secure web access with a vmware virtual machine and a two-router de-militarized...
TRANSCRIPT
![Page 1: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/1.jpg)
1
SECURE WEB ACCESS
WITH A "VMWARE" VIRTUAL
MACHINE
AND A TWO-ROUTER
"DE-MILITARIZED ZONE" ("DMZ")
![Page 2: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/2.jpg)
2
Web location for this
presentation:
http://aztcs.orgClick on
“Meeting Notes”
![Page 3: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/3.jpg)
3
SUMMARY
From inside a "VMware" virtual
machine that connects with a
USB-to-Gigabit Ethernet
adapter to a two-router "De-
Militarized Zone" (DMZ), you
can access the Internet with the
maximum amount of protection
from malware.
![Page 4: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/4.jpg)
4
Demo: This presentation is
being made from within a
"Windows 7.." virtual machine
that is connected by means of
a USB-to-Gigabit Ethernet
Adapter to a Two-Router De-
Militarized Zone (DMZ).
![Page 5: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/5.jpg)
5
The "Windows 7.." virtual
machine is a single window
inside my "Windows 8.." host
computer:
![Page 6: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/6.jpg)
6
![Page 7: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/7.jpg)
7
Open up the "Network and
Sharing Center" inside the
"Windows 7.." virtual machine:
![Page 8: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/8.jpg)
8
![Page 9: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/9.jpg)
9
Click on "Change adapter
settings":
![Page 10: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/10.jpg)
10
![Page 11: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/11.jpg)
11
A "Network Connections"
windows will be displayed:
![Page 12: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/12.jpg)
12
![Page 13: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/13.jpg)
13
Note that the regular virtual
network adapter has been
disabled:
![Page 14: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/14.jpg)
14
![Page 15: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/15.jpg)
15
Use the RIGHT mouse button
to click on the "USB-to-Gigabit
Ethernet" adapter:
![Page 16: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/16.jpg)
16
![Page 17: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/17.jpg)
17
Click on "Properties" in the
pop-up context menu:
![Page 18: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/18.jpg)
18
![Page 19: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/19.jpg)
19
A "Properties" box will be
displayed for the USB-to-
Gigabit Ethernet adapter:
![Page 20: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/20.jpg)
20
![Page 21: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/21.jpg)
21
![Page 22: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/22.jpg)
22
Explanation of the Demo:
The virtual machine connects by
means to a USB-to-Gigabit
Ethernet Adapter to a Two-Router
DMZ for secure Internet access.
This configuration blocks the
access of malware to the other
computers in my local network.
![Page 23: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/23.jpg)
23
Two Problems With Accessing the Internet
From a Typical "Windows.." Computer
• Problem 1: When you add a real
or virtual "Windows.." computer to
an existing local area network,
"Windows.." automatically defaults
to file sharing. File sharing provides
an "attack vector" for any malware
that finds its way into your
computer when you are accessing
the Internet.
![Page 24: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/24.jpg)
24
Two Problems With Accessing the
Internet.. (continued)
• Problem 2: Even when you
proactively turn off file sharing in
various configuration screens in
"Windows..", it is easy for the
unsuspecting end-user or
malware from the Internet to turn
it back on.
