Contact us
Contact us
E-mail
E-mail
Locations
Locations
Cancel

Start searching

This search is based on elasticsearch and can look through several thousand pages in miliseconds.
Learn more
.infrastructure
JobsContact us
DE
27. January 2016

Demilitarized zones deny hackers access to important data

Cybercrime. Data theft. Millions in losses. It doesn't have to be this way: With the right protection against hackers, sensitive data won't fall into the wrong hands. For example, a demilitarized zone, or DMZ for short, provides greater network security. And we at punkt.de have set up such a DMZ for Deutsche Post AG.

router bgp 16188

Patrick M. Hausen
Netzwerke und Infrastruktur sind sein Steckenpferd - damit Sie sich auf eine stabile Anwendung verlassen können.
Share:
Categorys:Technology
Reading duration: approx. 2 Minutes
Reading time approx. 1 minute

Demilitarized zone: in theory ...

Demilitarized zone: have you ever heard of it? But in a completely different context? That may well be the case. The term originally comes from politics and refers to the buffer zone between North and South Korea. But the demilitarized zone also has its own meaning in the network sector - and is now an elementary component of modern network security.

Wasn't there something else? That's right: firewalls. And to protect against hacker attacks, every network should have at least one firewall. However, because companies in particular are increasingly providing digital services and therefore need to be directly connected to the Internet - think home office in this context - the firewall must also increasingly allow a certain connection to the outside world. This naturally entails certain risks.

To keep these as low as possible, a separate network can be set up between the internal network and the Internet: the demilitarized zone. The services and devices that provide parts of the company's internal communication to the outside world are then placed in this DMZ: for example, web servers that are also to be accessed from outside, database servers or mail servers.


Demilitarized zones deny hackers access to important data a diagram

... and practice

The DMZ that we set up for Deutsche Post AG serves to protect the branch IT system and the partner portal, which supports the approximately 13,000 partner branches with customer service. Both applications must be available to their users not only on the intranet, but also on the Internet. However, with all the confidential data that the applications contain, this is not easily possible - or at least not advisable.

The solution? We created "light versions" of the applications and placed the server in the DMZ. On the one hand, of course, this means that the functional scope of the applications is reduced. On the other hand, it also means that internal data is safe from hackers. This is because the servers located in the DMZ are not part of the internal network in terms of security and therefore cannot pass on any information from it to the outside.

For big and small

You may be thinking now: Deutsche Post AG? It's clear that they need something like this. But we as a medium-sized company? Nope - wrong! As soon as data comes into play, security cannot be emphasized enough. This applies to global corporations as well as smaller companies. We at punkt.de also have a DMZ. And we can only advise other SMEs to set one up. Gladly with our help !

Author:Patrick M. Hausen
Share:

More articles

Jeder Einzelne ist ein Tropfen, gemeinsam sind wir ein Meer.
Rebecca Düker, Product Owner at punkt.de
Working at punkt.de