[windows2000] Re: Virtual ISA Server
- From: Chris Buechler <win2000@xxxxxxxxxxxxxxxxx>
- To: windows2000@xxxxxxxxxxxxx
- Date: Fri, 30 Nov 2007 00:39:46 -0500
Ray Costanzo wrote:
Hi list,
Although I don’t think that I want to do this, when the thought came
through my head, I wasn’t able to determine the answer to this
question. Would it be technically possible to have a virtual ISA
server that is in a DMZ that is protecting the host operating system
that is behind the DMZ?
Possible, yes. Probably not a good idea though.
I'll explain how with VMware Workstation or Server as I'm most familiar
with them. I presume a hosted product like ESX is out of the question
since you mentioned protecting the host, it's probably a better idea to
run the protected machine as a VM as well though.
With VMware Server, you can bind only the VMware bridge protocol to your
outside NIC, bind the ISA VM's outside interface to a VMnet bridged to
that interface, and bind the ISA VM's inside interface to the VMnet on
the interface your host uses.
A bad idea because a misconfiguration could leave your host OS wide open
and outside of your ISA machine. It would be acceptable to do this in
some environments with ESX, that depends on the specific situation and
your level of risk tolerance. It's much safer with ESX.
*****************************
New Site from The Kenzig Group!
Windows Vista Links, list options
and info are available at:
http://www.VistaPop.com
*****************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.
http://thethin.net/win2000list.cfm
Other related posts:
