70-659 Exam Prep Part 3

Configuring Virtual Networks and VLAN Security

In this section we will cover Virtual Networks and VLAN Security.

Hyper-V Manager allows for MAC address ranges to be set to dynamically and be assigned to VMs. This can be found in the Virtual Networks page, Global Network Settings option.

Network locations are usually determined by Network Location Awareness. However this can be overridden and needs to be done for ESX hosts. You will need to open the properties page of the host; choose the Hardware tab and choose a network adapter for which you want to configure. On the properties page, choose the Override discovered network location check box, then enter a new location in the text box. You can also set a network tag, under the Networking tab. Network tags help in distinguishing multiple virtual switches on the same logical network.

When it comes to VLANS, there are 2 places that you can configure the VLAN settings. The first is in the settings of the VM in the properties of the VM’s network adapter. This is an individual VM setting.

pic1

The second place is in the Virtual Network Manager. This is a global VLAN setting for all VMs connected to the same virtual network.

pic2

VLAN Security can be achieved by isolating the host and VM networks’ physical network security; for example using a dedicated NIC for host management, and using VLAN tagging.

The Virtual Network Manager is where you configure the network settings for VMs. There are 3 types of networks you can setup: External, Internal, or Private. External gives the VM access to everything. Internal restricts VM access to only the host and other VMs for internal communications. Private restricts VM access to private communications only with other VMs. For both Internal and Private settings there is no external communications outside the VMs.

Comments are closed.