Virtual Networking Support?

This is used for general discussion that is not necessarily server-related.
Post Reply
LaxSlash
New to forums
New to forums
Posts: 2
https://www.youtube.com/channel/UC40BgXanDqOYoVCYFDSTfHA
Joined: Sat Dec 05, 2020 2:56 pm

Virtual Networking Support?

Post by LaxSlash »

Feature suggestion - what would the chances be of getting something like Azure Virtual Networking for NFOServers?

https://docs.microsoft.com/en-us/azure/ ... 20networks.

It'd be great for VPS management security, for example.....
User avatar
Edge100x
Founder
Founder
Posts: 12945
Joined: Thu Apr 18, 2002 11:04 pm
Location: Seattle
Contact:

Re: Virtual Networking Support?

Post by Edge100x »

You could certainly create a VPN to connect your services here (or anywhere else), and optionally encrypt it. This is something that many customers do. In terms of security, it shouldn't be necessary unless you are transmitting sensitive data over the open internet and worried that a 3rd party might snoop your traffic.

For VDS management, I recommend using standard encrypted channels (such as RDP or SSH) and setting up the Firewall page to limit access to the IPs of known users.
LaxSlash
New to forums
New to forums
Posts: 2
Joined: Sat Dec 05, 2020 2:56 pm

Re: Virtual Networking Support?

Post by LaxSlash »

Edge100x wrote: Sun Dec 06, 2020 1:01 pm You could certainly create a VPN to connect your services here (or anywhere else), and optionally encrypt it. This is something that many customers do. In terms of security, it shouldn't be necessary unless you are transmitting sensitive data over the open internet and worried that a 3rd party might snoop your traffic.

For VDS management, I recommend using standard encrypted channels (such as RDP or SSH) and setting up the Firewall page to limit access to the IPs of known users.
These would require VPN clients on the servers themselves, though. The issue with doing that is that the servers must still have a direct connection to the internet, leaving a potential attack vector if the VPN Client itself were to ever have a vulnerability that got discovered.

This would allow either another virtual server to act as a gateway of sorts, or optionally, could also be built right into NFO in the same way that Microsoft does it. An alternative to that would be something like allowing a VDS to use "Internal Networking," where it can only network with other VD/PSs on your account, with no direct connection out to the internet. One VM could then be setup to run PfSense, used as a gateway/router/firewall to the internet for all of the other ones.
Post Reply