DMZ Considerations
In general, standard firewall design guidelines should be followed in a vCloud environment. However, there are some areas that require special consideration. A number of vCloud Director operations involve sessions that remain open to management infrastructure, which is protected by the back-end firewall, for a long period of time.
Idle session timeouts
– Depending on the level of activity within the vCloud environment some connections, such as the sessions to vSphere host
s to retrieve thumbnails via the vslad agent and to vCenter Server for inventory,
might require adjustment to default TCP timeout policies. This is also a consideration for ONS connections required for Fast Connection Failover support in Oracle RAC environments.
Dead Connection Detection or equivalent
– Many firewalls support functionality to allow idle but still valid connections to persist. This modifies the idle timeout behavior by probing endpoints of the connection and verifying that
the session is not terminated.
Logging
– F
irewall logs should be collected by a centralized syslog server.
SMTP filtering
– Many firewalls filter email connections, restricting ESMTP commands. In some cases this feature may need to be disabled to permit vCloud Director to send mail notifications.
Bandwidth
– Some vCloud operations require either high throughput or low latency (examples of this are NFS transfer access and database access). Therefore, the firewall
must be correctly specified
so that it does not become a performance bottleneck.
Availability
– Deploy firewalls and load balancers in highly available pairs where possible.
Secure Administrative Access
– Tightly control access to the management networks using strong authentication, logging,
and encryption.Scalability
– vCloud environments are typically architected to scale and support a large number of workloads and users. Firewalls
should scale along with the vCloud to help avoid future downtime.