Hi everybody!
Long time to see, now i have to return back the virtual project with VMWare ESXi in that i'm just newbie and i need you help.
I'm struggling not know how to create a security layer for all my production VM without any additional costs.
As follow, i have one strong server with 2 pNics
+ one pNics i used it for managerment network, this line is in security LAN zones at my office, no worried about it
+ remain pNics is connected directly to internet and i used it for many production VM that i have configured:
- I create a Internet vswitch with this pNics and put 2 webserver VM on it, each VM has a IP public, ex 203.181.91.x and 203.181.91.xx
- I create a LAN vswitch with no adapter and put 2 DB server VM on it, each VM has a private IP, ex 192.168.1.x and 192.168.1.xx
- Of course, in 2 webserver, i create additional LAN vNics to connect to DB server and they running well
But now, putting the webservers directly on Internet is not ideal, so i think i need a security layer for this and a firewall VM can be a chose.
This VM can be Linux box that i'm very familiar with IP tables, snort...but i cann't find the way to config so that this Linux box can handle all traffic from 2 IP pulibc of webserver
My ideas is building a security box that in front of 2 webserver.
So, anybody experience this situation, please guide to setup.
Thanks so much!