At 06:54 PM 9/6/97 -0400, "Michael C.Richardson" (formerly with MilkyWay)
>-----BEGIN PGP SIGNED MESSAGE-----
> [I'll wade in here]
>>>>>> "Frank" == Frank Willoughby <frankw @
> Frank> Your definition of a DMZ is different than the definition I
> Frank> am familiar with & is the same definition which is shared
> Frank> by other InfoSec colleagues. FWIW, interestingly enough, I
> Well, the use of it has mutated since around 1996, mostly due to
>Raptor consultants, I think. (FW-1 people may also be responsible)
> DMZ used to be place ont the network that *physically* under your
>control, but was *logically* not protected. The segment between your
>firewall and your border router.
Others, as well as my humble self were using this term when I worked
on DoD projects in the mid eighties. The same terminology & concepts
I used then were also used internally at a hi-tech corporation in
'90-94 where I worked as an ISO (Information Security Officer) &
designed every internal network security solutions for the country
where I worked. This term was used in numerous internal documents.
FWIW, most firewall vendors have a different names for what I call
a DMZ. But who cares? IMO, it really doesn't matter what we call
it. It's just important that we agree on basic terminology when
we start our discussions so that we have a common frame of reference.
IOW, there is no "right" name for it. I have always used DMZ for
it & others have other names for it. Since I have always used the
term DMZ, I see no reason to stop now. YMMV.
> [BTW: I understand that Milkyway Networks has now dropped their
The point of which is.....???
(You used to work at MilkyWay and are now grinding an axe?)
The opinions of the author of this mail may not necessarily be
representative of the opinions of Fortifed Networks, Inc.
Fortified Networks, Inc. - http://www.fortified.com/
Expert (vendor-neutral) Computer and Network Security Consulting
Phone: (317) 573-0800 Fax: (317) 573-0817