Network Security

UAnton · November 27, 2016, 1:56pm

Hello.

We have question about network security issue.
Our current environment is OpenNebula over VmWare ESX6.
How we can harden user from change IP address inside their VM?
For example, if we have several users inside same group - users can change IP and call IP conflict with other user VM.

In our previous environment (OpenNebula over KVM) we use OpenvSwitch, which reject traffic with incorrect source/destination.

Could we somehow configure same behaviour?

P.S. Sorry for my English, it is not my native.

mcabrerizo · November 29, 2016, 7:17am

Hi Anton!
I’m afraid that there’s no current OpenNebula’s feature that can be used for that issue and I can’t think on what could be used in ESX to achieve that goal. However, if you are thinking on an specific feature of vCenter that enforces that IP check, you can open a feature ticket at http://dev.opennebula.org explaining how would you do that in vCenter so it can be checked if it could be ported to OpenNebula.

Cheers!

Topic		Replies	Views
OpenvSwitch (IP Hijacking): restriction by virtual network Community Support	4	1928	April 2, 2015
Virtual Networking Community Support	4	790	September 4, 2016
Best way to structure network Community Support	3	1782	February 1, 2017
Mask IP address on import Network	0	2013	February 4, 2023
How to block Virtual Machine IP? Community Support	0	393	October 13, 2016

Network Security

Related topics