74. What is a demilitarized zone (DMZ) and why are information security policies so important?

A demilitarized zone (DMZ) is essentially a network designed to protect an organization’s internal network from the untrusted public network, primarily the Internet. It’s essentially a neutral zone or “buffer” that adds another layer of security to an organization’s local area network (LAN). Because computing systems that are often vulnerable to cyber security attacks are those providing services outside of the LAN (i.e., web servers being very common), they’re logically isolated in a DMZ and are “facing” the untrusted public network. Along with web servers, mail servers and FTP servers are commonly positioned within a DMZ. Additionally, proxy servers (particularly “web proxies”, revers proxies, etc.) are often found within the DMZ as they serve as an intermediary, whereby a client connects to a proxy server for purposes of making a request, for which the proxy server itself evaluates it.

As for architecture of a DMZ, its best viewed as having firewalls and routers exposed to the untrusted external network, for which these devices filter traffic accordingly to the DMZ and the internal network. Simply stated, a properly configured DMZ essentially blocks traffic from the untrusted external network from entering directly into internal hosts by vetting, filtering, and applying checks and rules to all traffic. It’s about access along with protecting systems from exposure to untrusted environments.

Information Security Policies | A Critical Component for DMZ Documentation | Download Now

Just as important as one’s DMZ architecture is having well-documented information security policies and procedures in place, such as those for network security, web server security, user access, change management, along with dozens of other areas. Today’s growing regulatory compliance laws along with the need for establishing clearly defined best practices make information security policies and procedures a must-have for any organization serious about ensuring the confidentiality, integrity, and availability (CIA) of critical system resources.

FLANK industry leaders in the field of information security, have developed an incredibly comprehensive, FLANK21 set of documents containing literally hundreds of operational, business specific, and information security policies, procedures, forms, checklists, templates, provisioning and hardening documents - and more.

Information Security Policy Documents | Hundreds More Available for Download

The FLANK21 set of documentation offered for instant download includes critical security documentation for all devices functioning within a DMZ, such as web servers, mail servers, and more. Additionally, the comprehensive set of information security policies also included numerous technical provisioning and hardening documents, such as those for web servers, operating systems, databases, and more.