undefined operator
07-29-09, 04:47 PM
Is there any downside to virtualizing a server instance to run OpenBSD
(primarily setting it up to serve as a firewall) off the same server
from which I'd also be running virtual instances of a domain controller,
a web server, email server, file server, etc?
Does it need to have it's own physical box? What about adding Snort to
the mix - if I set up the OpenBSD w/Snort distro, is there any conflict
in using this instance as the firewall, too?
I'm guessing that the ideal might be to set up a separate box running
OpenBSD/Snort, and configuring it to serve as both a firewall and IDS
system - set up this box between the router and the switch - then the
switch goes out to a separate box w/VMWare Server installed, and virtual
instances for each server role - web, email, file, domain controller.
(plus the regular PCs).
Any help/hints are appreciated - I concede from the outset that I'm just
sticking my big toe into the water here, and will be prone to making
beginner errors. I guess what I'm asking boils down to a couple
questions - I know I want my web/email/file/domain controllers to be
"behind" the firewall - but can I be running all of them as a VMnet with
a virtual switch and achieve the same thing (thus running all of them
off the same machine) - or should the firewall/IDS box be physically
separate? (Is it ok to set up an OpenBSD distro for both duties?)
If both methods are possible, what are the pros and cons - are there any
security risks to running the IDS/Firewall virtually on the same
physical machine from which you're running other services - like serving
up an intranet site, etc? (I would think so, but don't know enough
about the nuts and bolts to describe why...)
Thanks in advanced. Snarky comments about finding someone who knows
what they're doing will be ignored, but appreciated. This isn't meant
for a production environment - I'm setting up a home lab to try some
things out.
(primarily setting it up to serve as a firewall) off the same server
from which I'd also be running virtual instances of a domain controller,
a web server, email server, file server, etc?
Does it need to have it's own physical box? What about adding Snort to
the mix - if I set up the OpenBSD w/Snort distro, is there any conflict
in using this instance as the firewall, too?
I'm guessing that the ideal might be to set up a separate box running
OpenBSD/Snort, and configuring it to serve as both a firewall and IDS
system - set up this box between the router and the switch - then the
switch goes out to a separate box w/VMWare Server installed, and virtual
instances for each server role - web, email, file, domain controller.
(plus the regular PCs).
Any help/hints are appreciated - I concede from the outset that I'm just
sticking my big toe into the water here, and will be prone to making
beginner errors. I guess what I'm asking boils down to a couple
questions - I know I want my web/email/file/domain controllers to be
"behind" the firewall - but can I be running all of them as a VMnet with
a virtual switch and achieve the same thing (thus running all of them
off the same machine) - or should the firewall/IDS box be physically
separate? (Is it ok to set up an OpenBSD distro for both duties?)
If both methods are possible, what are the pros and cons - are there any
security risks to running the IDS/Firewall virtually on the same
physical machine from which you're running other services - like serving
up an intranet site, etc? (I would think so, but don't know enough
about the nuts and bolts to describe why...)
Thanks in advanced. Snarky comments about finding someone who knows
what they're doing will be ignored, but appreciated. This isn't meant
for a production environment - I'm setting up a home lab to try some
things out.