VMware Cloud Community
Aliamiri1061
Contributor
Contributor
Jump to solution

How To design My Network To Create DMZ

Hello Everybody,

Actually i want to create DMZ for some of my virtual machine. this picture is simple of my network , what i should to do ?

pastedImage_2.png

1 Solution

Accepted Solutions
MBreidenbach0
Hot Shot
Hot Shot
Jump to solution

The short answer:

define DMZ IP subnet

define DMZ VLAN

configure VLAN on switches

configure IP routing on firewall

configure firewall rules on firewall

create DMZ portgroup on distributed switch and assign DMZ VLAN

The complex answer:

depends on budget and paranoia.

When you look at the recent spectre/meltdown desaster: do you want DMZ VMs running on the same hosts as your internal VMs ? So you may want a dedicated cluster for DMZ VMs.

View solution in original post

2 Replies
MBreidenbach0
Hot Shot
Hot Shot
Jump to solution

The short answer:

define DMZ IP subnet

define DMZ VLAN

configure VLAN on switches

configure IP routing on firewall

configure firewall rules on firewall

create DMZ portgroup on distributed switch and assign DMZ VLAN

The complex answer:

depends on budget and paranoia.

When you look at the recent spectre/meltdown desaster: do you want DMZ VMs running on the same hosts as your internal VMs ? So you may want a dedicated cluster for DMZ VMs.

Aliamiri1061
Contributor
Contributor
Jump to solution

Thank you so much

Reply
0 Kudos