I have a basic understanding of discovery; however, I want to better understand how DMZ works in real enterprise environments.
I have some questions and would appreciate guidance from experienced professionals:
- What exactly is a DMZ in networking terms?
- Why do organizations place servers in a DMZ instead of the internal network?
- In ServiceNow Discovery, why is a MID Server sometimes installed inside the DMZ?
- How does communication happen between:
- ServiceNow instance
- MID Server
- DMZ servers/devices
- What firewall ports are usually opened for Discovery in a DMZ setup?
- Is inbound connectivity from ServiceNow to the MID Server required?
- When should we use the following:
- one MID Server
- multiple MID Servers
- separate MID Servers for the internal network and the DMZ
- Can someone share a simple real-world architecture example or best practice for Discovery in a DMZ environment?
- What are common mistakes or security concerns while configuring Discovery for DMZ systems?
I would also appreciate any documentation, diagrams, or learning resources
