asked on

HyperV, security and best practices questions

So I am looking to deploy a hyperV box with multiple public facing servers that need little to no bottleneck in the way as far as performance. My question is, what is the standard best practice to do this and maintain secured environment to manage the servers? I know I can deploy a private networks behind a firewall and connect via RDP to the boxes etc, but what is the best way to put a public network on with public IP's and make sure that only certain ports are accessible via the public IP.

Mahesh

Hyper-V don't knows any technology that servers will be going to publish on internet, it just provide you hosting of VMs

it depends on what is the purpose of publishing servers

If you wanted to access those servers over RDP from internet, you could use RD gateway deployed and then can access those servers via RD gateway, that way you don't need to publish those servers on internet

If those servers are acting as web servers, do IP natting on firewall from public IP to private IP and just allow only required ports (80, 443 etc.)

its certainly not best practice to put public IP directly on VM network card unless you have specific requirement, it will hit traffic directly on VMs and it will make those VMs vulnerable, may be brut force attack etc
If you have any technology (like intrusion detection system) in between which can inspect direct server traffic and block if found any security issues, then you may put public IP on public network of VM

Mahesh.

ASKER CERTIFIED SOLUTION

Philip Elder

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial