VMware Cloud Community
JKevinezz
Contributor
Contributor
‎05-10-2007 10:39 AM
Jump to solution

Network Isolation

Good day all,

The scenario is the client wants us to leverage the corporate ESX environment that houses production servers and is on the production network. The issue is, how do we isolate the network traffic of our lab virtual machines, which is on the same hardware/farm as production servers, so that we do not bring down production eDir, AD, NT, etc. Unfortunately, there is no room for error!

0 Kudos
1 Solution

Accepted Solutions
esiebert7625
Immortal
Immortal
‎05-10-2007 11:01 AM
Jump to solution

You can create Internal Only vSwitches (no NIC assigned to it) that you can attach your VM's to. Network traffic stays on that vSwitch and any VM's not attached to that vSwitch will not see the VM's that are attached. You can also create separate vSwitchs for your lab that connect to a certain NIC on ESX that connects to a isolated physical switch on your network.

fyi...if you find this post helpful, please award points using the Helpful/Correct buttons...thanks

View solution in original post

0 Kudos
7 Replies
esiebert7625
Immortal
Immortal
‎05-10-2007 11:01 AM
Jump to solution

You can create Internal Only vSwitches (no NIC assigned to it) that you can attach your VM's to. Network traffic stays on that vSwitch and any VM's not attached to that vSwitch will not see the VM's that are attached. You can also create separate vSwitchs for your lab that connect to a certain NIC on ESX that connects to a isolated physical switch on your network.

fyi...if you find this post helpful, please award points using the Helpful/Correct buttons...thanks

0 Kudos
juchestyle
Commander
Commander
‎05-10-2007 11:38 AM
Jump to solution

Create a virtual switch for just your production vms, and create another virtual swith just for your test/dev environment. You could even create seperate vlans for each group as well.

Respectfully,

Kaizen!
0 Kudos
juchestyle
Commander
Commander
‎05-10-2007 11:39 AM
Jump to solution

Make sure your physical nics don't exist in both vswitches also.

Respectfully,

Kaizen!
0 Kudos
Rumple
Virtuoso
Virtuoso
‎05-10-2007 11:48 AM
Jump to solution

If you need to transfer files between the production and LAb network then you can take a XP VM, leave it in a workgroup and then use that VM to bounce between prod and LAB to map and copies files as required.

0 Kudos
juchestyle
Commander
Commander
‎05-10-2007 12:21 PM
Jump to solution

To clarify what I think Rumple is saying: You could assign 2 nics to the xp box, one from each network so that it could communicate back and forth.

Respectfully,

Kaizen!
0 Kudos
murreyaw
Enthusiast
Enthusiast
‎05-10-2007 12:24 PM
Jump to solution

Or make it all virtual, and use VLAN trunking to each nic. Put all the vms on the vswitches with the appropriate tags.

0 Kudos
esiebert7625
Immortal
Immortal
‎05-10-2007 12:25 PM
Jump to solution

Or to be even safer and more isolated so you are not bridging networks you could use one NIC for a workstation, assign it to the one vswitch, copy your files to it that you need to transfer and then move it to the other vswitch.

0 Kudos