Show simple record

dc.contributor.authorSingh, Shiv Raj
dc.description.abstractRESEARCH QUESTION: Is it secure to implement DMZ in a virtual network infrastructure? Sub-questions:  How can virtualized DMZs be implemented?  Which is the most secure type of virtual DMZ?  Which DMZ design is appropriate for a specific business requirement?  What impact will virtual DMZs have on information security in contrast to traditional DMZs?  What is to be avoided while deploying VMs in a DMZ? Virtualization is one of the most widely used technologies in modern day information technology datacentres. Companies like VMware, Citrix, Microsoft and Red Hat have invested a lot of money and expertise into making virtualization available to small and medium sized organizations with budget constraints. The technology is now very easy and physically flexible to deploy. Virtualization is so flexible that even traditional physical DMZs (demilitarized zones) can now be virtualized. Three different ways of deploying virtual DMZs are investigated in this research and the level of security provided by virtualized DMZs was compared to the level of security of traditional physical DMZs. Using VMware ESXi 4.1 as the hypervisor, a test bed was set up to determine which DMZ design was the most secure, whereas the DMZs represented a typical network of an organization. The test bed comprised domain controllers, an email server, DNS server, DHCP server, database server, application server and a web server, running as virtual machines within VMware ESXi 4.1; and these servers were split across a production and a DMZ environment. A quantitative research methodology approach was used to collect data with the help of vulnerability assessment tools to determine which virtual DMZ design was practical in regards to security in information technology. The results of the experiment indicate that each virtual DMZ design had an almost equal level of security and vulnerability. However, it was found that two virtual DMZ designs (design 2 and design 3), that leveraged less physical hardware resources were more secure than the traditional physical DMZ (deign 4). Level of security provided by the third virtual DMZ (design 1) was equally secure as the traditional physical DMZ. Further, an assessment of the above lead to the conclusion that various security elements; like firewalls and the inspection algorithms in the firewall, determine the level of security of a virtual DMZ. However, the requirement that virtual DMZs are more secure only where the configuration of these are considered to be made appropriately as in the physical set up of DMZsen_NZ
dc.rightsAll rights reserveden_NZ
dc.subjectvirtual DMZen_NZ
dc.subjectinformation securityen_NZ
dc.subjectquantitative researchen_NZ
dc.subjectvulnerability assessmenten_NZ
dc.titleVirtualization and information security : a virtualized DMZ design consideration using VMware ESXi 4.1en_NZ
dc.typeMasters Thesisen_NZ
dc.rights.holderAuthoren_NZ of Computingen_NZ Institute of Technologyen_NZ
dc.subject.marsden080303 Computer System Securityen_NZ
dc.identifier.bibliographicCitationSingh, S.R. (2012). Virtualization and information security: A virtualized DMZ design consideration using VMware ESXi 4.1. A thesis submitted in partial fulfilment of the requirements for the degree of Master of Computing, Unitec Institute of Technology, New Zealand.
dc.contributor.affiliationUnitec Institute of Technologyen_NZ
unitec.advisor.principalSathu, Hira
unitec.advisor.associatedShukla, Ranjana

Files in this item


This item appears in

Show simple record

 Unitec Institute of Technology, Private Bag 92025, Victoria Street West, Auckland 1142