VMware Cloud Community
gaadmin
Contributor
Contributor
‎06-21-2011 05:01 AM

Architectural question

Hi all,

I have a question regarding the overall architecture of vCloud and recommendations on a way forward.

I have a requirement to use vCloud to build network (vlan) separated test and development environments. Security stipulates that the vApps should not be accessible from the LAN, that is to say, we don't want end users copying files to the vApps directly.

My question revolves around how one works around that requirement, when the vApps themselves most likely need software and other files copied to them. At the moment, the best I can think of is to create a standalone VM on the org internal network that is connected to the external (LAN) and multi-home it so that users can push files through that server to their various vApps. Is that a sensible way to go?

This solution would preclude the copying of data for vApps that are fenced, but that's not something we're likely to need.

Any direction/suggestions would be appreciated.

TIA.

0 Kudos
2 Replies
cfor
Expert
Expert
‎06-23-2011 06:48 AM

Trying tro get my head around your question...  Why do you not want users being able to copy files directly to the vApps?  I only ask this in order to help find a solution...

For example would this be ok (and why if direct copy is not allowed).

vapp ---- read_access ---> filestore  <--- write/read --- client_systems

I assume the filestore could have security software to watch was was transferred, and that is a little more complex for clients.

We have some test setups that have similar secure needs, one approach we have taken (but has some on purpose limitations):

vApp can mount media from a catalog on vCloud - only some approved users can place media in that catalog.  This makes it possible to get approved files to the vApps but keeps other things out.  (For these systems as they are vApps they are run wit ha very short life cycle, weeks not longer - meant for quick one0off tests).

Hope that helps some, if you can provide a little more data on reasons around the file copy limitation I might be able to toss a few more ideas out.

ChrisF (VCP4, VCP5, VCP-Cloud) - If you find this or any other answer useful please consider awarding points by marking the answer correct or helpful
0 Kudos
guitzer
Contributor
Contributor
‎06-23-2011 07:01 AM

Dear Sender:

I will be Out Of Office by Jun 23, 2011. I will get back to you ASAP when return.

Regards

0 Kudos