Re: ESX Vmware Physically connected to different segments

["Kurt Buff" <kurt.buff () gmail com>]

Ah.

I misunderstood your business.

In a situation like this, I don't think you have a choice, though I
don't have enough experience in such a situation to comment
coherently.

I was envisioning the servers being at the client site, and that you
were using virtualization for hosts that were both in the DMZ and the
internal network(s), and that's what I was preaching against.

Kurt

On Jan 28, 2008 1:02 PM, David M. Zendzian <dmz () dmzs com> wrote:
> Just the fact that we mix customers in a virtual environment creates a
> similar risk. We aren't able to offer a dedicated host for every
> customer who wants a virtual environment, that would defeat the purpose
> of virtualization.
>
> Maybe I missed part of the earlier discussion, and I'm always ready to
> look at other ways of approaching the problem. Other than dedicated
> hosts for each customer, what would you suggest a basic design be to
> provide what you are describing?
>
> David
>
>
> Kurt Buff wrote:
> > Sorry, hit send too quickly. More below:
> >
> > On Jan 28, 2008 12:32 PM, David M. Zendzian <dmz () dmzs com> wrote:
> > <snip>
> >
> > > The only way to be secure is to unplug, the rest of us have to work for
> > > a living :)
> >
> > There are other ways of hosting internet-exposed sites, and I believe
> > you are doing your customers a disservice by mixing domains in this
> > fashion, which (IMHO) exposes them to unnecessary risk.
> >
> > Kurt

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------