Network Firewalls: Defending Data with the DMZ
For computer networks, the demilitarized zone (DMZ) is an area where you have placed servers that the public at large — or at least people outside your network — need access to. In the non-computer world, a DMZ is an area two opposing military forces have declared as a buffer zone between each other. Both sides agree that they will stay out of that area.
The DMZ servers are placed outside your network and may have the ability to talk to your internal server. Although the servers are placed outside your network, they are not totally unprotected; they are still behind a firewall in a configuration similar to one of the options shown in the illustration.
The DMZ segment may be installed next to your current firewall or may be an actual zone between your network and the public network. Either is a valid DMZ option, each offering a benefit tradeoff between ease of configuration and security.
In the same manner as creating a DMZ, some companies have isolated their servers on a separate network segment, with a firewall defending that segment.
In this scenario, they have a DMZ protecting their public facing servers, their users behind the DMZ with protection from another firewall, and then their servers protected from their users behind yet another firewall.
This scenario means that if an attack or a virus gains access to the user network, it will not get immediate access to the servers as well. Although this setup may seem a bit paranoid, it is very secure.
Cloud Computing Glossary
cloud computing
A networking solution in which everything — from computing power to computing infrastructure, applications, business processes to personal collaboration — is delivered as a service wherever and whenever you need.
Cloud Computing Glossary
cloud service
The delivery of software, infrastructure, or storage that has been packaged so it can be automated and delivered to customers in a consistent and repeatable manner.
Cloud Computing Glossary
deprovision
The release of cloud services that are no longer needed.
Cloud Computing Glossary
federating
Linking distributed resources together over the cloud.
Cloud Computing Glossary
hypervisor
An operating system that acts as a traffic cop, managing the various virtualization tasks in the cloud to ensure that they make things happen in an orderly manner.
Cloud Computing Glossary
multi-tenancy
The sharing of underlying resources by multiple companies over a cloud.
Cloud Computing Glossary
network attached store
Storage that has its own network address through which it is accessed by the network's workstation users. Acronym: NAS
Cloud Computing Glossary
service level agreement
A contract that stipulates the type of service you need from providers and what type of penalties would result from an unexpected business interruption. Acronym: SLA
Cloud Computing Glossary
solution stack
An integrated set of software that provides everything a developer needs to build an application.
Cloud Computing Glossary
storage area network
A storage systems that is flexible and scalable because it's available to multiple hosts at the same time. Acronym: SAN
Cloud Computing Glossary
vertical industry groups
Workgroups comprised of members from a particular industry such as technology and retail.
Cloud Computing Glossary
virtual memory
The portion of your hard drive that Windows uses to expand the available RAM
Cloud Computing Glossary
virtualization
Using computer resources to imitate other computer resources or whole computers to maximize performance and flexibility.
