Thursday, September 17, 2020

Isolate servers into groups

Hello All,

Need to pick your brains on how things are done these days...

How to segment/isolate servers into groups? The reason is should one server become infected by malware etc not to pass this down the chain.unmanageable

Have 90 VM servers on 5 ESXi hosts all have the same VLANs (15 in all). None have the Microsoft FW enabled..it became unmanageable so they dropped it. Looked into NSX..company could not afford it. From a Cisco (100% used here) or another vendor point of view what can be done?

Is it still ACLs between hosts (ACL between hosts on the same VLAN possible?) still the norm?

If ACLs I would find it difficult to identify the traffic (no visibility of internal traffic ) required and likely block good traffic.

Open to other technologies or ways of doing things.

- ACL??

- Divide servers into groups based on what??

- Drop a firewall can it be used on a host to host base??

Please could you help any info appreciated.

Jas



No comments:

Post a Comment