Is it possible to isolate client Hyper-V without requiring multiple NICs on the host?

We are considering deploying Windows 8.1 (or Windows 10) client Hyper-V to about 50 users and manage them via Hyper-V Manager from a 2012 R2 server or IT workstation running Windows 10 with Hyper-V Manager from the RSAT tools.

The plan is for the users to have a semi-locked down physical workstation they will use for Office, Internet access, email, IM and other apps that work fine with a limited user account.  

The users that are developers will have a Hyper-V VM running a Windows clients that they will have full admin access to run developer and debugging tools, do snapshots etc. and it will need to have access to a development network and restricted access only for a whitelist of IP ranges and domains so that  Internet restrictions cannot be bypassed by using VPNs or proxies.

Is it possible for the Hyper-V client machine to have network access to a separate and isolated network without the host having to have two NICs connected to two different wall ports?

We need to keep the VM isolated on its own network and away from the regular office and production network. If the VM became infected with malware, we don't want it to be physically possible for malware to to spread between the host and the VM or between the host network and the VM's network.

If there are two NICs, it would be pretty easy for the user to bypass security by simply swapping the cables.



  • Edited by MyGposts 2 hours 37 minutes ago
July 11th, 2015 12:45am

Consider VLANs. This will require switches that allow for VLAN infrastructure.

M.

IMHO:

1. The more complicated infrastructure, the harder the troubleshooting in case of problems.

2. For power worker two physical computer pays off.

3. Consider RDS

Free Windows Admin Tool Kit Click here and download it now
July 11th, 2015 3:14am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics