Questions about VMWARE Design , Nexus 1000V , DMZ and Examples

[ReMad]

Hello All

I need to convert some Physical to Virtual servers

2 ESXi's for the servers with their normal trafic

and

2 ESXi Servers will host the Servers with DMZ network

so need the following

I need some exaples which describes configuration for the first 2 esxis

and for DMZ showing configuration for DMZ network

about DMZ , what will happen when converting 1 server and how it will access the remaining physical servers if not converted yet

about upgrade manager

what is the difference of having it since the converting tool is seperate and can work without update manager installed ?

[sc302 Veteran]

Why have separate servers for the dmz? why not have separate nics for the dmz?

Once the servers are in their sand box they do not communicate with anything other than the host os.

The servers in a virtual environment are like servers in a physical environment except you have software assigning hardware vs physical presence of hardware.

You can have multiple servers hosting an array of servers, dmz, non dmz, db, etc....all of the servers will exist on a san and have no physical presence. The network is the network, nic 1 can be dedicated to your secure network and only servers 1,2, and 6 have access to that network card. Nic2 can be dedicated to your dmz and only servers 3,4,and 5 have access to that. You configure all of that through your hypervisor.

I am not sure exactly what you mean with the last question... but the servers even if virtualized have no bearing on not being able to be accessed.

[+John Teacake MVC]

Why have separate servers for the dmz? why not have separate nics for the dmz?

Once the servers are in their sand box they do not communicate with anything other than the host os.

The servers in a virtual environment are like servers in a physical environment except you have software assigning hardware vs physical presence of hardware.

You can have multiple servers hosting an array of servers, dmz, non dmz, db, etc....all of the servers will exist on a san and have no physical presence. The network is the network, nic 1 can be dedicated to your secure network and only servers 1,2, and 6 have access to that network card. Nic2 can be dedicated to your dmz and only servers 3,4,and 5 have access to that. You configure all of that through your hypervisor.

I am not sure exactly what you mean with the last question... but the servers even if virtualized have no bearing on not being able to be accessed.

Exactly!

[ReMad]

Why have separate servers for the dmz? why not have separate nics for the dmz?

Once the servers are in their sand box they do not communicate with anything other than the host os.

The servers in a virtual environment are like servers in a physical environment except you have software assigning hardware vs physical presence of hardware.

You can have multiple servers hosting an array of servers, dmz, non dmz, db, etc....all of the servers will exist on a san and have no physical presence. The network is the network, nic 1 can be dedicated to your secure network and only servers 1,2, and 6 have access to that network card. Nic2 can be dedicated to your dmz and only servers 3,4,and 5 have access to that. You configure all of that through your hypervisor.

I am not sure exactly what you mean with the last question... but the servers even if virtualized have no bearing on not being able to be accessed.

ok thanks

but i was asking about configuration

so do we need to use Private vlans for DMZ ( different Communities for different Servers ) or what exactly

could you explain some more details about Configuration

about having dmz servers different than the normal ones , this is the situation i found

i know using the servers for all can garuntee better optimization especially that they are few dmz servers compared to the other ones

for the Nexus 1000v

what will the configuration for DMZ look like ?

Thanks