An explanation of DMZ can be found on Wikipedia. There are some diagrams of a single firewall and dual firewall DMZ. The idea is to leave all L3/routing on firewalls and strictly control the traffic that is allowed to/from the outside (and inside) world. Personally I would leave DMZ switches only L2 (switching) and not put any L3 (routing/management) in any of the DMZ VLANs.
From networking perspective a DMZ switch is not very different from another switch, or an internet switch. In general, limit the exposure and lock down the configuration. Because 'DMZ switch' is an arbitrary term, and ask 10 people, get 10 different answers, it may be best to ask your client what they expect from it. And there should be (created) a design that has the physical, L2, L3 and security policies in there. You can't just ask for a DMZ switch and suppose it's fully clear what is meant with that. It may even be the same as the other (TOR) switches, or different as you just need L2.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------
Original Message:
Sent: Mar 19, 2024 02:40 AM
From: otyheno
Subject: Layer 3 Switch with DMZ
Thank you all for sharing your knowledge and insights.
Maybe if you could guide me on the best practices for setting up a DMZ.
Original Message:
Sent: Mar 14, 2024 07:56 AM
From: otyheno
Subject: Layer 3 Switch with DMZ
It Was a requirement specification shared by client
Layer 3 Switch with DMZ - 24port Ethernet 10G Base-T
Original Message:
Sent: Mar 14, 2024 07:51 AM
From: Thomas Siegenthaler
Subject: Layer 3 Switch with DMZ
Can you elaborate a bit more on your requirements? What features do you expect, what types of ports do you need, what should be connected to the switch?
Original Message:
Sent: 3/14/2024 5:08:00 AM
From: otyheno
Subject: Layer 3 Switch with DMZ
Which aruba switch is suitable for DMZ