Deploying the network edge on a virtual environment – Part 1

It was a while I had not posted anything here until today I decided to write a two- or three-part article (I am not still sure how many parts it is going to be composed of) on virtualization of the edge using Microsoft technologies.

With a rapid growth in the area of virtualization, one might think of virtualizing parts of the network that seemed and of course still seems pretty critical in every environment. One of those parts is the edge of the network where the internet meets the LAN or at least the perimeter network.

There is always a high number of reasons behind taking the network infrastructure all on a virtual platform but specifically for the network edge, the reasons must be strong enough to assure security because this is the part of the network which is more than the others exposed to the outside (The internet so to speak) and therefor could be affected by a number of potential attacks.

Talking about reasons, helping the environment and of course developing more Green technologies would be the most common reason behind any virtualizaion solution but here for the edge below is the answers to all those WHYs:

-Faster disaster recovery: As a systems engineer I have seen it many times when the devices sitting at the edge of the network responsible for all kinds of NATing and routing happen to fail and shut down as a result of hacking attacks, DDoS attacks or simply for no reason. In such situations, the first thing to do will be recovery and of course if the infrastructure is a ll virtualized, it will only be a matter of restoring the old Virtual Hard Disk files (VHD) and then booting up the OS again. It’s really fast and efficient really well suiting the requirement of an edge solution.

-Increasing Complexity for hackers: Who wouldn’t like to create a very complex environment for a hacker who gets terribly confused even if he gets the chance to penetrate in. As an administrator or a systems engineer you would also get lost if you are not familiar with the whole infrastructure that you are dealing with and just in case you do not have the documentation (Which is a must for every virtualized environment) you will be like Alice in wonderland.

-A Cost-effective solution for small businesses: Not all the businesses have big data centers with hundreds of servers installed in the racks. There are businesses with only one or two servers and of course a number of applications. For such businesses, installing an edge application like ISA Server or Forefront TMG 2010 on a separate server is a huge cost since servers are not that cheap to afford. By taking TMG and of course other applications all virtual on one or two servers, there will be a great save in costs.

For the time being, I just wanted to clarify things over all the questions of WHY??? In the next parts I will more discuss different scenarios in detail. In our exercises we are going to make use of Forefornt TMG 2010 as the edge application running on Hyper-v in a Guest VM.

You want to learn more? Check out my new book below and have access to great and practical tutorials and step-by-step guides all in one book: 

To get more information about the book click on the book below:

1

Cheers

2 thoughts on “Deploying the network edge on a virtual environment – Part 1

  1. It seems to be a very usefulll article. I will take a look on the next parties ritght now. For now, I completelly agree with the the “cost-effective” why.

Leave a Reply

Your email address will not be published. Required fields are marked *