Appendix B: Security : DMZ Considerations
   
DMZ Considerations
In general, standard firewall design guidelines should be followed in a vCloud environment. However, there are some areas that require special consideration. A number of vCloud Director operations involve sessions that remain open to management infrastructure, which is protected by the back-end firewall, for a long period of time.
*Idle session timeouts – Depending on the level of activity within the vCloud environment some connections, such as the sessions to vSphere hosts to retrieve thumbnails via the vslad agent and to vCenter Server for inventory, might require adjustment to default TCP timeout policies. This is also a consideration for ONS connections required for Fast Connection Failover support in Oracle RAC environments.
*Dead Connection Detection or equivalent – Many firewalls support functionality to allow idle but still valid connections to persist. This modifies the idle timeout behavior by probing endpoints of the connection and verifying that the session is not terminated.
*LoggingFirewall logs should be collected by a centralized syslog server.
*SMTP filteringMany firewalls filter email connections, restricting ESMTP commands. In some cases this feature may need to be disabled to permit vCloud Director to send mail notifications.
*BandwidthSome vCloud operations require either high throughput or low latency (examples of this are NFS transfer access and database access). Therefore, the firewall must be correctly specified so that it does not become a performance bottleneck.
*AvailabilityDeploy firewalls and load balancers in highly available pairs where possible.
*Secure Administrative AccessTightly control access to the management networks using strong authentication, logging, and encryption.
*Scalability – vCloud environments are typically architected to scale and support a large number of workloads and users. Firewalls should scale along with the vCloud to help avoid future downtime.