A network segment that acts as a buffer zone between two networks of different trust levels, often between an internal OT network and external IT or internet. An Industrial DMZ (or IDMZ) is commonly set up between the plant control network and the corporate IT network. It hosts servers (like historians, remote access jump hosts, etc.) that need to communicate with both sides. The idea is to tightly control and inspect traffic between OT and IT, reducing direct exposure of critical control systems.
