Announcement

Collapse
No announcement yet.

Dedicated Server Advice.

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Dedicated Server Advice.

    Hi,

    I have recently rented a single dedicated server. It's internet facing with a handful of IPv4 addresses available.

    I would like to setup a visualized exchange environment/domain controller (new domain). The server comes pre-installed/licensed for Server 2012 Datacenter Edition. So I know I'm OK to setup various hyper-v VM's for the EX and DC servers.

    My concerns are that there is no hardware firewall in front of this box that I can administer myself. Therefore, I was thinking about whether I could do something funky with the visualization host with firewall/NAT/routing etc. Could it act as the firewall protection for the VM's it hosts?

    Any advice would be great.

  • #2
    Re: Dedicated Server Advice.

    You might look into virtual firewalls. I know that Cisco has a virtual ASA but I believe it's for VMware only at this moment...
    Marcel
    Technical Consultant
    Netherlands
    http://www.phetios.com
    http://blog.nessus.nl

    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
    "No matter how secure, there is always the human factor."

    "Enjoy life today, tomorrow may never come."
    "If you're going through hell, keep going. ~Winston Churchill"

    Comment


    • #3
      Re: Dedicated Server Advice.

      Thanks. So as I understand it; I could do something with virtual switches whereby

      Hypervisor (Basic windows firewall, no services running apart from Hyper-V)

      |

      Hyper-V Virtual Firewall (Two network cards, one external, one internal)

      |

      Exchange and DC. (Internal private addresses) NAT for external access.
      Would a debian based firewall work for the virtual firewall. Thinking like pfsense, untangle or similar?

      Comment


      • #4
        Re: Dedicated Server Advice.

        Yeps that can be a way to look into. Yet, any dedicated firewall would still be my preferred way.
        Marcel
        Technical Consultant
        Netherlands
        http://www.phetios.com
        http://blog.nessus.nl

        MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
        "No matter how secure, there is always the human factor."

        "Enjoy life today, tomorrow may never come."
        "If you're going through hell, keep going. ~Winston Churchill"

        Comment

        Working...
        X