one) A middle ground between an organization's trusted internal network and an untrusted, external network such as the Internet. Also called a "perimeter network," the DMZ is a subnetwork (subnet) that may sit between firewalls or off one leg of a firewall. Organizations typically place their Web, mail and authentication servers in the DMZ. DMZ is a military term that refers to the area between two enemies. See bastion host
and opening a port
All servers exposed to the Internet (the bastion hosts) are located in the DMZ, which is isolated from the public Internet and the private LAN by screening routers.