The use of the term demilitarized zone (DMZ) in IT security is metaphoric. Just as a true DMZ between hostile nations represents a "no man's land" unfortified by either side, a DMZ in IT terms represents a network segment that is neither fully trusted nor completely untrusted.
Typically, a DMZ occurs as a third direction coming off of a firewall. As a minimum, firewalls support a trusted inside network and an untrusted outside network. However, certain public-facing services (typically web or email servers) need free access to the outside network, while continuing to require management from the inside. The inside placement of such services is generally too risky. Outside placement is not the best answer, either. So for this reason, a special network segment called the DMZ is created to host these particular services.
An alternative DMZ design might feature public-facing servers sandwiched inline between internal and external firewalls. In any case, with respect to a defense in depth, multilayer security model, the security depth for a DMZ is less than for an inside network and more than that available outside of the firewall.