VM Host with guests on the Internal and DMZ networks

Security Folks,

We want to have a VMWare
host (VMWare Server) that has guest systems on the DMZ and Internal
LAN. To accomplish
this the host would have two interfaces, one on each network. Is this
a really bad idea from a security perspective? What are some ways to
mitigate the risks?


Relevant Pages

  • Re: ICS questions and confusion
    ... >>> has to be another subnet altogether. ... WHY does the LAN connection that connects my router to the ... >>host have to be on a different subnet than the 192.168.0.x one? ... >>where is that documented in all the how-to's on ICS, ...
  • Re: router causing ssh etc. slowdown?
    ... >> port on their public IP from a host on their own LAN. ... Let's say host A starts a TCP connection from its ... The router sends the SYN packet to ...
  • Re: how to "join" LAN with plip link?
    ... PLIP howto) about a real case on how I have made a plip connected host ... looking like on the LAN. ... Then I test the proxy-arp by ... LAN (or client), or you need to configure the server to do 'proxy-ARP'. ...
  • Re: authentication of multiple users for one mail server
    ... Regarding the value for "system mail name", in retrospect it does ... "system" name (i.e., the domain of a host on a LAN), but the ... happened to have the same domain name before the LAN was set up. ...
  • Re: Suggestions for Firewall/Port selection hardware box
    ... > I have a small LAN that currently sits behind a NAT connected to a DSL ... > mail server ports, web hosting port and several "custom" ports for my ... > have a DMZ port - but I do not think that this allows me to control the ... forward host is still connected to your internal LAN, ...