![Page 25: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/25.jpg)
25
Physical configuration
diagram for an
unsecure, default
virtual machine:
![Page 26: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/26.jpg)
Internet
"VMware Player" Software Program
"Windows 10"
Virtual Machine
Cat
5/5e/6/6a
Cable
Real Host Computer Runs "Windows 8.1" Real
Ethernet
Adapter
of the
Host
Computer
Router 2WAN side LAN side
Virtual Router
Broadband
Modem
Virtual
Ethernet
Adapter
VMNet8
for host
Cat
5/5e/6/6a
Cable
Virtual
Ethernet
Adapter
of the
Virtual
Machine
![Page 27: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/27.jpg)
27
Logical configuration
diagram for an
insecure, default
virtual machine:
![Page 28: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/28.jpg)
"Windows 10"
Virtual Machine
Cat
5/5e/6/
6a
Cable
Real
Host
Computer
Runs
"Windows 8.1"
Router 2WAN side LAN side
Virtual Router
Virtual Ethernet
Adapter
VMNet8 for the
host computer
Real
Ethernet
Adapter
of the
Host
Computer
Virtual
Ethernet
Adapter
of the
Virtual
Machine
Broadband
Modem
Internet
Cat 5/5e/6/6a Cable
![Page 29: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/29.jpg)
29
Simplified, logical
configuration diagram
for an unsecure,
default virtual
machine:
![Page 30: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/30.jpg)
"Windows 10"
Virtual Machine
Real
Host
Computer
Runs
"Windows 8.1"
Router 2WAN side LAN side
Virtual Router
Virtual
Ethernet
Adapter
of the
Virtual
Machine
Broadband
Modem
Internet
Virtual
Ethernet
Adapter
VMNet8 for
the host
computer
Real
Ethernet
Adapter
of the
Host
Computer
![Page 31: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/31.jpg)
31
Further, simplified,
logical configuration
diagram for an
unsecure, default
virtual machine:
![Page 32: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/32.jpg)
"Windows 10" Virtual Machine
Real
Host
Computer
Runs
"Windows 8.1"
Router 2WAN side LAN side
Virtual Router
Virtual
Ethernet
Adapter
of the
Virtual
Machine
Broadband
Modem
Internet
Virtual
Ethernet
Adapter
VMNet8 for
the host
computer
![Page 33: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/33.jpg)
33
"De-Militarized Zone"
(= "DMZ")
Using A Second
Router Interjected Into
An Existing Local
Network":
![Page 34: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/34.jpg)
34
To make the network more secure:
Insert a second "Secure" router
between the current router and the
host computer.
Insert a "USB to .." network
adapter between the virtual
machine and the original router.
Disconnect the virtual Ethernet
adapter of the virtual machine:
![Page 35: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/35.jpg)
35
![Page 37: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/37.jpg)
37
Physical configuration
diagram for the
"Secure Web" virtual
machine:
![Page 38: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/38.jpg)
Internet
"VMware Player" Software Program
"Windows 10" Virtual Machine
Real
USB to
Gigabit
Ethernet
AdapterUSB
Cable
Cat 5/5e/6
Cable
Cat 5/5e/6
Cable
Real Host ComputerReal
Ethernet
Adapter
of the
Host
Computer
which
runs
"Windows
8.1
Router 1WAN side LAN side
Router 2WAN side LAN side
DMZ
Virtual
USB Port
of the
Virtual
Machine
Secure
Local
Network
Broadband
Modem
![Page 39: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/39.jpg)
39
Logical configuration
diagram for the
"Secure Web" virtual
machine:
![Page 40: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/40.jpg)
Internet
"Windows 10" Virtual Machine
Real
USB to
Gigabit
Ethernet
Adapter
USB
Cable
Cat 5/5e/6/6A Cable
Cat
5/5e/6/6a
Cable
Real Host
Computer Runs
"Windows 8.1"
Real
Ethernet
Adapter
of Host
Computer
Router 1WAN side LAN side
Router 2WAN side LAN side
DMZ
Virtual
USB Port
of the
Virtual
Machine
Secure
Local
Network
Broadband
Modem
![Page 41: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/41.jpg)
The virtual "NAT Router
that is provided by "VMware
Player" is not in use:
![Page 42: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/42.jpg)
42
Simplified, logical
configuration diagram
for the "Secure Web"
virtual machine:
![Page 43: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/43.jpg)
Internet
"Windows 10" Virtual Machine
USB
Cable
Cat 5/5e/6/6A Cable
Cat
5/5e/6/6a
Cable
"Windows 7"
Host Computer
Real
Ethernet
Adapter
of Host
Computer
Router 1WAN side LAN side
Router 2WAN side LAN side
DMZ
Virtual
USB Port of
"Windows
10" Virtual
Machine
Secure
Local
Network
Broadband
Modem
![Page 44: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/44.jpg)
44
A Four-Part Solution for Secure Web
Access
• Solution Part 1: Disconnect the
default virtual Ethernet network
adapter of the virtual machine.
