Re: [fw-wiz] VMware (or else) in different areas/dmz

From: Attila Nagy (bra@fsn.hu)
Date: 01/29/03


From: Attila Nagy <bra@fsn.hu>
To: Siebenkaes Stefan <Stefan.Siebenkaes@itellium.com>
Date: Wed Jan 29 09:10:38 2003

Hello,

> But now, "they" begin to intermix the zones, the VMware-machine is
> inside (LAN) and services 4 webservers in different zones, some
> mail-gateways and so on. So physically the different zones are now
> connected. Logically, they are separated, because there's no (known!?)
> inter-virtual-machine-communication.
I have the same setup here (although there is no need for high security)
in the following way:
the host machine has two or more real NICs, each of them is connected to
the switch which serves the given network.
The host OS has "no network connection", which means the interfaces don't
have IP (nor anything else) addresses, there is no bridging, etc.

In VMWare the given virtual machines are bound to the given NICs.

Of course if there's a bug in VMWare (which is likely), you can override
this, but it may be suitable for many places...

----------[ Free Software ISOs - http://www.fsn.hu/?f=download ]----------
Attila Nagy e-mail: Attila.Nagy@fsn.hu
Free Software Network (FSN.HU) phone @work: +361 210 1415 (194)
                                                cell.: +3630 306 6758