I would like to know the difference between a DMZ and a VLAN (either a private or community VLAN).
It would be wonderful if you could help me out!
Thanks in advance!
Asked
Active
Viewed 1.5k times
2 Answers
5
A DMZ is a network between an internal LAN and an external network (mostly the internet) for some data-exchange between these networks. It is a security zone to protect your internal LAN against a possible attack from the external network. A possible attacker controls after a successfully hack just the zone between the Networks, not your internal network. DMZ means "DeMilitarized Zone".
A VLAN can be a DMZ. This is just a virtual separation of different networks inside one hardware-network-environment. So for example you can have different networks within one switch.
That a DMZ is realized with a VLAN or by separation with different hardware doesn't matter for the concept.
1
DMZ, VLANS and VPNs are entirely different things.
Oversimplifying a bit -
VLANs are virtual switches. Imagine you have, for example, a VOIP phone network and a desktop network using separate internet connection. Using VLANs you can plug all the devices into the same physical switches, but have them appear to be on 2 different switches from the devices POV.
A DMZ is an area of your network set aside to handle "undefined" traffic. Let's say someone tries to connect to your IP address on FTP from the outside world. Your router has not been set up to handle FTP traffic. The router can be configured to route this traffic (because it has no specific rules to handle ftp) to a DMZ - generally a particular machine - which may or may not be running an ftp server.
A VPN can be seen as a virtual connection which securely makes your system appear somewhere else on a network.
davidgo
- 73,366