4

I have the need to isolate a virtual machine created with Virtualbox from the local network but I need to provide internet access to that machine. It is the first time that I face this kind of problem, different solutions came up in my mind:

  1. create a VLAN
  2. use a DMZ
  3. use a firewall in the host machine filtering communication in the virtual NIC

I would like to know what do you think about these solutions, which in your opinion is the best and why.

Federico
  • 183
  • 2
  • 9
  • Note that the "standard" VB network model is NAT, that is your guest can browse the Internet, but has a private IP not visible in the cloud. – antonio Sep 23 '14 at 21:53

1 Answers1

2

VLANing it is the best bet as it keeps it protected behind your firewall, but isolates it from the network.

The DMZ is next since it puts it in the open, but completely separate from your network (note that this isn't the same as simply using a DMZ ip address on a consumer router that simply allows a particular IP to be connected to, but doesn't isolate it from the internal network.

The third option strikes me as particularly difficult to implement and risky as a missed rule would allow access and the information is still traveling across the internal network.

AJ Henderson
  • 41,816
  • 5
  • 63
  • 110