VMware Cloud Community
buckadmin
Contributor
Contributor

GSX and DMZ VM's Strategy

Hello,

I am relatively new to VM but have a couple GSX instances in my environment. I'd like to leverage the GSX server we have to host DMZ machines along with the internal VM's already running. I have researched quite a bit and found that this can be done successfully with ESX, but I haven't found anything about GSX.

What I am considering is using one of the two NIC's dedicated to the DMZ and the other to internal traffic, then pointing the DMZ VM's the correct NIC. I know this poses a security risk with the host OS. Has anybody done this, and is there a way to do this securely?

Thanks for all you help in advance.

- j.boomer

Reply
0 Kudos
2 Replies
TomHowarth
Leadership
Leadership

from a security point of view I would say no do not even consider this on any hosted VMware product (workstation, Server, Player, Fusion or GSX), all the known VMware vulnerabilities have been found on the hosted platforms. you are just inviting trouble if you cross the security divide on the same host.

It can be done but Personally I would not take the risk with production servers. also GSX as a product is end of life, I would consider replacing this with the free VMware server or look to upgrading to ESX as the earliest convenient point in time

Tom Howarth

VMware Communities User Moderator

Tom Howarth VCP / VCAP / vExpert
VMware Communities User Moderator
Blog: http://www.planetvm.net
Contributing author on VMware vSphere and Virtual Infrastructure Security: Securing ESX and the Virtual Environment
Contributing author on VCP VMware Certified Professional on VSphere 4 Study Guide: Exam VCP-410
Reply
0 Kudos
buckadmin
Contributor
Contributor

Tom,

I appreciate the response. I do have VMware Server instead of GSX, along with a bad habit of calling it by the old name.

Other research I have done has shown the same results. Your reply closes the door on any more thoughts in that direction. Thanks,

- j.boomer

Reply
0 Kudos