Your SlideShare is downloading. ×
0
My virtual firewall
My virtual firewall
My virtual firewall
My virtual firewall
My virtual firewall
My virtual firewall
My virtual firewall
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

My virtual firewall

1,302

Published on

using the previously described vsphere lab, I created a dedicated ipcop firewall as a virtual machine to secure my home networks.

using the previously described vsphere lab, I created a dedicated ipcop firewall as a virtual machine to secure my home networks.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,302
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
13
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. My Virtual Firewallby Brian Drew
    Last time I shared my home vSphere environment that I use to test and train on. I got a lot of positive feedback and wanted to follow up with my virtual firewall configuration.
    Prior to implementation I had a Comcast cable modem and Windows firewall on each PC. That was the extent of it and I knew better. I needed something stronger.
  • 2. Overview
    Before and After
    Physical and Logical Components
    Next Steps
    Agenda
    As always the information contained within is not meant to be an exhaustive how-to manual but rather represent what I used to build a secure network using my virtual lab.
    I used IPCOP, an Open Source solution, on a virtual machine. The only “stickler” is the network config but that is easy too. The end-result is a decent, dedicated firewall and a little extra learning to boot.
  • 3. I feel good about the IPCOP solution. I might give Microsoft Forefront Threat Management Gateway a try when I get some free time but for now I’m satisfied.
    I thought it worth showing before and after pics to get the overall jist of things.
    This is the BEFORE…..
    Overview
  • 4. After - Physical
    By using that 3rd NIC in each HP ProliantMicroServer I was able to create the required environment.
    Caveat – notice the un-used on-board NIC on the other ESXi host.
  • 5. In vSphere the networking looks like this on both hosts. I did not use vDS this first time around.
    Notice the ipcop VM is on 2 virtual switches
    The corresponding physical connections are then made
    After - logical
  • 6. The ipcop server is set as the default gateway now for all devices on that LAN segment.
    All packets must go through the firewall inbound and outbound.
    Security is now up to the configuration of ipcop.
    To me that is a LOT better than having individual firewalls on each and virtual machine.
    Make sure to turn them all off if you go this route.
    You still need anti-virus.
    It’s beautiful
  • 7. Go through icop documents and button things up if desired
    Other services that can be enabled include DHCP, NTP and Intrusion Detection – all are already “in the box” waiting to be enabled.
    I use all the services now – point ESXi servers at it for NTP. The Intrusion Detection is particularly interesting.
    Back to that unused network port. Regretfully, since I don’t have sophisticated equipment at home, when a ESXi host failure occurs, I need to move the cross-over cable to the other, live ESXi host. Everything else will take care of itself.
    THE END
    Next Steps

×