VMware Cloud Community
varu2011
Contributor
Contributor
‎01-04-2013 02:44 PM

DMZ VMs sharing the same internal server storage volume

Hi,

I would like your input on DMZ VMs sharing storage volumes with the internal systems. Is there a security risk associated with this? If so, please point me to the best practice document, if any available.

Thanks

Reply
0 Kudos
2 Replies
vmroyale
Immortal
Immortal
‎01-08-2013 11:01 AM

Hello and welcome to the communities.

Can you elaborate on the actual setup? Are you talking about both internal and external ESXi hosts using the same shared storage?

The following resources might be helpful:

http://www.vmware.com/files/pdf/dmz_virtualization_vmware_infra_wp.pdf

http://communities.vmware.com/docs/DOC-19605

Brian Atkinson | vExpert | VMTN Moderator | Author of "VCP5-DCV VMware Certified Professional-Data Center Virtualization on vSphere 5.5 Study Guide: VCP-550" | @vmroyale | http://vmroyale.com
Reply
varu2011
Contributor
Contributor
‎01-08-2013 01:56 PM

In our case, both internal and external(DMZ) VMs share the same volumes or data stores within NetApp. Those volumes are setup with different replication schedules and for ease of management, some volumes are being shared with VMs from different trust zones. I am concerned with the security risk associated with shareing volumes. With appropriate controls, sharing same storage appliance is acceptable, but I concerned with sharing a volume. I need some support to validate my point. Is there a specific best practice document to address this?

Reply
0 Kudos