DMZ Explained | Demilitarised Zone

Показать описание

Join the Discord Server!
---------------------
MY FULL CCNA COURSE

FREE CCNA FLASHCARDS

HOW TO PASS THE CCNA

SOCIAL

Disclaimer: These are affiliate links. If you purchase using these links, I'll receive a small commission at no extra charge to you.
---------------------------------------------------------------------------------------------------------------

What is a DMZ?

Well, the name comes from the military.

In military terms, it's an area where military activity is forbidden, often along borders. A well-known example of a Demilitarised Zone is the border between North and South Korea.

A DMZ, in computer terms, is similar. It's an area of a network where security rules and policies are more relaxed.

But, why on earth would you want to relax security policies?

Well, imagine you have a web server. You install it in your network just like all of your other devices.

You want people to access your web server and visit your website right? So you allow public access to your web server through your router and firewall.

Now, this may seem fine, but it leaves you vulnerable to attacks. Web servers and websites are not bulletproof, and they require a lot of work to keep maintained, up-to-date and secure.

Let's say an attacker targets your website, and that attacker can get access to the web server itself. This is where the problems start.

Because our web server is installed alongside our other corporate servers and workstations, the attacker can now start to attack these machines from the web server. With a bit of luck, the attacker could gain access to the entire network. This is called lateral movement.

From here, it's really up to the attacker what they do next. It could be the exfiltration of your data or infecting your systems with ransomware, which will encrypt your data.

So, what is the solution?

Instead of installing the web server in the corporate network, we can install it into its own network called a DMZ.

A DMZ is created with two firewalls. The first firewall allows public access to our web server; the second firewall blocks public access.

If an attacker can access our web server, they may try to get lateral movement by attacking other machines in the network. Well, because we have separated this web server into its own network, there are no other machines to attack, and our second firewall blocks access to our corporate network.

So, while the web server has been compromised, the DMZ allows us to contain the attack to just that web server.

This dramatically reduces the cyber attack's impact and makes the hacker sad. Meanwhile, the rest of the corporate network is unharmed and operating as normal.

CertBros

Рекомендации по теме

Комментарии

This video is honestly one of the most simple, yet clearly explained real life execution of a DMZ. I work in It Security and i've watched hundreds of videos that try to explain this concept but fail because of their lack of application. Videos that simplify concepts to a basic level help people learn better. Great job! 👍

klwtherd

I'm a beginner and I simply love the way you explained with with animation and pictures. Thanks a bunch!!!

harisharavindkumar

mate u are amazing u helped me a lot keep going never seen any simple way more then that

nadimsaade

Hey please keep uploading CCNA related videos.. lot's of love 🤗❤

Shubham-Mishra

How does having 2 firewalls provide better security & redundancy?

The firewalls are protecting different elements.

If one firewall goes down the internal traffic won’t be getting out since it’s in the path of outgoing traffic….?

CyberTronics

Great simplified explanation AND application. Since watching I'm thinking the public facing network should be on a separate provider circuit.

lenyfreeman

I love you for creating this video and explaining so beautifully ❤

laitkoriancowboy

i was looking for DMZ call of duty but i stayed

leanophologolo

appreciated as always, one of the best at making learning enjoyable and easy to absorb

Don-Carillo

Subscribed, sir! This is great stuff.

kahlillabastilla

If you block any other traffic (source WAN, destination any, port any, action - deny) then how workstations can browse Internet?

LoremIpsum

Great video thanks for the animation to further drive the concept home.

Amwfilms

then how the web server talks to the backend?

anldursun

Can a server in a DMZ pose a security risk to the rest of the network? Like if i put my playstation ip on DMZ network will it put any danger on my other devices if it got hacked ?

Thank you in advance.

Omairi

Hi CertBros. I just checked your website. The CCNA course is already available to purchase?

chochanga

DMZ Explained | Demilitarised Zone

DMZ Explained | Demilitarised Zone

What is a DMZ? (Demilitarized Zone)

Demilitarised Zone Explained | What Is DMZ | Cybersecurity For Beginners | Simplilearn

What is DMZ || Important concept || Network #lightboard #Informationsecurity #Demilitarizedzone

What is a Networking DMZ (Demilitarized Zone)?

What is a DMZ (Demilitarized Zone)?

How the Korean DMZ Works

Network Security | What is a DMZ?

Inside the DMZ; one of the world's most dangerous place in the world

DMZ explained | demilitarized zone

Module 5: Demilitarized Zone (DMZ)

The Korean DMZ: The World’s Most Dangerous Border by Morris M.

DMZ Explained in 3 minutes

What is the DMZ? - OneMinuteKnowledge

DMZ and Network Security Tools

What is a DMZ? Demilitarised Zone or Perimeter Network Explained Benefits and Setup Guide

North Korean explaining the DMZ (DPRK)

Demilitarized zone DMZ in Network Security | Role of Firewall in routing traffic | DMZ vs Extranet

The demilitarized zone (DMZ) between North Korea 🇰🇵 and South Korea 🇰🇷 ?

DMZ, Funzionalità e scopo

What is a DMZ? | Cybersecurity Concepts | Netowrk Security Basics

Joint Security Area- Funny scene at the DMZ

What is DMZ And Its Purpose || What is DMZ (Demilitarized Zone)

Demilitarized Zone (DMZ) Introduction, Architecture of DMZ, Advantages of DMZ over Normal Firewall