Up to now, we had a physically segmented network with internal and external different vtp domains/zones. Internal zone switches have a VLAN set, and external zone switches have a different VLAN set. VLANs are not propagated between different zones for security reasons, are isolated.
Currently, we just have started working with UCS+VMWARE, and we are facing some troubles. According to the previous model, if we virtualize servers within the internal zone in the UCS farm, we cannot virtualize servers within the external zone in the same UCS farm, since I would have to propagate external VLANs to the internal zone switches as well as to the UCS farm, mixing them. As a result of this, isolation would be lost.
I am trying to redesign all my core network, to adapt current infraestructure to the new one with UCS+VMWARE, without missing any point of security.
My major point, is to know whether it is posible to virtualize external and internal zone virtual machines in the same UCS farm, without compromising my network security.
Could you give me some advice or design guidelines?
Regards,