• Solution Part 2: Provide the virtual
machine with a USB-to-Gigabyte
Ethernet adapter.
![Page 45: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/45.jpg)
45
A Four-Part Solution for Secure Web
Access (continued)
• Solution Part 3: Add an extra router
to your local network in order to
create a two-router "De-Militarized
Zone" (DMZ).
![Page 46: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/46.jpg)
46
A Four-Part Solution for Secure Web
Access (continued)
• Solution Part 4: Connect the virtual
machine to the two-router De-
Militarized Zone (DMZ), using the
USB-to-Gigabit Ethernet adapter
that you installed in "Solution Part
2".
![Page 47: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/47.jpg)
47
Solution Part 1: Disconnect the default
virtual Ethernet network adapter of the
virtual machine:
• Disconnect the default virtual
network adapter of the virtual
machine in order to prevent end-
users and malware from accessing
the various virtual routers that could
connect the virtual machine to other
computers on your local network:
![Page 48: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/48.jpg)
48
Solution Part 1, Step 101:
Start VMware Player:
![Page 49: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/49.jpg)
49
Solution Part 1, Step 102:
The "VMware Player" window will
be displayed:
![Page 50: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/50.jpg)
50
![Page 51: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/51.jpg)
51
Solution Part 1, Step 103:
The "VMware Player" window will
be displayed:
![Page 52: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/52.jpg)
52
![Page 53: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/53.jpg)
53
Solution Part 1, Step 104:
Click once on the virtual machine
that you wish to use:
![Page 54: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/54.jpg)
54
![Page 55: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/55.jpg)
55
Solution Part 1, Step 105:
Click once on "Edit virtual machine
settings":
![Page 56: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/56.jpg)
56
![Page 57: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/57.jpg)
57
Solution Part 1, Step 106:
Click once on "Network Adapter":
![Page 58: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/58.jpg)
58
![Page 59: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/59.jpg)
59
Solution Part 1, Step 107:
Select the "LAN Segment" option
button in the "Network Connection
section:
![Page 60: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/60.jpg)
60
![Page 61: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/61.jpg)
61
Solution Part 1, Step 108:
Click on the "LAN Segments.."
button:
![Page 62: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/62.jpg)
62
![Page 63: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/63.jpg)
63
Solution Part 1, Step 109:
A "Global LAN Segments" box will
be displayed:
![Page 64: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/64.jpg)
64
![Page 65: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/65.jpg)
65
Solution Part 1, Step 110:
Click on the "Add" button of the
"Global LAN Segments" box:
![Page 66: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/66.jpg)
66
![Page 67: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/67.jpg)
67
Solution Part 1, Step 111:
A new LAN Segment will be
displayed:
![Page 68: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/68.jpg)
68
![Page 69: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/69.jpg)
69
Solution Part 1, Step 112:
Click on the "Rename" button:
![Page 70: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/70.jpg)
70
![Page 71: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/71.jpg)
71
Solution Part 1, Step 113:
Provide the new LAN segment with
an appropriate name such as
"Virtual LAN segment for isolating
the "Windows 7 Enterprise Trial"
64-bit virtual machine created on
2013-02-04".
