U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

    Glossary
A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

demilitarized zone (DMZ)

Abbreviation(s) and Synonym(s):

DMZ

Definition(s):

  Perimeter network segment that is logically between internal and external networks. Its purpose is to enforce the internal network’s Information Assurance policy for external information exchange and to provide external, untrusted sources with restricted access to releasable information while shielding the internal networks from outside attacks.
Source(s):
NIST SP 800-82 Rev. 2 under Demilitarized Zone (DMZ) from CNSSI 4009

  An interface on a routing firewall that is similar to the interfaces found on the firewall’s protected side. Traffic moving between the DMZ and other interfaces on the protected side of the firewall still goes through the firewall and can have firewall protection policies applied.
Source(s):
NIST SP 1800-21C under Demilitarized Zone (DMZ)
NIST SP 800-41 Rev. 1 under Demilitarized Zone (DMZ)
NIST SP 800-82 Rev. 2 under Demilitarized Zone (DMZ)

  3. An interface on a routing firewall that is similar to the interfaces found on the firewall’s protected side. Traffic moving between the DMZ and other interfaces on the protected side of the firewall still goes through the firewall and can have firewall protection policies applied.
Source(s):
CNSSI 4009-2015 from NIST SP 800-41 Rev. 1

  A host or network segment inserted as a “neutral zone” between an organization’s private network and the Internet.
Source(s):
NIST SP 800-44 Version 2 under Demilitarized Zone (DMZ)
NIST SP 800-45 Version 2 under Demilitarized Zone (DMZ)
NIST SP 800-82 Rev. 2 under Demilitarized Zone (DMZ)

  2. A host or network segment inserted as a “neutral zone” between an organization’s private network and the Internet.
Source(s):
CNSSI 4009-2015 from NIST SP 800-45 Version 2

  1. Perimeter network segment that is logically between internal and external networks. Its purpose is to enforce the internal network’s Information Assurance (IA) policy for external information exchange and to provide external, untrusted sources with restricted access to releasable information while shielding the internal networks from outside attacks.
Source(s):
CNSSI 4009-2015

  A network created by connecting two firewalls. Systems that are externally accessible but need some protections are usually located on DMZ networks.
Source(s):
NIST SP 1800-21B under Demilitarized Zone (DMZ) from NISTIR 7711
NISTIR 7711 under Demilitarized Zone

  Perimeter network segment that is logically between internal and external networks. Its purpose is to enforce the internal network's information assurance policy for external information exchange and to provide external, untrusted sources with restricted access to releasable information while shielding thei internal networks from external attacks.
Source(s):
NIST SP 1800-12b under demilitarized zone

  A perimeter network or screened subnet separating an internal network that is more trusted from an external network that is less trusted.
Source(s):
NIST SP 1800-16B under Demilitarized Zone
NIST SP 1800-16C under Demilitarized Zone
NIST SP 1800-16D under Demilitarized Zone