Solved

Windows 2012 R2 -- hyperV DMZ ?

Posted on 2015-02-16
2
345 Views
Last Modified: 2016-11-23
Is it OK to put both both external
and internal hyper-v on same physial
server or should they be on different
physial servers to insure proper DMZ
segregation on my Dell SonicWall firewall ?

http://www.experts-exchange.com/Networking/Network_Management/Network_Design_and_Methodology/Q_26811952.html
acts like it might be OK to have
them on the same physial server.
0
Comment
Question by:finance_teacher
2 Comments
 
LVL 6

Accepted Solution

by:
Matt earned 250 total points
ID: 40612608
If you have network segmentation properly configured, it should be no problem. The same thing is valid also for VMware.

I have for smaller customers all on one Hyper-V host, behind is network defined for internal LAN, DMZ zones, all is controlled by CISCO ASA FW.

Hyper-V:
- 1 team for management
- 1 team for LAN
- 1 team for DMZ

LAN and DMZ are configured as trunks, teaming interface has no IP. All is done on network interface of the virtual machine (VLAN identification), access list on ASA - interface of each DMZ zone has its own ACL filter.
0
 
LVL 25

Assisted Solution

by:Mohammed Khawaja
Mohammed Khawaja earned 250 total points
ID: 40612944
I have the same in VMware at work and on my home Hyper-V lab.  I have created trunk on the switch ports connected to the Hyper-V (I have 4 NICs): Management (VLAN100), DMZ (VLAN200), LAN (VLAN300), Test (VLAN400), Live-Migration(VLAN500)

I am using 1 NIC for Management, one for Live-Migration and the other two for all VMs (Test, LAN, DMZ, etc.).  This works great as I tag the VLAN in the OS.  This works fine for some Linux servers but for some, I had to create a vswitch with the VLAN tag assigned on the switch (I have decommissioned those VMs) .
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
In this Micro Tutorial viewers will learn how they can get their files copied out from their unbootable system without need to use recovery services. As an example non-bootable Windows 2012R2 installation is used which has boot problems.
In this Micro Tutorial viewers will learn how to restore single file or folder from Bare Metal backup image of their system. Tutorial shows how to restore files and folders from system backup. Often it is not needed to restore entire system when onl…

948 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now