Hello,

If you are working on testing a VM for vulnerabilities it is always best to work within a private network. It is suggested that you create a vSwitch not connected to the outside world and place the VM in there, plus the attack VM. This way you can create a contained test environment. If you must have access to the outside world then use something like IPcop or Smoothwall to protect the outside from your attacks and the inside from the outside network.

Best regards,

Edward L. Haletky

VMware Communities User Moderator

====

Author of the book 'VMWare ESX Server in the Enterprise: Planning and Securing Virtualization Servers', Copyright 2008 Pearson Education. As well as the Virtualization Wiki at http://www.astroarch.com/wiki/index.php/Virtualization

The security server is the type of VDM server. There can be 3 different types of VDM server(broker) - Standard, Replica and Security server. I am trying to test the security server in a test environment.

I have a ESX box and couple of nic cards. The security server is installed in DMZ. I am trying to create that scenario over here.

Any help will be highly appreciated.

Thanks

Hello,

The best solution is to mimic what you are doing real life. I would use either smoothwall/IPcop VMs to act as your virtual Firewall and place the Security Server within a VM attached to an internal (no pNIC) vSwitch. Have the vFW attached to this vSwitch and a vSwitch attached to a pNIC. This way you have duplicated nearly everything. You can also use Smoothwall to setup a Orange (DMZ) and Green (Internal) Networks but I think you really only want the Orange side. Not sure.

But this is definitely doable from a vSwitch/vFW perspective. i.e.

pNIC -> vSwitch <-> vFW <-> vSwitch (DMZ) <-> Security Server
......................................<-> vSwitch (Green) <-> Pool of VMs

THat is sort of what I envision. I use this type of setup to mimic reality quite a bit.


Best regards,

Edward L. Haletky

VMware Communities User Moderator

====

Author of the book 'VMWare ESX Server in the Enterprise: Planning and Securing Virtualization Servers', Copyright 2008 Pearson Education. As well as the Virtualization Wiki at http://www.astroarch.com/wiki/index.php/Virtualization

Thanks for your comments. ihave downloaded the Smoothwall from the internet. i created a VM and used lsilogic for the scsi adapter. When, I try to install the Smoothwall, it gives me a error message, stating no harddisk. how should I troubleshoot this problem ?

Thanks

Ok, buslogic works, LSI logic won't work. Now, the installationis going on...

I am not sure, as to how should I configure the firewall and the IP settings for the machines. I have installed the Sonicwall.

On the DMZ side (Orange), I want to keep the security server. with Ipaddress - 50.50.50.1 Subnetmask - 255.0.0.0 , On the firewall one of the interface, will have Ipaddress as 50.50.50.2 mask 255.0.0.0

The other interface, will have IPaddress as 10.0.0.1 mask 255.0.0.0 . The Connection server will have IPaddress as 10.0.0.2 mask 255.0.0.0.

Will this configuration work? Am, I missing something ?

Thanks

Hi, can someone please have a look at the steps, & point out the where I am making a mistake.

1) Created 2 Virtual Switch -

Orange & Green

2) Added 2 physical nic card

3) Created 4 VM's

a) AD -

it has 1 vnic

b) VDM Connection Server --- it has 1 vnic

c) VDM Security Server -

it has 2 vnics

d) Smoothwall - Firewall Server ---it has 2 vnics

Now, I want to test the Security Server of VDM.

My setup

-

Security Server has 2 nic cards with 192.x ipaddress

-

Firewall has 2 nic card, one with 192.x ipadress and the other one with 10.x ipaddress

-

the VDM connection server has 1 nic card with 10.x Ipaddress .

But, this setup is not working. Any ideas/suggestion ?

Thanks

Hello,

I think you need to consider everything you are doing from the beginning. I also think you misunderstood how Smoothwall does its work.

A) Smoothwall governs what happens between the Orange and the Green Network by configuring the pinholes you need to get data between those networks.

If your VDM server is going to bypass this you need to understand how it does that. Go to the smoothwall web interface to configure this.

B) Where are all the vNICs for the VMs connected? To what vSwitches? Can you send a diagram or something that will aid in this.

C) Do you know the ports that NEED to be open to get the pool of VMs to work?

D) Does the 'Security Server' act as a firewall itself? If so then using Smoothwall is not the way to go.

I have this on my plate to install but its a little ways off (but I can move it up). But these are all very important questions to answer before going forward. You can duplicate nearly everything using vSwitches and the virtual environment but when dealing with any firewalls you need to know how they work internally and what configurations you need. I do not think anyone has done this quite yet, so if you would like assistance please PM me.

Best regards,

Edward L. Haletky

VMware Communities User Moderator

====

Author of the book 'VMWare ESX Server in the Enterprise: Planning and Securing Virtualization Servers', Copyright 2008 Pearson Education. As well as the Virtualization Wiki at http://www.astroarch.com/wiki/index.php/Virtualization

Thanks a lot for your offer/time to help me. I am very much grateful to you.

I have done some research and found the ports which needs to be open

1) 443 SSL connection

2) 8009 AJP

3) 4001 Java Msg Server

4) 3389 RDP

5) 389 LDAP

I have made this diagram, not a professional looking, but will need some more inputs from your side.

Thanks