Put VMs behind firewall

TheDig · ‎02-19-2013

Experts, I have a cluster has 12 hosts, and somewhere 30 virtual machines. 3 VMs out of all count I want to put behind firewall. What are possibilities, and best practices?

Good ideas are appreciated.

Thank you,

Daksh

Sreec · ‎02-20-2013

Hi,

Understand that your requirement is specific to 3 VM's. However would you like to go with Vmware Vshield - Firewall/NAT/DHCP/Load balancing/Site-Site VPN etc >http://www.vmware.com/pdf/vshield_50_quickstart.pdf .If you have plans to implement Vcloud ,certainly a great step

Cheers,
Sree | VCIX-5X| VCAP-5X| VExpert 7x|Cisco Certified Specialist
Please KUDO helpful posts and mark the thread as solved if answered

TheDig · ‎02-20-2013

Sreec, thanks for response. Licensing cost of vShield is high, and I don't want to spend that much. My VMs running some applications uses Tomcat, and somehow cause of vulnerability. Customer will be able to upgade Guest OS and application in October 2013.

I have another DMZ Cluster in the same VC, and planning to isolcate VMs creating a seperate vSwith, that will use VLAN from DMZ network.

What you say on this?

Thanks,

Daksh

Sreec · ‎02-20-2013

Hi Daksh,

Yes,you are right VSM requires a Distinct license

1) I have another DMZ Cluster in the same VC, and planning to isolcate VMs creating a seperate vSwith, that will use VLAN from DMZ network.

What you say on this?

That should certainly work,also please do check http://www.vmware.com/files/pdf/dmz_virtualization_vmware_infra_wp.pdf

2)My VMs running some applications uses Tomcat, and somehow cause of vulnerability. Customer will be able to upgade Guest OS and application in October 2013.

Hope we are sure that fix for Vulnerability is >Upgrade Guest O/S and apps?

Cheers,
Sree | VCIX-5X| VCAP-5X| VExpert 7x|Cisco Certified Specialist
Please KUDO helpful posts and mark the thread as solved if answered

All

Put VMs behind firewall