The Science DMZ Architecture and Security

The Science DMZ design pattern is accepted as best practice for connecting high-performance data-intensive science resource to wide area science networks. In addition, the Science DMZ provides a framework for securing these assets in a performant way - this is critically important as data sets continue to grow and science collaborations become more distributed. A Science DMZ allows for the segmentation of cybersecurity risk, the reduction of complexity (both for cybersecurity and for performance engineering), and the achievement of consistently high performance for network-based data transfer and related applications. The Science DMZ is further documented on ESnet’s Fasterdata knowledge base.