We'd need to know for sure what topology he was mentioning but I'm guessing he was talking about DMZ like you mentioned.
From the sounds of it, he's talking about having the video surveillance equipment in the DMZ with the rest of the network behind a second firewall. This would indicate to me that the surveillance is not important to them to secure, and they're more concerned about what would be behind the second firewall.
The video surveillance equipment/cameras would be just as at risk (or more) sitting in the DMZ.
The benefit to the customer is that if a vulnerability in the NVR/VMS/cameras is exploited to gain "root access" to the equipment, the attacker has access only to what was exposed to the internet through the first firewall. If nothing is forwarded through the second firewall, they can still mess with the surveillance system/cameras, disable it, delete video etc. But they cannot access any of the business systems behind behind door number 2.
There are business grade routers/firewalls with the ability to implement a DMZ easily and securely. It can be done with just about any router, including consumer models, but TBH I don't really trust consumer routers to implement DMZ in a smart and secure way. In my experience, all it means is that any connection request from outside the local network gets forwarded to the designates IP. The PC receiving that traffic can actually still communicate with any other node on the network, so it defeats the purpose and results in an even more exposed network than before.
My experience with consumer routers DMZ settings is that they're used by teenagers who don't understand port forwarding and use DMZ as a "catchall". They might have improved a lot since I was one of those teens, but if the customer is not using good business grade equipment, you can "stack" a couple of cheap routers and accomplish more or less the same thing.