Comprehensive data protection for all workloads
Post Reply
jlaco1
Influencer
Posts: 10
Liked: never
Joined: Aug 10, 2011 7:48 pm
Full Name: Jamey Lanzalaco
Contact:

Is a virtual lab truly isolated?

Post by jlaco1 » Aug 11, 2011 8:18 pm

I want to test out the virtual lab functionality but I would like to make sure of a couple things regarding the network aspect of it.

So, if I have a SQL Server vm that is running in production and I have a replica of it, if I create a virtual lab and spin up the replica of the prod SQL Server while the real one is still running on the same network, no conflicts happen? Is the replica totally isolated from the production network? Do machines on the production network talk through the Appliance NAT to get to the spun up replica on the masquerade network to test it? Thanks in advance for your help!

Gostev
SVP, Product Management
Posts: 24813
Liked: 3573 times
Joined: Jan 01, 2006 1:01 am
Location: Baar, Switzerland
Contact:

Re: Is a virtual lab truly isolated?

Post by Gostev » Aug 11, 2011 8:44 pm

Truly isolated. Virtual lab uses different virtual networks (not your production virtual networks), they are created as a part of virtual lab setup. So of course, VM running on one network cannot see anything that happens on another network. To give you physical world analogy, think two physically separate network in the same buildings (for example, belonging to different companies renting the offices in the same building). Of course, computers on these networks cannot "see" each other.

Virtual lab also provides what we call proxy appliance, which essentially acts as a router, and it routes requests sent to masquearade addresses onto the real address in the virtual lab network, and then it routes responses back to requestor in the production network. Only backup server itself can do it, because this, of course, requires updating router table on the actual server, and adding the corresponding route with proxy appliance IP as gateway for masquearade network (this happens automatically as a part of SureBackup job, so you don't have to think about that). While all other computers on your production network will not be able to reach computers in the virtual lab network, because their routing tables do not have the corresponding record, so Windows TCP/IP stack simply does not know how to handle traffic sent to those masquerade IP addresses.

Post Reply

Who is online

Users browsing this forum: Bing [Bot], jayscarff, PetrM and 28 guests