We have a webserver that we need to be fully functional with things such as SQL server, Exchange, IIS etc. From a security point of view, I understand that these should be run separately, so with only one physical box, I assume that I would run these as separate VM’s on this box. I am totally new to VM’s, so what would you recommend the setup be on this box to achieve this? I have in mind something like the below;
Main system, probably a DC, not sure if IIS should be separate or not.
1 VM running Exchange
1 VM running SQL
I’m guessing that way only internal SQL requests from the IIS could be setup to be allowed? (I’ve only ever had the resources to run everything on the same box before now, and often recieve brute force attacks. Currently this is how our webserver is setup (DC, IIS, SQL, exchange all on same instance) but it needs to go “live” and I would like it more secure).
Am I understanding this correctly, or is there a better way to achieve this?