Vmware Machines in a DMZ

I would like to know if I need to put some VM machines in a DMZ (between 2 physical firewall appliances), then do I need to put a physical ESX server in the DMZ , or there is another way  to do that ?

Thank you
jskfanAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Seth SimmonsSr. Systems AdministratorCommented:
one place where i was recently, we had the dmz vlan accessible from the esx host and whatever guests we were putting there, just selected the adapter for that vlan
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
I would never put a ESXi Host Management Network on a DMZ.

But ESXi hosts can Host VMs, in a DMZ, with correct networking.
jskfanAuthor Commented:
Just run the Cat5/6 cable to the switch in DMZ on one end and the Nic of ESX server on the other end ?
Acronis True Image 2019 just released!

Create a reliable backup. Make sure you always have dependable copies of your data so you can restore your entire system or individual files.

Try Now
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
Correct, make sure it's a different vSwitch with different Virtual Machine Portgroup and label DMZ
jskfanAuthor Commented:
If My ESX host has 2 or more physical Nics, can I plug one of them to the switch in DMZ and leave others plugged to the switch inside the Network ?
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
Yes, but then, you have instroduced a single point of failure, with only a nic per vSwitch, you should have at least two!
jskfanAuthor Commented:
so what do you suggest if I need to have VMs in the DMZ ?

an ESX host with 4 Nics?
jskfanAuthor Commented:
I meant an ESX server with 2 Nics inside the network and 2 Nics in the DMZ ?
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
Well you can have a ESXi host with two nics, since vSwitch, and VLANs.

if you do not use VLANs, then ESXI host with four nics, two nics per vSwitch.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
jskfanAuthor Commented:
Thank you
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VMware

From novice to tech pro — start learning today.