Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Windows 2012 R2 -- hyperV DMZ ?

Posted on 2015-02-16
2
Medium Priority
?
450 Views
Last Modified: 2016-11-23
Is it OK to put both both external
and internal hyper-v on same physial
server or should they be on different
physial servers to insure proper DMZ
segregation on my Dell SonicWall firewall ?

http://www.experts-exchange.com/Networking/Network_Management/Network_Design_and_Methodology/Q_26811952.html
acts like it might be OK to have
them on the same physial server.
0
Comment
Question by:finance_teacher
2 Comments
 
LVL 6

Accepted Solution

by:
Matt earned 1000 total points
ID: 40612608
If you have network segmentation properly configured, it should be no problem. The same thing is valid also for VMware.

I have for smaller customers all on one Hyper-V host, behind is network defined for internal LAN, DMZ zones, all is controlled by CISCO ASA FW.

Hyper-V:
- 1 team for management
- 1 team for LAN
- 1 team for DMZ

LAN and DMZ are configured as trunks, teaming interface has no IP. All is done on network interface of the virtual machine (VLAN identification), access list on ASA - interface of each DMZ zone has its own ACL filter.
0
 
LVL 25

Assisted Solution

by:Mohammed Khawaja
Mohammed Khawaja earned 1000 total points
ID: 40612944
I have the same in VMware at work and on my home Hyper-V lab.  I have created trunk on the switch ports connected to the Hyper-V (I have 4 NICs): Management (VLAN100), DMZ (VLAN200), LAN (VLAN300), Test (VLAN400), Live-Migration(VLAN500)

I am using 1 NIC for Management, one for Live-Migration and the other two for all VMs (Test, LAN, DMZ, etc.).  This works great as I tag the VLAN in the OS.  This works fine for some Linux servers but for some, I had to create a vswitch with the VLAN tag assigned on the switch (I have decommissioned those VMs) .
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The following article is comprised of the pearls we have garnered deploying virtualization solutions since Virtual Server 2005 and subsequent 2008 RTM+ Hyper-V in standalone and clustered environments.
Getting to know the threat landscape in which DDoS has evolved, and making the right choice to get ourselves geared up to defend against  DDoS attacks effectively. Get the necessary preparation works done and focus on Doing the First Things Right.
In this Micro Tutorial viewers will learn how to restore single file or folder from Bare Metal backup image of their system. Tutorial shows how to restore files and folders from system backup. Often it is not needed to restore entire system when onl…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question