I am setting up an ESXi host to put in my DMZ, and the P2V my existing DMZ machines. I have the VMware docs on DMZ Virtualization, but my question is one I don't see covered.
In our case, we will be using a virtual Brocade load balancer to route traffic into/out of the DMZ. My networking guys will be configuring that with me. My question:
In my vCenter, would defining an entirely separate datacenter, containing just the DMZ ESXi host(s), provide me with any benefits? I don't think so, as the traffic separation provided by the load balancer (and the vswitches it uses), and the VMs and the VLANs involved, is my line of defense and separation. That DMZ ESXi hots NICs go to a separate physical firewall; this is the device that actually routes the traffic.
So: I just add my DMZ ESXi host to my vCenter, but NOT to the datacenter I have defined for the production VMs.
Yes?
