Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 463
  • Last Modified:

Windows 2012 R2 -- hyperV DMZ ?

Is it OK to put both both external
and internal hyper-v on same physial
server or should they be on different
physial servers to insure proper DMZ
segregation on my Dell SonicWall firewall ?

http://www.experts-exchange.com/Networking/Network_Management/Network_Design_and_Methodology/Q_26811952.html
acts like it might be OK to have
them on the same physial server.
0
finance_teacher
Asked:
finance_teacher
2 Solutions
 
MattCommented:
If you have network segmentation properly configured, it should be no problem. The same thing is valid also for VMware.

I have for smaller customers all on one Hyper-V host, behind is network defined for internal LAN, DMZ zones, all is controlled by CISCO ASA FW.

Hyper-V:
- 1 team for management
- 1 team for LAN
- 1 team for DMZ

LAN and DMZ are configured as trunks, teaming interface has no IP. All is done on network interface of the virtual machine (VLAN identification), access list on ASA - interface of each DMZ zone has its own ACL filter.
0
 
Mohammed KhawajaManager - Infrastructure: Information TechnologyCommented:
I have the same in VMware at work and on my home Hyper-V lab.  I have created trunk on the switch ports connected to the Hyper-V (I have 4 NICs): Management (VLAN100), DMZ (VLAN200), LAN (VLAN300), Test (VLAN400), Live-Migration(VLAN500)

I am using 1 NIC for Management, one for Live-Migration and the other two for all VMs (Test, LAN, DMZ, etc.).  This works great as I tag the VLAN in the OS.  This works fine for some Linux servers but for some, I had to create a vswitch with the VLAN tag assigned on the switch (I have decommissioned those VMs) .
0

Featured Post

The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now