![Page 72: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/72.jpg)
72
![Page 73: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/73.jpg)
73
![Page 74: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/74.jpg)
74
Solution Part 1, Step 114:
Click on the "OK" button of the
"Global LAN Segments" box:
![Page 75: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/75.jpg)
75
![Page 76: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/76.jpg)
76
Solution Part 1, Step 115:
Click on the "OK" button of the
"Virtual Machine Settings" box:
![Page 77: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/77.jpg)
77
![Page 78: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/78.jpg)
78
Solution Part 2: Provide the virtual
machine with a USB-to Gigabit Ethernet
adapter
• Provide the virtual machine with
a USB-to-Gigabit Ethernet
adapter:
![Page 79: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/79.jpg)
79
Solution Part 2, Step 201: (For
your information, in "Solution Part 4", you will
perform two actions:
Action 1: Disconnect the Ethernet side of the
adapter from the router that the host computer is
connected to and connect it to a new router that
provides a "De-Militarized Zone" (DMZ) for
isolating the host computer and other computers
from harmful malware.
Action 2: You will be virtually disconnecting this
USB-to-Gigabit Adapter from the host computer
and then connecting it to a virtual machine that
will be used for secure Internet access.
![Page 80: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/80.jpg)
80
Solution Part 2, Step 201:
Follow the manufacturer's instructions
to install the USB-to-Gigabit Ethernet
adapter into your real, physical
computer. During this initial installation,
you will be using a Cat 5/5e/6 cable to
TEMPORARILY connect the network
jack of the USB-to-Gigabit Ethernet
adapter to an active LAN port on the
router that your host computer is
currently attached to:
![Page 81: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/81.jpg)
81
![Page 82: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/82.jpg)
82
Solution Part 3: Add an extra
router..(continued)
• Despite marketing claims by
router manufacturer's that that
you can have a DMZ inside a
single router by doing "port
forwarding" inside a single router,
you need TWO separate routers
in order to create a secure DMZ.
![Page 83: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/83.jpg)
83
Solution Part 3: Add an extra router to
your local network in order to create a
two-router "De-Militarized Zone" (DMZ)
• Despite marketing claims by
router manufacturer's that that
you can have a DMZ inside a
single router by doing "port
forwarding" inside a single router,
you need TWO separate routers
in order to create a secure DMZ.
![Page 84: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/84.jpg)
84
Solution Part 3: Add an extra
router..(continued)
• The basic configuration for a two-
router DMZ is as follows:
![Page 85: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/85.jpg)
85
![Page 86: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/86.jpg)
Internet
Broadband
Modem
Cat 5/5e/6
Cable
Real Host ComputerReal
Ethernet
Adapter
of Host
Computer
Router 2WAN side LAN side
Cat 5/5e/6 Cable
![Page 87: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/87.jpg)
87
Solution Part 3: Add an extra
router..(continued)
• After you add in the second
router, your network
configuration, which will now
have a DMZ, will be as follows:
![Page 88: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/88.jpg)
Internet
Broadband
Modem
Cat 5/5e/6
Cable
Real Host Computer
Real
Ethernet
Adapter
of Host
Computer
Router 1WAN side LAN side
Router 2WAN side LAN side
DMZ Secure
Local
Network
![Page 89: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/89.jpg)
89
Solution Part 3: Add an extra
router..(continued)
• Configure the two routers so that
they do not use the same private
IP addresses:
![Page 90: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/90.jpg)
Internet
Broadband
Modem
Router 1WAN side LAN side
Router 2WAN side LAN side
DMZ Secure
Local
Network
192.168.1.50
192.168.1.51
192.168.1.52
192.168.1.53
192.168.1.54
etc.
192.168.2.50
192.168.2.51
192.168.2.52
192.168.2.53
192.168.2.54
etc.
![Page 91: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/91.jpg)
91
Solution Part 4: Connect the virtual
machine to the two-router "De-Militarized
Zone" (DMZ)
• Connect the "VMware" virtual
machine to a two-router "De-
Militarized Zone" (DMZ), using
the USB-to-Gigabit Ethernet
adapter that you installed in
"Solution Part 2".
