Hi,
I would like your input on DMZ VMs sharing storage volumes with the internal systems. Is there a security risk associated with this? If so, please point me to the best practice document, if any available.
Thanks
Hello and welcome to the communities.
Can you elaborate on the actual setup? Are you talking about both internal and external ESXi hosts using the same shared storage?
The following resources might be helpful:
http://www.vmware.com/files/pdf/dmz_virtualization_vmware_infra_wp.pdf
http://communities.vmware.com/docs/DOC-19605
In our case, both internal and external(DMZ) VMs share the same volumes or data stores within NetApp. Those volumes are setup with different replication schedules and for ease of management, some volumes are being shared with VMs from different trust zones. I am concerned with the security risk associated with shareing volumes. With appropriate controls, sharing same storage appliance is acceptable, but I concerned with sharing a volume. I need some support to validate my point. Is there a specific best practice document to address this?