You are currently viewing What is a DMZ? (Demilitarized Zone)

What is a DMZ? (Demilitarized Zone)

A DMZ, or demilitarized zone, is used to help improve the security of an organization’s network by segregating devices, such as computers and servers, on the opposite sides of a firewall. And setting up a DMZ in your home router designates a device as a DMZ host and will forward all the ports to that device.

Wifi router that I recommend (affiliate)

I am a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for us to earn fees by linking to and affiliated sites.


This Post Has 48 Comments

  1. Oscar Vega

    why is the firewall forbidden? arent firewalls good for security?

  2. RJ L

    I'm an IT guy, and this is an excellent YT-channel.

  3. Tilan

    Thanks for the great video!! I have a question, when you put a device outside your firewall (in DMZ) does it mean it is on a different subnet to the internal network or is the device still on the same subnet as the internal network?

  4. Elite_ Eight

    Amazing and clear explanation. I was reading up and down the web failing to understand that. You helped me a lot thx

  5. Mashus

    This video is everything I needed and more. Thank you.

  6. iKrillan

    my netgear orbi wifi 6 has a setting called DMZ server, but it ask to put an IP address in. Do i put my ps5 IP address or what

  7. paritoshrjn

    A DMZ with only one firewall actually increases security risk by providing a false sense of security. It actually is making the servers in DMZ vulnerable.

  8. Thomas Stambaugh

    The security professionals I know scoff at the term "DMZ" to describe any configuration other than the two-firewall arrangement starting at 3:25. An aspect of operating a DMZ that you didn't mention is that each system running in the DMZ should run an image copied from a server in the protected area, and that image should have strong reference hash associated with it. A monitor should recompute the hash for each system periodically and compare it with its reference hash. Any malware that might find its way into the DMZ will be detected by the monitor, and can be immediately replaced by its reference image in the protected area.

    As more people work from home in the post-pandemic era, the demand for increased security will escalate. Many or most employers require their home workers to use an employer-provided system for company work. That system should NEVER be on the same private network as the other devices in the home – especially if any of those devices is accessible from outside.

    The proper configuration of a home network might be a good candidate for its own video. The security professionals I work with recommend one firewall at the connection to the outside, and another firewall for the devices from each employer (a home with two remote workers would therefore have at least three firewalls). The result is a private network segment for each employer, with shared resources on another private network. Any cloud-facing device is configured in the (real) DMZ.

  9. VirtualSkin

    The DMZ was invented after the Noth-South Korea network conflict lol

  10. K L.

    This has been one of the most clear and helpful videos in my IT studies


    Hi i hope you can help me? i;d like to put my ps5 into DMZ but should i turn off UPnP because this could cause interference? thank you.

  12. Luke Warren

    Dude! Thank you so much! You have no idea how hard it has been just to get a basic summary on what this is!

  13. Bluelight

    What kind of firewall do you use for properly securing a server and gaming PC with the two firewall setup? Will the pfsense work well for this?

  14. tokzilicious1

    Thank you so much, very informative. Now I fully understand the concept of DMZ.

  15. AB

    Finally I understand what a DMZ is !! Thank you so much PowerCert.

  16. TB7

    Fantastic explanation. Thank you very much.

  17. Excellent information, so simple and very informative. I like the way you explained. Thank you 🙂

  18. Eric Forman

    Thanks for the wonderful explanation, really appreciated

  19. love your presentaion it's amazing! now I get it perfectly! but I do have 1 question: how can I DMZ multiple device/console because on the DMZ setting there is only place for 1 DMZ IP
    thank you in advance

  20. Great video as always. Anytime I’m having trouble understanding a concept, especially in Networking, I come here. I can’t find anyone else who explains these things better.

  21. IrishGuitarist1

    No need for 2 firewalls.
    Creat 2 segregated networks on the same firewall and only allow specific traffic between them.

  22. MondoDuke

    whenever im stuck on a concept, i come to your videos. Thanks

  23. Angelo Ramirez

    Gah damn, see this is what I like no reading reading is boring to me personally but videos like this and animation showing as you are talking really got me. This is from an ADHD pothead man. Now, to tackle this issue with my Verizon 5g White Cube to use my Asus AND then I must tinker with load balancing to get that 10/10 decent ping from the wireless UW 5g Verizon is giving. Thanks again, subbed.

Leave a Reply