Comprehensive data protection for all workloads
Post Reply
Posts: 10
Liked: never
Joined: Aug 10, 2011 7:48 pm
Full Name: Jamey Lanzalaco

Is a virtual lab truly isolated?

Post by jlaco1 »

I want to test out the virtual lab functionality but I would like to make sure of a couple things regarding the network aspect of it.

So, if I have a SQL Server vm that is running in production and I have a replica of it, if I create a virtual lab and spin up the replica of the prod SQL Server while the real one is still running on the same network, no conflicts happen? Is the replica totally isolated from the production network? Do machines on the production network talk through the Appliance NAT to get to the spun up replica on the masquerade network to test it? Thanks in advance for your help!
Chief Product Officer
Posts: 31025
Liked: 6429 times
Joined: Jan 01, 2006 1:01 am
Location: Baar, Switzerland

Re: Is a virtual lab truly isolated?

Post by Gostev »

Truly isolated. Virtual lab uses different virtual networks (not your production virtual networks), they are created as a part of virtual lab setup. So of course, VM running on one network cannot see anything that happens on another network. To give you physical world analogy, think two physically separate network in the same buildings (for example, belonging to different companies renting the offices in the same building). Of course, computers on these networks cannot "see" each other.

Virtual lab also provides what we call proxy appliance, which essentially acts as a router, and it routes requests sent to masquearade addresses onto the real address in the virtual lab network, and then it routes responses back to requestor in the production network. Only backup server itself can do it, because this, of course, requires updating router table on the actual server, and adding the corresponding route with proxy appliance IP as gateway for masquearade network (this happens automatically as a part of SureBackup job, so you don't have to think about that). While all other computers on your production network will not be able to reach computers in the virtual lab network, because their routing tables do not have the corresponding record, so Windows TCP/IP stack simply does not know how to handle traffic sent to those masquerade IP addresses.
Post Reply

Who is online

Users browsing this forum: chrisflyckelen, Gostev, Semrush [Bot] and 37 guests