While there are many ways to configure your virtualization host to connect to DMZ networks, there are some best practices that you should follow to help improve security and minimize the risks that could arise in connecting a host to a hostile network.

• Limit the number of people that can modify VM networks: While you can trust your hypervisor to provide a secure environment for your VMs, you shouldn’t necessarily trust your users and admins to do the right things. A hypervisor will do what it’s told to do, and configuration changes can potentially expose your VMs to hostile conditions. With physical servers, you have to physically unplug a cable from one switch and plug it into another to move it to another network. A VM, on the other hand, can easily be moved from an internal network to a DMZ network with a click of a but