tomtom9898
asked on
HyperV, security and best practices questions
So I am looking to deploy a hyperV box with multiple public facing servers that need little to no bottleneck in the way as far as performance. My question is, what is the standard best practice to do this and maintain secured environment to manage the servers? I know I can deploy a private networks behind a firewall and connect via RDP to the boxes etc, but what is the best way to put a public network on with public IP's and make sure that only certain ports are accessible via the public IP.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
it depends on what is the purpose of publishing servers
If you wanted to access those servers over RDP from internet, you could use RD gateway deployed and then can access those servers via RD gateway, that way you don't need to publish those servers on internet
If those servers are acting as web servers, do IP natting on firewall from public IP to private IP and just allow only required ports (80, 443 etc.)
its certainly not best practice to put public IP directly on VM network card unless you have specific requirement, it will hit traffic directly on VMs and it will make those VMs vulnerable, may be brut force attack etc
If you have any technology (like intrusion detection system) in between which can inspect direct server traffic and block if found any security issues, then you may put public IP on public network of VM
Mahesh.