DMZ (Demilitarized Zone)
A DMZ (Demilitarized Zone) in network security is a physical or logical subnetwork that separates an internal local area network (LAN) from other untrusted networks, usually the internet. The DMZ contains the external-facing services of an organization, such as web servers and mail servers, to provide a layer of protection by limiting access to the internal network. It acts as a buffer zone, ensuring that incoming traffic to the exposed services does not directly reach the core internal network, thereby enhancing security.