I'd like to think that I'm fairly tech savvy. I'm able to be brought up to speed on new topics fairly quickly. However, I am always in search for more knowledge and proper procedures!
I have been using Proxmox in by basement cluster for a few years now. I've never ran into any major issues. I love Proxmox. However, I do have some confusions on the best practices when using Proxmox in a Data Center. Currently in my basement, I have a Cable Modem > Netgear Router > Managed Switch > 2 Proxmox Servers. I've never really worried about security since the Proxmox Servers have always been behind the Netgear Router's firewall. The only port forwarding I enabled was 80 and 443 to a Container on one of the Proxmox servers. It acted as a reverse proxy gateway to handle the internet traffic based on the domain name. On the servers, I had multiple Ruby on Rails containers, Web server containers and MySQL Server containers. Everything works flawlessly.
My confusion is if I were to buy a couple of rack servers and want to put these in a local data center, how would I maintain the security? What is the best practice?
Should I purchase a hardware firewall that will be in between the network at the data center and the servers I'm racking?
Would this firewall contain all of the Public IP Addresses and I would port forward them as needed?
Outside of using a DHCP server, what is the best practice for having local IP addresses for the containers?
I think that I'm just making it more complicated than it needs to be.
I have been using Proxmox in by basement cluster for a few years now. I've never ran into any major issues. I love Proxmox. However, I do have some confusions on the best practices when using Proxmox in a Data Center. Currently in my basement, I have a Cable Modem > Netgear Router > Managed Switch > 2 Proxmox Servers. I've never really worried about security since the Proxmox Servers have always been behind the Netgear Router's firewall. The only port forwarding I enabled was 80 and 443 to a Container on one of the Proxmox servers. It acted as a reverse proxy gateway to handle the internet traffic based on the domain name. On the servers, I had multiple Ruby on Rails containers, Web server containers and MySQL Server containers. Everything works flawlessly.
My confusion is if I were to buy a couple of rack servers and want to put these in a local data center, how would I maintain the security? What is the best practice?
Should I purchase a hardware firewall that will be in between the network at the data center and the servers I'm racking?
Would this firewall contain all of the Public IP Addresses and I would port forward them as needed?
Outside of using a DHCP server, what is the best practice for having local IP addresses for the containers?
I think that I'm just making it more complicated than it needs to be.