VMware Cloud Community
TheVMinator
Expert
Expert
‎01-22-2015 03:02 PM

Network Isolatiion and HIPAA

I have an environment with a number of clusters.  When attempting to plan for HIPAA, can I put VMs that don't fall in scope on one cluster, VMs that do fall in scope on a separate cluster, have them share the same physical switch infrastructure, but just have separate vlans with no routing between the HIPAA and non-HIPAA vlans?  Or do I need separate physical switches or a separate virtual device context in my physical switch to create acceptable isolation?

0 Kudos
2 Replies
Texiwill
Leadership
Leadership
‎01-29-2015 05:29 AM

Hello,

See my discussion in SAN Zoning, masking and compliance for how best to achieve this. Remember that a vSphere host already has minimally 4 trust zones, HIPAA is just anotehr one and you need the appropriate tool to manage. In addition to the other tools mentioned, you can employ VCNS App or NSX microsegmentation to achieve the appropriate network isolation, which ever you currently have available.

Best regards,
Edward L. Haletky
VMware Communities User Moderator, VMware vExpert 2009, 2010, 2011,2012,2013,2014

Author of the books 'VMWare ESX and ESXi in the Enterprise: Planning Deployment Virtualization Servers', Copyright 2011 Pearson Education. 'VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment', Copyright 2009 Pearson Education.

Virtualization and Cloud Security Analyst: The Virtualization Practice, LLC -- vSphere Upgrade Saga -- Virtualization Security Round Table Podcast

--
Edward L. Haletky
vExpert XIV: 2009-2023,
VMTN Community Moderator
vSphere Upgrade Saga: https://www.astroarch.com/blogs
GitHub Repo: https://github.com/Texiwill
TheVMinator
Expert
Expert
‎02-13-2015 05:57 AM

Ok great thanks!

0 Kudos