A segment designed to host publicly accessible services while isolating them from the internal network is known as what?

A DMZ is a dedicated network segment placed at the boundary between the public Internet and an internal network to host services that must be publicly accessible while keeping the internal network isolated. This setup lets external users reach services like a website or mail gateway, while traffic from those services is strictly controlled by firewalls and other security devices so that only limited, vetted communications can pass to the internal network. If a service in the DMZ is compromised, the breach is contained within that segment, reducing risk to sensitive internal resources. Sometimes a Bastion Host is placed in the DMZ as a hardened entry point for external administration, but the described concept is the DMZ itself. An extranet involves sharing internal resources with trusted external partners, not creating a standalone segment for public services. Data Interface isn’t a standard term for this network arrangement.