Back to Security Pattern Catalog
: Perimeter Security, Tampering
Internet technology systems are regularly subject to attacks against their functionality, resources and information. Using a firewall to protect the system from malicious traffic, does not work if the firewall is not configured correctly.
How can we protect the systems from direct attacks?
Provide a region of the system that is separate from both internal and external users and the internal data and functionality – commonly known as the demilitarized zone (DMZ). Restrict access to the region from outside by limiting network traffic flow to certain physical servers. Use the same technique to restrict access from servers in the DMZ to the internal systems.
DMZs provided by Sun, Cisco, Microsoft etc.
Packet Filter Firewall
Last modified: May 05, 2012
and Maintained by: Munawar Hafiz