Secure networks

Demilitarized zone (DMZ) network is a secure network between an external and internal network. DMZ is a subnet that enhances the security of the internal networks. It provides access to the external network with an extra layer of security to the internal networks.

The DMZ networks are configured to be physically separate from the other networks. Single or dual firewalls can be used to set up the DMZ networks.

Secure network configuration

HPE Virtual Connect for c-Class BladeSystem and HPE Synergy do not have any specific configurations dedicated to DMZ configurations. Depending on the security requirements for a DMZ network separation, you could set up the required networks by defining the Ethernet networks, RoCE networks, network sets and their assignment to uplink sets, server profile templates, and server profiles. If air gap security is required, dedicated HPE Virtual Connect Ethernet modules and associated server network adapters must be configured.

Network access and privileges are controlled through scopes. The high-level administrators can define the resources and allocate only the designated compute and server profile templates with Read only and use rights to the server administrators. This access control restricts the range of operations or actions.