Windows 2012 R2 -- hyperV DMZ ?

Is it OK to put both both external
and internal hyper-v on same physial
server or should they be on different
physial servers to insure proper DMZ
segregation on my Dell SonicWall firewall ?

http://www.experts-exchange.com/Networking/Network_Management/Network_Design_and_Methodology/Q_26811952.html
acts like it might be OK to have
them on the same physial server.
finance_teacherAsked:
Who is Participating?
 
MattConnect With a Mentor Commented:
If you have network segmentation properly configured, it should be no problem. The same thing is valid also for VMware.

I have for smaller customers all on one Hyper-V host, behind is network defined for internal LAN, DMZ zones, all is controlled by CISCO ASA FW.

Hyper-V:
- 1 team for management
- 1 team for LAN
- 1 team for DMZ

LAN and DMZ are configured as trunks, teaming interface has no IP. All is done on network interface of the virtual machine (VLAN identification), access list on ASA - interface of each DMZ zone has its own ACL filter.
0
 
Mohammed KhawajaConnect With a Mentor Manager - Infrastructure:  Information TechnologyCommented:
I have the same in VMware at work and on my home Hyper-V lab.  I have created trunk on the switch ports connected to the Hyper-V (I have 4 NICs): Management (VLAN100), DMZ (VLAN200), LAN (VLAN300), Test (VLAN400), Live-Migration(VLAN500)

I am using 1 NIC for Management, one for Live-Migration and the other two for all VMs (Test, LAN, DMZ, etc.).  This works great as I tag the VLAN in the OS.  This works fine for some Linux servers but for some, I had to create a vswitch with the VLAN tag assigned on the switch (I have decommissioned those VMs) .
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.