VMware Horizon Community
AnthonyChow
Hot Shot
Hot Shot

Virtual desktop running on ESX/ESXi

Today, my boss asked me when we run virtual desktop on the ESX how do we prevent vdestop A from snooping vdesktop B since they are running on the same hypervisor?  Does each virtual desktop has it own VLAN?

Is there some document that I can read up on this? (I am sure there will be but being new to this I am hoping someone can give me some pointer so that I can get to the answer quickly).

Thanks and have a nice day,

anthony.

Reply
0 Kudos
4 Replies
a_p_
Leadership
Leadership

.. how do we prevent vdestop A from snooping vdesktop B since they are running on the same hypervisor

What are you currently doing to prevent from this in your physical LAN? Does every desktop run in a separate VLAN?

In ESXi the virtual machines are connected to a virtual switch, so there's not much difference between virtual and physical systems.

You may want to take a look at http://www.vmware.com/files/pdf/virtual_networking_concepts.pdf to see how the virtual network works and what can be configured.

André

Baddos
Enthusiast
Enthusiast

By default the virtual switch will not show the other vm's traffic. It is just like a hardware switch but in software. You however can configure it otherwise, but you would have to actually set it up that way.

EGarbuzov
VMware Employee
VMware Employee

In addition, (for your boss assurance Smiley Happy) may be you can use Private VLAN in isolatead state for each desktop vm.

Isolated – A node attached to a port in an isolated secondary PVLAN may only send to and receive packets from the promiscuous PVLAN.

Reply
0 Kudos
AnthonyChow
Hot Shot
Hot Shot

Thanks everyone for your pointers.

Have a nice day.

Reply
0 Kudos