DMZ Demilitarized zone
The demilitarized zone (DMZ) where you can find filtered traffic from both the inner and the outer network. This zone does not allow any connections directly into the internal network.
DMZ is an architecture involving 1.Internet, 2.DMZ area and 3.Internal Network. You know 1 & 3 but in 2 DMZ Area you put your web server/Data Server. Anything inside DMZ area can not interact directly with 3. Bcoz Inside 3 you have important organisational data, real time generation data etc. so 2 can access this data through fire wall (port 80) or you are going to push data from 3 using ftp or replicating your database etc.
so in dmz area you have two things 1.web server/proxy server which serves webpages
2. Database server / Real time generation data server which keeps data
similarly in your internal network you again have to maintain two things.1.web server/proxy server which serves webpages
2. Database server / Real time generation data server which keeps data
Since 2 have limited access of 3. so you make replica of webpages/database using ftp/vpn thus ur internal data is safe. And you and ur bosses knows in advance that how much data is going to be compromised using DMZ area.
For NIC here is the diagram
Internet Cloud<----->NIC(10.2.X.X) DMZ Server(Web+Data) NIC(191.268.X.1)<---->NIC(191.268.x.2)Internal Server(web+data) NIC(192.168.x.1)<--->Your network
DMZ is an architecture involving 1.Internet, 2.DMZ area and 3.Internal Network. You know 1 & 3 but in 2 DMZ Area you put your web server/Data Server. Anything inside DMZ area can not interact directly with 3. Bcoz Inside 3 you have important organisational data, real time generation data etc. so 2 can access this data through fire wall (port 80) or you are going to push data from 3 using ftp or replicating your database etc.
so in dmz area you have two things 1.web server/proxy server which serves webpages
2. Database server / Real time generation data server which keeps data
similarly in your internal network you again have to maintain two things.1.web server/proxy server which serves webpages
2. Database server / Real time generation data server which keeps data
Since 2 have limited access of 3. so you make replica of webpages/database using ftp/vpn thus ur internal data is safe. And you and ur bosses knows in advance that how much data is going to be compromised using DMZ area.
For NIC here is the diagram
Internet Cloud<----->NIC(10.2.X.X) DMZ Server(Web+Data) NIC(191.268.X.1)<---->NIC(191.268.x.2)Internal Server(web+data) NIC(192.168.x.1)<--->Your network
Comments