![Page 92: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/92.jpg)
92
Physical configuration
diagram for the
"Secure Web" virtual
machine:
![Page 93: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/93.jpg)
Internet
"VMware Player" Software Program
Broadband
Modem
"Windows 7" Virtual Machine
Real
USB to
Gigabit
Ethernet
AdapterUSB
Cable
Cat 5/5e/6
Cable
Cat 5/5e/6
Cable
Real Host ComputerReal
Ethernet
Adapter
of Host
Computer
Router 1WAN side LAN side
Router 2WAN side LAN side
DMZ
Virtual
USB Port of
"Windows
7" Virtual
Machine
Secure
Local
Network
![Page 94: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/94.jpg)
94
Logical configuration
diagram for the
"Secure Web" virtual
machine:
![Page 95: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/95.jpg)
Internet
Broadband
Modem
"Windows 7" Virtual Machine
Real
USB to
Gigabit
Ethernet
Adapter
USB
Cable
Cat 5/5e/6 Cable
Cat 5/5e/6
Cable
Real Host
Computer
Real
Ethernet
Adapter
of Host
Computer
Router 1WAN side LAN side
Router 2WAN side LAN side
DMZ
Virtual
USB Port of
"Windows
7" Virtual
Machine
Secure
Local
Network
![Page 96: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/96.jpg)
96
Solution Part 4, Step 401:
Use a Cat 5/5e/6 cable to connect
the USB-to-Gigabit Ethernet
adapter to a LAN jack on the router
that is part of the "De-Militarized
Zone" (DMZ)
![Page 97: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/97.jpg)
97
Solution Part 4, Step 402:
Start VMware Player:
![Page 98: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/98.jpg)
98
Solution Part 4, Step 403:
A "VMware Player" window will be
displayed:
![Page 99: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/99.jpg)
99
![Page 100: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/100.jpg)
100
Solution Part 4, Step 404:
Click once on the virtual machine
that you wish to use:
![Page 101: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/101.jpg)
101
![Page 102: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/102.jpg)
102
Solution Part 4, Step 405:
Click once on "Play virtual
machine":
![Page 103: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/103.jpg)
103
![Page 104: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/104.jpg)
104
Solution Part 4, Step 406:
If a "A USB device is about to be
unplugged.." message pops up,
click once on its "OK" button:
![Page 105: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/105.jpg)
105
![Page 106: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/106.jpg)
106
Solution Part 4, Step 407:
If a "Removable Devices"
message pops up, click once on
its "OK" button:
![Page 107: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/107.jpg)
107
![Page 108: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/108.jpg)
108
![Page 109: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/109.jpg)
109
![Page 110: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/110.jpg)
110
Solution Part 4, Step 408:
Click on the "Player" button:
![Page 111: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/111.jpg)
111
![Page 112: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/112.jpg)
112
Solution Part 4, Step 409:
Click on "Removable Devices":
![Page 113: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/113.jpg)
113
![Page 114: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/114.jpg)
114
Solution Part 4, Step 410:
Click on the USB-to-Gigabit
Adapter:
![Page 115: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/115.jpg)
115
![Page 116: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/116.jpg)
116
Solution Part 4, Step 411:
Click on
"Connect (Disconnect from host)"
![Page 117: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/117.jpg)
117
![Page 118: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/118.jpg)
118
Solution Part 4, Step 412:
Click on the "OK" button of the "A
USB device is about to be
unplugged.." warning:
![Page 119: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/119.jpg)
119
![Page 120: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/120.jpg)
120
Solution Part 4, Step 413:
Follow the manufacturer's
instructions for installing the USB-
to Gigabit Ethernet adapter into
the virtual machine.
![Page 121: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/121.jpg)
121
Solution Part 4, Step 414:
If you need to attach a CD to the
virtual machine: Click on "Player",
click on "Removable Devices", click
on "CD", click on "Settings", etc.
