VMware Networking Community
rastickland
Enthusiast
Enthusiast
‎04-22-2020 07:35 AM
Jump to solution

dmz? nsx? multiple interfaces on a vm that needs external and internal communication

        there is a request in my org to have a vm (in the dmz or not) that has both internal interfaces to the network as well as public / external internet access.   The discussion internally has been straight forward as to that it needs to be done, but the question(s) has been as to best do it.   the push internally has been to go virtual with this but we have not implemented nsx yet and i am asking if the "protections" offered by nsx would be sufficient for something like this?    thoughts?

0 Kudos
1 Solution

Accepted Solutions
Sreec
VMware Employee
VMware Employee
‎04-23-2020 04:38 AM
Jump to solution

For sure this is achievable. Going via the traditional way , we will have DMZ specific F/W and DC F/W for ingress and egress traffic ,assuming you have a similar connectivity model from the servers to those segments , NSX can certainly protect your workloads. How you implement the F/W and Routing is purely a design choice.

Cheers,
Sree | VCIX-5X| VCAP-5X| VExpert 7x|Cisco Certified Specialist
Please KUDO helpful posts and mark the thread as solved if answered

View solution in original post

2 Replies
Sreec
VMware Employee
VMware Employee
‎04-23-2020 04:38 AM
Jump to solution

For sure this is achievable. Going via the traditional way , we will have DMZ specific F/W and DC F/W for ingress and egress traffic ,assuming you have a similar connectivity model from the servers to those segments , NSX can certainly protect your workloads. How you implement the F/W and Routing is purely a design choice.

Cheers,
Sree | VCIX-5X| VCAP-5X| VExpert 7x|Cisco Certified Specialist
Please KUDO helpful posts and mark the thread as solved if answered
rastickland
Enthusiast
Enthusiast
‎04-23-2020 06:18 AM
Jump to solution

i talked to my NSX dealer yesterday and we talked about the DMZ anywhere solution and i think that is something looks very promising as well.  Thank you for the reply!

0 Kudos