rastickland
Enthusiast
Enthusiast

dmz? nsx? multiple interfaces on a vm that needs external and internal communication

Jump to solution

        there is a request in my org to have a vm (in the dmz or not) that has both internal interfaces to the network as well as public / external internet access.   The discussion internally has been straight forward as to that it needs to be done, but the question(s) has been as to best do it.   the push internally has been to go virtual with this but we have not implemented nsx yet and i am asking if the "protections" offered by nsx would be sufficient for something like this?    thoughts?

0 Kudos
1 Solution

Accepted Solutions
Sreec
VMware Employee
VMware Employee

For sure this is achievable. Going via the traditional way , we will have DMZ specific F/W and DC F/W for ingress and egress traffic ,assuming you have a similar connectivity model from the servers to those segments , NSX can certainly protect your workloads. How you implement the F/W and Routing is purely a design choice.

Cheers,
Sree | CKA|CKAD|VCIX-3X| VCAP-4X| VExpert 5x

View solution in original post

2 Replies
Sreec
VMware Employee
VMware Employee

For sure this is achievable. Going via the traditional way , we will have DMZ specific F/W and DC F/W for ingress and egress traffic ,assuming you have a similar connectivity model from the servers to those segments , NSX can certainly protect your workloads. How you implement the F/W and Routing is purely a design choice.

Cheers,
Sree | CKA|CKAD|VCIX-3X| VCAP-4X| VExpert 5x

View solution in original post

rastickland
Enthusiast
Enthusiast

i talked to my NSX dealer yesterday and we talked about the DMZ anywhere solution and i think that is something looks very promising as well.  Thank you for the reply!

0 Kudos