De-Militarized Zone Shortly known asDMZ is a set of computer or small subnet that sits between a trusted network like a corporate private LAN and an untrusted external Public network. The purpose of DMZ is to add additional security features to trusted network from external access and from hackers. DMZ acts as virtual firewall to expose servers to public network such as Mail Server, Web Servers, FTP Servers, and DNS Servers.
In private network there are possible to hack information when users try to access servers such as email, web, DNS. Since the increased security to protect internal network from hackers, separate subnet is created to protect rest of the network. This network has limited access from internal network and external network. DMZ acts as virtual firewall from WAN to DMZ and LAN to DMZ zone.
Traditional DMZ configuration, most LAN network run behind a firewall connected to a WAN network. Some specific servers or computers outside the firewall, in the DMZ. Those systems are protected from intrudes and adds extra security features when exposed to public access.
DMZ can be used to protect services like SMTP, DNS, FTP, VOIP Services, Database Servers and any type of hosting services.