ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Is the concept of DMZ obsolete?

    IT Discussion
    dmz firewall security infosec network security
    5
    6
    882
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • 1
      1337
      last edited by 1337

      When you only had perimeter security using a DMZ made perfect sense.

      But is the concept of DMZ obsolete now?

      I'll ask this as open ended question without any specific scenario in mind.

      Emad RE JaredBuschJ 2 Replies Last reply Reply Quote 1
      • Emad RE
        Emad R @1337
        last edited by

        @Pete-S

        is DMZ the same as jump server ? or that does not fall under this categ.

        JaredBuschJ 1 Reply Last reply Reply Quote 0
        • JaredBuschJ
          JaredBusch @1337
          last edited by

          @Pete-S said in Is the concept of DMZ obsolete?:

          When you only had perimeter security using a DMZ made perfect sense.

          But is the concept of DMZ obsolete now?

          I'll ask this as open ended question without any specific scenario in mind.

          Personally, I never saw the point of a DMZ. Why? Because as soon as it was setup, most places just made connectivity to and from it and the LAN open. That defeats the purpose of it. It is nothing more than a VLAN in today's terms.

          DashrenderD 1 Reply Last reply Reply Quote 2
          • JaredBuschJ
            JaredBusch @Emad R
            last edited by

            @Emad-R said in Is the concept of DMZ obsolete?:

            @Pete-S

            is DMZ the same as jump server ? or that does not fall under this categ.

            Not at all.

            https://en.wikipedia.org/wiki/DMZ_(computing)

            1 Reply Last reply Reply Quote 0
            • DashrenderD
              Dashrender @JaredBusch
              last edited by

              @JaredBusch said in Is the concept of DMZ obsolete?:

              @Pete-S said in Is the concept of DMZ obsolete?:

              When you only had perimeter security using a DMZ made perfect sense.

              But is the concept of DMZ obsolete now?

              I'll ask this as open ended question without any specific scenario in mind.

              Personally, I never saw the point of a DMZ. Why? Because as soon as it was setup, most places just made connectivity to and from it and the LAN open. That defeats the purpose of it. It is nothing more than a VLAN in today's terms.

              Presumably you could have fewer ports opened between zones, limited only to what was needed, but if all unnecessary ports are shut down on your servers, that really shouldn't matter - or at least that was the gist of it.

              1 Reply Last reply Reply Quote 0
              • scottalanmillerS
                scottalanmiller
                last edited by

                A proper DMZ is still a valid concept, but was never that big of a deal. There are almost no resources that make sense to put there. If you have those resources, then sure. But who does? The advent of cloud computing, cheaper colocation, better IT knowledge, etc. has led most shops to not try to make "internal/external" shared resources where one side is public and the other uses LAN security; and what little of that remains in need is generally addressed with VLANs in a slightly different way.

                1 Reply Last reply Reply Quote 0
                • 1 / 1
                • First post
                  Last post