is it and how does it work

In our article, we will analyze the concept of DMZ in detail. We will try to answer questions about what a DMZ is, how it appeared, and how to set up a DMZ. Everyone will be able to draw for themselves at least general information on this topic.

dmz what is this
dmz what is this

Reasons for demilitarized zones

Now it is less and less common to find any company without computers. And where there are computers, there is also an internal local network that unites them together.

In itself, the presence of a common internal local network is very practical and safe. But with the advent of the worldwide Internet, things have become a little more complicated. Now the vast majority of companies use the services of the World Wide Web. This greatly simplifies the workflow, as everyone can find any information they are interested in in a matter of seconds.

But with the development of the Internet, there was also a threat of penetration into the general local network of the company from the outside. First of all, this concerned companies that have public Internet services available to any user of the World Wide Web. The danger was that an attacker, having gained access to a web service, could also gain access to a personalinformation stored on any of the computers connected to the internal local network. This caused a number of difficulties, which are solved by creating a DMZ.


The first thing to know about the DMZ is that it is primarily a military term, originating from the designation "demilitarized zone". It means a certain piece of territory located between two opposing states. It prohibits any form of military activity - be it a special operation, sabotage or espionage.

DMZ Architecture and Implementation

From the interpretation of the original term, it becomes clear to us that the DMZ is a certain area of \u200b\u200bthe area where any type of malicious activity is prohibited. And this very well characterizes the whole essence of this, let's say, trick.

We should be clear about the DMZ concept itself, that this is an extremely simple solution, which is the creation of a separate segment of a computer network, isolated from all external Internet hosts and from the company's internal network. It is also a restriction of control or a complete ban on access to both the Internet and the internal network.

dmz setting
dmz setting

Creating a separate network segment is easy enough. For this, firewalls or firewalls are used. The word "firewall" itself may be known to an ordinary user from films about famous hackers, but few people know what it is.

A firewall is a software and hardware unit of a computer network that divides it into sectors andallowing to filter incoming network traffic according to the rules set by the operator (administrator). Also, in case of unauthorized entry, the attacker gets access only to those files that are within the separated sector, without harming the rest.

demilitarized zone dmz
demilitarized zone dmz

There are at least two types of DMZ configurations - with one firewall or with many. In the first configuration, the firewall divides the network into three sectors:

  • internal network;
  • DMZ;
  • Internet channel.

But still, this method provides an insufficient level of protection. Most large firms still use the second method - with a large number of firewalls. In this case, the attacker will have to overcome at least one additional system perimeter with his own traffic filter, which significantly increases security.


I'm sure many of you already know enough about the DMZ that it's a simple and effective way to keep your computer network secure. Users of multi-channel Internet routers can appreciate this ingenious ploy for hackers.

All that is required to set up DMZ is to connect one device as a local network by connecting it, respectively, through a separate cable to a free socket on the router, then assign it a static IP address, then activate it in the DMZ window and restart device.

Before all the manipulations, you should make sure that on all devicesthe latest protection versions are installed. After that, you can freely use this simple yet effective protection against encroachment on your personal data.

This article has summarized all the most important facts about the DMZ: what it is, how it works, and, most importantly, its purpose.

Popular topic

Editor's choice