Exam Prep for 70-659 Part 3: Configuring Virtual Networks and VLAN Security
As I wrote ain an earlier post, there is no better time to write your exam for 70-659 Windows Server 2008 R2, Server Virtualization, than now and particularly before May 31, 2012. So to aid in that endeavour, Joseph Yedid, an IT specialist with Enhansoft in Ottawa, has put together a series of posts focused on getting IT folk ready to pass this exam. Joseph writes his blog at www.josephyedid.com but has allowed me to repost this series here.
Configuring Virtual Networks and VLAN Security
In this section we will cover Virtual Networks and VLAN Security.
Hyper-V Manager allows for MAC address ranges to be set to dynamically and be assigned to VMs. This can be found in the Virtual Networks page, Global Network Settings option.
Network locations are usually determined by Network Location Awareness. However this can be overridden and needs to be done for ESX hosts. You will need to open the properties page of the host; choose the Hardware tab and choose a network adapter for which you want to configure. On the properties page, choose the Override discovered network location check box, then enter a new location in the text box. You can also set a network tag, under the Networking tab. Network tags help in distinguishing multiple virtual switches on the same logical network.
When it comes to VLANS, there are 2 places that you can configure the VLAN settings. The first is in the settings of the VM in the properties of the VM’s network adapter. This is an individual VM setting.
The second place is in the Virtual Network Manager. This is a global VLAN setting for all VMs connected to the same virtual network.
VLAN Security can be achieved by isolating the host and VM networks’ physical network security; for example using a dedicated NIC for host management, and using VLAN tagging.
The Virtual Network Manager is where you configure the network settings for VMs. There are 3 types of networks you can setup: External, Internal, or Private. External gives the VM access to everything. Internal restricts VM access to only the host and other VMs for internal communications. Private restricts VM access to private communications only with other VMs. For both Internal and Private settings there is no external communications outside the VMs.
Joseph Yedid is an IT specialist working at Enhansoft a company based in Ottawa, Canada, that develops products and services to extend the value of System Center Configuration Manager 2007 (SCCM) and System Center Configuration Manager 2012. He is an avid user of technology and is certified in many areas of Microsoft infrastructure technologies. He is MCTS and MCITP certifed - Windows Server 2008 and Microsoft Vista/Windows 7. Other interests revolve around virtualization technologies, System Center and Private Cloud. Joseph is a member and on the executive of the Ottawa Windows Server User Group.