De-Militarized Zone

---

In information security, DMZ has multiple meanings. Classically it refers to the part of the perimeter between your service provider's point of demarcation and where you assume control. It can also mean any protected network, usually one at least partially accessible via the Internet. SANS∞ has a number of papers shown below to help you learn about DMZ design and testing and also offers information security training in firewalls, DMZs and VPNs.

RR paper∞ by Scott Young on DMZ design.

RR paper∞ by Chris Mahn on three tiered or complex DMZs, if this sounds like overkill to you, it is worth noting the Visa Security Commandments for credit card merchants specify a separate DMZ for credit card activity.

RR paper∞ by Jeff Pipping on extranets, a special type of DMZ.

Still haven't found what you are looking for? GIAC∞ has hundreds of advanced papers on DMZs, firewalls and perimeter security and every paper has a section on auditing firewalls and also puts a firewall design under attack.
http://www.giac.org/GCFW.php∞

---