[THIN] Re: OT: VMWare ESX 3.x Internal / DMZ networks on same physical server

• From: "Roger Riggins" <roger.riggins@xxxxxxxxxx>
• To: <thin@xxxxxxxxxxxxx>
• Date: Mon, 19 Feb 2007 09:40:27 -0600

We have the same setup. Just make sure you only have NICs for the DMZ
network in that VM. Your network team should be able to run a sniffer on
the LAN interface and watch for traffic from that VM.



Roger Riggins
Network Administrator
Lutheran Services in Iowa
w: 319.859.3543
c: 319.290.5687
http://www.lsiowa.org





-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Joe Shonk
Sent: Sunday, February 18, 2007 6:20 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: OT: VMWare ESX 3.x Internal / DMZ networks on same
physical server



Well, can your security team provide you any information on why they
think it's a bad idea?  Just because someone thinks something is
possible doesn't mean it is possible.  Likewise, any device you expose
to the internet is susceptible to attacks.

For the most you should be ok provided you setup a separate vswitch with
a separate set of NICs.  Perhaps if they don't like your solution, they
can provide the funds for a better one.

Joe

On 2/18/07, Michael Pardee <pardeemp.list@xxxxxxxxx> wrote:

We have dedicated physical NICs for the DMZ, Internal networks, and the
console.  Is anyone doing this today?  We are, and even received the
blessing of our Security team, but our Network Team now has concerns
over the security and are trying to stop us from moving any further in
this direction.  Everything I can find actually leads me to believe that
this is a solid solution, but I was curious if others here have had to
deal with this.  I don't want to jeopardize our security, but I also was
not planning on additional hardware for 2007 if I need to bring VMWare
ESX up physically in the DMZ.

Thanks in advance.

Michael Pardee
http://www .blindsquirrel.org




<b>Lutheran Services in Iowa Confidentiality Notice:</b><br>
<red>The information contained in this communication may be confidential,
is intended only for the use of the recipient(s) named above, and
may be legally privileged. If the reader of this message is not the
intended recipient, you are hereby notified that any dissemination,
distribution, or copying of this communication, or any of its
contents, is strictly prohibited. If you have received this
communication in error, please return it to the sender immediately
and delete the original message and any copy of it from your computer
system. If you have any questions concerning this message, please
contact the sender.</red>

Other related posts:

• » [THIN] OT: VMWare ESX 3.x Internal / DMZ networks on same physical server
• » [THIN] Re: OT: VMWare ESX 3.x Internal / DMZ networks on same physical server
• » [THIN] Re: OT: VMWare ESX 3.x Internal / DMZ networks on same physical server
• » [THIN] Re: OT: VMWare ESX 3.x Internal / DMZ networks on same physical server
• » [THIN] Re: OT: VMWare ESX 3.x Internal / DMZ networks on same physical server
• » [THIN] Re: OT: VMWare ESX 3.x Internal / DMZ networks on same physical server
• » [THIN] Re: OT: VMWare ESX 3.x Internal / DMZ networks on same physical server
• » [THIN] Re: OT: VMWare ESX 3.x Internal / DMZ networks on same physical server
• » [THIN] Re: OT: VMWare ESX 3.x Internal / DMZ networks on same physical server
• » [THIN] Re: OT: VMWare ESX 3.x Internal / DMZ networks on same physical server
• » [THIN] Re: OT: VMWare ESX 3.x Internal / DMZ networks on same physical server
• » [THIN] Re: OT: VMWare ESX 3.x Internal / DMZ networks on same physical server
• » [THIN] Re: OT: VMWare ESX 3.x Internal / DMZ networks on same physical server
• » [THIN] Re: OT: VMWare ESX 3.x Internal / DMZ networks on same physical server
• » [THIN] Re: OT: VMWare ESX 3.x Internal / DMZ networks on same physical server
• » [THIN] Re: OT: VMWare ESX 3.x Internal / DMZ networks on same physical server
• » [THIN] Re: OT: VMWare ESX 3.x Internal / DMZ networks on same physical server
• » [THIN] Re: OT: VMWare ESX 3.x Internal / DMZ networks on same physical server
• » [THIN] Re: OT: VMWare ESX 3.x Internal / DMZ networks on same physical server
• » [THIN] Re: OT: VMWare ESX 3.x Internal / DMZ networks on same physical server
• » [THIN] Re: OT: VMWare ESX 3.x Internal / DMZ networks on same physical server
• » [THIN] Re: OT: VMWare ESX 3.x Internal / DMZ networks on same physical server
• » [THIN] Re: OT: VMWare ESX 3.x Internal / DMZ networks on same physical server
• » [THIN] Re: OT: VMWare ESX 3.x Internal / DMZ networks on same physical server
• » [THIN] Re: OT: VMWare ESX 3.x Internal / DMZ networks on same physical server
• » [THIN] Re: OT: VMWare ESX 3.x Internal / DMZ networks on same physical server
• » [THIN] Re: OT: VMWare ESX 3.x Internal / DMZ networks on same physical server
• » [THIN] Re: OT: VMWare ESX 3.x Internal / DMZ networks on same physical server
• » [THIN] Re: OT: VMWare ESX 3.x Internal / DMZ networks on same physical server
• » [THIN] Re: OT: VMWare ESX 3.x Internal / DMZ networks on same physical server
• » [THIN] Re: OT: VMWare ESX 3.x Internal / DMZ networks on same physical server
• » [THIN] Re: OT: VMWare ESX 3.x Internal / DMZ networks on same physical server
• » [THIN] Re: OT: VMWare ESX 3.x Internal / DMZ networks on same physical server

1. Home
2. thin
3. Archive
4. 02-2007

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---