| During the course of the last few years, it has become increasingly evident that there is a pronounced need for protection of internal networks from the outside world. As machine technologies have improved and extensive shifts in the functions that a user can accomplish through more user-friendly interfaces have occurred, many more attacks have been mounted against enterprise and nonenterprise systems. Unlike the patterns in the past, when networks were primarily attacked and probed by “professional” attackers, the systems you protect are now routinely scanned by individuals and groups ranging from pre-teens “just trying it out” to organized groups of criminals seeking to abridge your systems or utilize information that is stored within your enterprise that can give them identities, disclose trade information, allow them access to funds, or disrupt critical services that your organization provides.
This book is designed to be a definitive work for your use in understanding the concepts of protection, the terminology and pieces of the demilitarized zone (DMZ) structure, and design of the DMZ for the enterprise.A DMZ is a method of providing segregation of networks and services that need to be provided to users, visitors, or partners through the use of firewalls and multiple layers of filtering and control to protect internal systems.
Along the way, the authors will provide you with the information you need to appropriately design, implement, monitor, and maintain an efficient and useful DMZ structure.The book contains not only the theory but the “how to” information that you will need in order to be successful in protecting your internal networks from attack. Information is available about different hardware and software implementations (including Cisco PIX, Nokia, Check Point, Microsoft ISA Server, and others) that you will find useful in planning and implementing your DMZ. |