![Page 122: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/122.jpg)
122
![Page 123: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/123.jpg)
123
Solution Part 4, Step 415:
Double-click on "Network and
Sharing Center" in the "Control
Panel":
![Page 124: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/124.jpg)
124
![Page 125: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/125.jpg)
125
Solution Part 4, Step 416:
Click on "Change adapter settings":
![Page 126: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/126.jpg)
126
![Page 127: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/127.jpg)
127
Solution Part 4, Step 417:
Make sure that the default virtual
network adapter remains disabled
since you disabled it in "Solution
Part 1":
![Page 128: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/128.jpg)
128
![Page 129: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/129.jpg)
129
Solution Part 4, Step 418:
Use the RIGHT mouse button to
perform a click on the USB-to-
Gigabit Ethernet adapter:
![Page 130: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/130.jpg)
130
![Page 131: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/131.jpg)
131
Solution Part 4, Step 419:
Click on "Status" in the popup
context menu:
![Page 132: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/132.jpg)
132
![Page 133: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/133.jpg)
133
Solution Part 4, Step 420:
Check the Internet and local
network status of the "USB-to
Gigabyte Ethernet" adapter:
![Page 134: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/134.jpg)
134
![Page 135: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/135.jpg)
135
Solution Part 4, Step 421:
Close the "Local Area
Connection..Status" window by
clicking on the "x" button in its
upper-right corner:
![Page 136: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/136.jpg)
136
![Page 137: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/137.jpg)
137
Solution Part 4, Step 422:
Shut down the virtual machine.
![Page 138: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/138.jpg)
138
![Page 139: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/139.jpg)
139
![Page 140: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/140.jpg)
140
Solution Part 4, Step 423:
Close the "VMware Player"
windows by clicking on the "x"
button in its upper-right corner:
![Page 141: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/141.jpg)
141
![Page 142: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/142.jpg)
142
Solution Part 4, Step 424:
Look at the Taskbar bar of the host
computer and make sure that no
additional "VMware" virtual machines
and no additional copies of "VMware
Player" are turned on. If you find a
VMware Player "Task button",
double-click on it and turn off the
corresponding VMware virtual
machine or copy of "VMware Player".
![Page 143: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/143.jpg)
143
Solution Part 4, Step 425:
Start the "Control Panel":
![Page 144: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/144.jpg)
144
![Page 145: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/145.jpg)
145
Solution Part 4, Step 426:
Double-click on "Network and
Sharing Center":
![Page 146: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/146.jpg)
146
![Page 147: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/147.jpg)
147
Solution Part 4, Step 427:
Note that in this example, "Network and Sharing
Center" is showing the existence of three
networks:
"Network" is the original network that is
connected to the motherboard-based net.
"Network 4" is the USB-to-Gigabit Ethernet
adapter which is still connected to the DMZ. (We
need to disconnect "Network 4" ASAP for safety.)
"Unidentified network" is the 4 virtual networks
that are provided by the "VMware Player" virtual
machine program.
![Page 148: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/148.jpg)
148
![Page 149: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/149.jpg)
149
Solution Part 4, Step 428:
Click on "Change adapter settings":
![Page 150: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/150.jpg)
150
![Page 151: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/151.jpg)
151
Solution Part 4, Step 429:
A "Network Connections" window will
be displayed:
![Page 152: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/152.jpg)
152
![Page 153: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/153.jpg)
153
Solution Part 4, Step 430:
Use the RIGHT mouse button to click
on the "USB-to-Gigabit Ethernet"
adapter:
![Page 154: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/154.jpg)
154
![Page 155: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/155.jpg)
155
Solution Part 4, Step 431:
A popup context menu will be
displayed:
![Page 156: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/156.jpg)
156
![Page 157: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/157.jpg)
157
Solution Part 4, Step 432:
Click on "Disable" in the popup
context menu:
![Page 158: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/158.jpg)
158
![Page 159: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/159.jpg)
159
Solution Part 4, Step 433:
The USB-to-Gigabit Ethernet adapter
will now show a status of "Disabled":
![Page 160: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/160.jpg)
160
![Page 161: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/161.jpg)
161
Solution Part 4, Step 434:
Close the "Network Connections"
window by clicking on the "x" button
in its upper-right corner:
![Page 162: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/162.jpg)
162
![Page 163: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/163.jpg)
163
Solution Part 4, Step 435:
Close the "Control Panel" window by
clicking on the "x" button in its upper-
right corner:
![Page 164: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/164.jpg)
164
![Page 165: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/165.jpg)
165
This Scheme for Secure Web Access
Does Not Work Well With Other "Virtual
Machine Programs"
• While we have had great
success with virtual machines
running inside of "VMware
Player" and "VMware
Workstation", we have not had
no success with other "Virtual
Machine Programs":
![Page 166: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/166.jpg)
166
This Scheme for Secure Web Access
Does Not Work Well With Other "Virtual
Machine Programs" (continued)
• "Hyper-V" (which is bundled with
"Windows 8 Pro" and "Windows 8
Enterprise") has no direct support
for connecting USB devices to
virtual machines so it is not
possible to attach a virtual machine
in "Hyper-V" to an external USB-to-
Gigabit Adapter".
