Your SlideShare is downloading. ×
0
My virtual firewall
My virtual firewall
My virtual firewall
My virtual firewall
My virtual firewall
My virtual firewall
My virtual firewall
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

My virtual firewall

1,310

Published on

using the previously described vsphere lab, I created a dedicated ipcop firewall as a virtual machine to secure my home networks.

using the previously described vsphere lab, I created a dedicated ipcop firewall as a virtual machine to secure my home networks.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,310
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
14
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. My Virtual Firewallby Brian Drew<br />Last time I shared my home vSphere environment that I use to test and train on. I got a lot of positive feedback and wanted to follow up with my virtual firewall configuration. <br />Prior to implementation I had a Comcast cable modem and Windows firewall on each PC. That was the extent of it and I knew better. I needed something stronger. <br />
  • 2. Overview<br />Before and After<br />Physical and Logical Components<br />Next Steps<br />Agenda <br />As always the information contained within is not meant to be an exhaustive how-to manual but rather represent what I used to build a secure network using my virtual lab. <br />I used IPCOP, an Open Source solution, on a virtual machine. The only “stickler” is the network config but that is easy too. The end-result is a decent, dedicated firewall and a little extra learning to boot. <br />
  • 3. I feel good about the IPCOP solution. I might give Microsoft Forefront Threat Management Gateway a try when I get some free time but for now I’m satisfied. <br />I thought it worth showing before and after pics to get the overall jist of things. <br />This is the BEFORE…..<br />Overview<br />
  • 4. After - Physical<br />By using that 3rd NIC in each HP ProliantMicroServer I was able to create the required environment.<br />Caveat – notice the un-used on-board NIC on the other ESXi host. <br />
  • 5. In vSphere the networking looks like this on both hosts. I did not use vDS this first time around. <br />Notice the ipcop VM is on 2 virtual switches<br />The corresponding physical connections are then made<br />After - logical<br />
  • 6. The ipcop server is set as the default gateway now for all devices on that LAN segment. <br />All packets must go through the firewall inbound and outbound. <br />Security is now up to the configuration of ipcop.<br />To me that is a LOT better than having individual firewalls on each and virtual machine. <br />Make sure to turn them all off if you go this route. <br />You still need anti-virus.<br />It’s beautiful <br />
  • 7. Go through icop documents and button things up if desired<br />Other services that can be enabled include DHCP, NTP and Intrusion Detection – all are already “in the box” waiting to be enabled. <br />I use all the services now – point ESXi servers at it for NTP. The Intrusion Detection is particularly interesting. <br />Back to that unused network port. Regretfully, since I don’t have sophisticated equipment at home, when a ESXi host failure occurs, I need to move the cross-over cable to the other, live ESXi host. Everything else will take care of itself. <br />THE END<br />Next Steps <br />

×