Hybrid DMZ Reference Designs for vCloud Air are a series of recommended architectures, or designs, created to help users introduce the tools, resources and services commonly found in on-premises data centers to the public cloud. It is based on the concept of the demilitarized zone (DMZ) in computing and offered as part of VMware's vCloud Air cloud computing services platform. Hybrid DMZ accomplishes this by creating an aggregation and isolation point between the user's existing vCloud Air deployments, the Internet and their on-premises IT estate.
This compatibility with on-premises architecture allows for a greater degree of security, as Hybrid DMZ implements a secure DMZ checkpoint that extends the user's on-premises security and governance policies, thus eliminating inconsistencies between on-premises and cloud security policies. With Hybrid DMZ, users can also run perimeter security and entry point security services, including intrusion detection systems and firewall.
Hybrid DMZ allows users, including applications teams, a greater degree of control over service and network isolation by giving them free rein over their own isolated cloud environments and Virtual Data Center resources. Hybrid DMZ's aggregation of shared core features such as Active Directory servers and licensing servers helps lower overall costs by reducing the number of duplicate instances that need to be maintained and paid for in each Virtual Data Center.