Advanced Security Concepts

A wealth of security concepts have been covered and now some of the techniques used in areas of your network will be covered that are vulnerable to attacks, in particular, the Demilitarized Zone (DMZ).

The DMZ is defined as an isolated part of the network that is easily accessible to hosts outside of the network, such as the Internet.

Figure 7-1 displays a typical network design where a DMZ is defined with a number of bastion hosts (first line of defense or hosts that can be scarified in case of a network attack or attacks).

Figure 7-1. DMZ Design

Figure 7-1 displays a typical perimeter network where the DMZ is separated ...

Get CCIE Security Exam Certification Guide now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.