Demilitarized Zone (DMZ) secures the computers of your enterprise from data breaches and vulnerabilities by creating an additional layer of security to your in-house computers. A DMZ acts as a buffer and prevents the direct exposure of Endpoint Central server to the internet.
When a secure gateway server is placed in a DMZ, sandwiched between one or two firewall(s), Endpoint Central's internal network is secured from external access. DMZ provides an additional layer of security by restricting remote access to internal servers containing valuable/sensitive information. The agents of various remote offices and roaming users trying to reach Desktop Server will seamlessly parse the information without reaching the local network.
While configuring Endpoint Central Server in DMZ, the server will be directly exposed to internet
Endpoint Central Secure Gateway Server acts as a secure gatekeeper to the Endpoint Central Server. The configured Secure Gateway Server will be directly exposed to internet and serves as an intermediate between the Endpoint Central Server and computers of various branch offices or roaming users (WAN). All communications from the roaming agents will be routed through the Secure Gateway. When the agent tries to contact the Endpoint Central server, the Secure Gateway server receives all the communications and redirects to Endpoint Central Server.
Placing a secure gateway server in a DMZ has many advantages. By configuring Endpoint Central secure gateway server, you can
Know more on configuring Secure Gateway Server and how it works here.