It's pretty much a a middle-man between the 'internal network' (for instance, a compnay LAN) and an 'external network' (the Internet). It's kinda like a firewall. More information here.

[url]http://en.wikipedia.org/wiki/Demilitarized_zone_%28computing%2*[/url]

As for bypassing it, here is a pdf/powerpoint on the techniques used for this kind of thing.

[url]http://www.terena.org/activities/tf-csirt/meeting*/gowdiak-bypassing-firewalls.pdf[/url]