Secure VMware vSphere HomeLab Networking
•Als PPTX, PDF herunterladen•
0 gefällt mir•890 views
While re-building my VMware vSphere home lab I implemented VLAN, firewall and vSphere networking concepts to create a very secure solution.
Empfohlen
Empfohlen
Weitere ähnliche Inhalte
Kürzlich hochgeladen
Kürzlich hochgeladen (20)
Empfohlen
Empfohlen (20)
Secure VMware vSphere HomeLab Networking
- 1. VMWARE VSPHERE 5.1 HOMELAB Secure Networking
- 2. OVERVIEW Objectives Network Diagram vSphere Network The Video If Slideshare doesn’t accommodate the video, see it my blog @ http://dailyioreport.com/2013/01/15/secure-vmware-vsphere-home-lab-networking/
- 3. OBJECTIVES Create 2 isolated zones, a Green Zone for internal devices and a Red Zone for Internet traffic, that cannot communicate with one another in any way. Use an OpenSource firewall to allow Green Zone outbound traffic to reach the Internet via the Red Zone while preventing all Red Zone traffic from entering the Green Zone except that in response to Green Zone sources. Use vSphere networking to facilitate as much as possible Deploy the firewall as a VM Use low-cost and or free components.
- 4. NETWORK DIAGRAM All Green Zone outbound traffic flows through Firewall “straddles” firewall .01 address VLAN 2 & 3 which is set for all as the default gateway
- 5. VSPHERE NETWORK Green Zone – VLAN 3 Firewall “straddles” VLAN 2 & 3 Red Zone – VLAN 2
- 6. VSPHERE SECURE LAB NETWORK VIDEO
Hinweis der Redaktion
- My Lab Hardware – quick review of that for contextThe Install – start the install itself
- I found 2 2716 (only found Visio for the 2816) on ebay for around $60 or so each. They provide VLAN, LAG, QoS and other services in a small, low-cost form factor. They aren’t made any more so need to find them used online.
- The vSphere networking is meant to mimic and/or leverage the physical world as much as possible to facilitate design objectives. With 4 network ports in each esxi host, 2 vSwitches can be deployed with load-balanced, fail-over networking to each. The vSwitches have their own inherent security aspects and help to ensure communication doesn’t flow from one to the other.