[unisog] DMZ and Non DMZ using sharing VM infrastructure

Paul Guarino pguarino at suffolk.edu
Tue Aug 4 18:08:04 GMT 2009


Wanted to get a feel for what others are doing with regards to the DMZ and


I am under the stance that DMZ and Non-DMZ host should not share the same vm
hosts among other things, but at least;


Isolate ALL Storage Networks from DMZ VMs 

Separate LUNs

Use separate virtualization hosts for DMZ VMs  

Keep VMotion, SC, and storage networks out of the DMZ

Do not mix security zones on the same vSwitch


I am curious how others are handling the DMZ and non-DMZ VMs. Please let me





Paul Guarino

Suffolk University






This E-mail message is confidential, intended only for the recipient(s)
named above and may contain information that is privileged, exempt from
disclosure under applicable law. If you have received this message in error,
or are not the named recipient(s), please immediately notify the sender by
return email or by calling (617) 573-8523, and delete this message from your
computer. Thank you.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.sans.org/pipermail/unisog/attachments/20090804/0c47d72c/attachment.htm 

More information about the unisog mailing list