Screened Subnet

A network segment that's isolated from the rest of a private network by one or more firewalls that accepts connections from the Internet over designated ports.

Screened subnets use two firewalls placed on either side of the perimeter network zone. One is placed in between the screened subnet and the WAN interface, while the other is placed on a 'choke firewall' that serves as the gateway for the internal LAN.

Triple Homed

Screened subnets can also be configured with a router that has three network interfaces, where one is for WAN connectivity, another is the perimeter subnet, and the third one manages the LAN. You would then configure the router with rules instead of the two firewalls

DMZ Disclaimer (Raw Lesson Content)

Various types of Internet-facing zones or hosts are also popularly referred to as a demilitarized zone (DMZ). This is vague marketing terminology that does not accurately describe the purpose or configuration of a perimeter network. Hosts in a perimeter network remain fully managed by a private organization. Filtered public access is permitted, but there is no "demilitarization" in the sense of making the zone in any way neutral or jointly operated.