Re: VMware (or else) in different areas/dmz

[Attila Nagy <bra () fsn hu>]

Hello,

> But now, "they" begin to intermix the zones, the VMware-machine is
> inside (LAN) and services 4 webservers in different zones, some
> mail-gateways and so on.  So physically the different zones are now
> connected. Logically, they are separated, because there's no (known!?)
> inter-virtual-machine-communication.
I have the same setup here (although there is no need for high security)
in the following way:
the host machine has two or more real NICs, each of them is connected to
the switch which serves the given network.
The host OS has "no network connection", which means the interfaces don't
have IP (nor anything else) addresses, there is no bridging, etc.

In VMWare the given virtual machines are bound to the given NICs.

Of course if there's a bug in VMWare (which is likely), you can override
this, but it may be suitable for many places...

----------[ Free Software ISOs - http://www.fsn.hu/?f=download ]----------
Attila Nagy                                     e-mail: Attila.Nagy () fsn hu
Free Software Network (FSN.HU)            phone @work: +361 210 1415 (194)
                                                cell.: +3630 306 6758
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards