Mobach logo
Systemhouse Mobach bv - Bufferzone (DMZ)

Home page
Research / development

Bufferzone (DMZ) overview.

A demilitarized zone (DMZ) is only needed in case your organization wants to offer services to Internet users in general or some selected groups of Internet users. Examples are e-mail services for users not connected via Virtual Private Networks (VPN's) and a website which offers information from a data base on a server in the internal network.

Such a DMZ works like a bufferzone between the internal network and the Internet. This bufferzone is guarded at the side of the Internet and at the side of the internal network with a firewall. The minimal configuration of the DMZ consists besides the firewalls of one so-called proxy and relay server, which offers the services to the intended users on the Internet. This proxy and replay server receives the data it needs to present from one or more servers on the internal network. A separate logserver is securitywise needed to make checking all activities in the DMZ possible.

Additional services like VPN's and mailrelay can simply be added to this DMZ architecture. The additional use of proxies for services like Internet Domain Name System (DNS) and websurfing (HTTP) lowers to need for telecommunication bandwidth and thus the costs.

DMZ architectuur

Security ?

Security can only be reached by appropriate countermeasures, under which at least the daily check of their status. Every day, 7 days a week. That's why these DMZ systems always include two firewalls and a logserver, which can block unwanted network traffic and signal that also. The use of more than one firewall makes redundant security measures possible, which is better for your security.

Free Software.

Our DMZ systems are build of standard components and Free Software, amongst others GNU/Linux. The developpers of these software packages have proven in the past to build good and reliable software. And that security fixes will come very soon, sometimes within some hours. Another appreciated thing of this software is that no additional fees are charged for extra users.

High availability.

Organizations which can't afford the possible downtime of all of their webservices in case of a system breakage at their headquarter we can offer our high-availability solution with the introduction of a backup proxy server and / or the firewalls. In case of a failure of a primary server the backup server will take over the existing connections within seconds. Most of your visitors won't even notice.

  Last change at 2010-12-17 by Fred Mobach <> Copyright © 2002 Fred Mobach  
  Powered by Linux  
Best viewed with any browser, and scripting disabled ;-)

These webpages are quietly served by, one of my stable Linux computers.
  Powered by Apache