![Page 167: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/167.jpg)
167
This Scheme for Secure Web Access Does Not
Work Well With Other "Virtual Machine
Programs" (continued)
• "Windows Virtual PC" (which is
available for free in "Windows 7
Professional" and "Windows 7
Enterprise") has no direct support for
connecting USB devices to virtual
machines so it is not possible to attach
a virtual machine in "Windows Virtual
PC" to an external USB-to-Gigabit
Adapter".
![Page 168: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/168.jpg)
168
This Scheme for Secure Web Access Does Not
Work Well With Other "Virtual Machine
Programs" (continued)
• "Oracle VM VirtualBox" (which runs in
"Windows XP", "Windows Vista",
"Windows 7", "Windows 8", and Mac OS
X) has unreliable support for connecting
USB devices to virtual machines so we
have found it too much of a challenge to
attach a virtual machine in "Oracle VM
VirtualBox" to a USB-to-Gigabit Ethernet
adapter.
![Page 169: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/169.jpg)
169
USB-to-Ethernet Adapters
• StarTech's model
USB21000S works well
with "Windows 8"
computers, even through it
does not say so on the box.
It also worked well in our
Macs:
![Page 170: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/170.jpg)
170
![Page 171: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/171.jpg)
171
![Page 172: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/172.jpg)
172
USB-to-Ethernet Adapters
• SIIG's model JU-NE0111-
S1U works well with
"Windows 8" and Mac "OS
X"computers, even through
it does not say so on the
box:
![Page 173: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/173.jpg)
173
![Page 174: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/174.jpg)
174
USB-to-Ethernet Adapters
• Apple's model A1277 works well
with "Windows 7" and "Windows
8", even through it does not say
so on the box. See
http://store.apple.com/us/product/
MC704ZM/A/apple-usb-ethernet-
adaptor#overview-5:
![Page 175: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/175.jpg)
175
USB-to-Ethernet Adapters
• "Windows.." drivers for
Apple's model A1277 are
available at
http://tnkgrl.wordpress.com
/2008/02/10/windows-
drivers-for-apple-usb-
ethernet-adapter/
![Page 176: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/176.jpg)
176
![Page 177: SECURE WEB ACCESS WITH A VMWARE VIRTUAL MACHINE AND A TWO-ROUTER DE-MILITARIZED …aztcs.org/meeting_notes/winhardsig/secureWeb/secureWeb.pdf · 2019-06-10 · two-router "De-Militarized](https://reader033.vdocuments.us/reader033/viewer/2022042214/5eb925b58ded3870550eedab/html5/thumbnails/177.jpg)
177
REFERENCES AND ADDITIONAL
READING:
• http://www.grc.com/nat/nat.htm
• http://en.wikipedia.org/wiki/DMZ_(c
omputing)
• http://dfarq.homeip.net/2011/11/ho
w-to-make-a-dmz-with-two-routers/
• http://www.boutell.com/newfaq/crea
ting/dmz.html