8

Before the virtualization era, it was recommended to have several network card on a physical server :

  • 1 for production dedicated network (only application's stream like http, SQL*NET, ...)
  • 1 for administration network (ssh, monitoring, ...)
  • 1 for backup network (netbackup, ...)

These recommendations had security and ops advantages: network port for administration or backup purpose are not available on production facing network, dedicated bandwidth for backup that doesn't impact production bandwidth, ...

With virtualized servers and network are multiple network card/interface still recommended ?

Improve this question
3
  • Which multiple interfaces do you mean? Physical cards on the host or virtual interfaces on the guest? Commented Oct 31, 2012 at 23:15
  • Virtual interfaces on the guest. Commented Nov 1, 2012 at 10:38
  • Probably not then Commented Nov 14, 2012 at 3:22

1 Answer 1

Reset to default
10

It depends on your security goals. Separate interfaces have been used not only for the advantages you stated, but also to keep the dedicated networks, storage and backup networks, and the administration networks logically segregated. Just because an infrastructure is virtualized doesn't mean that the need for network segregation goes away.

If you lump all these networks together into one you are no longer able to enforce specific security rules for each, so if you have a security requirement to keep these networks separate before virtualization then you need to keep them separated after virtualization.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.