#VDI Tip 75: Use Private VLAN’s For Your Virtual Desktop Subnets

Use Private VLAN’s (PVLAN) with a secondary VLAN that is Isolated on a vNetwork Distributed Switch(vDS) to help prevent spread of malicious malware and viruses. This applies the your virtual desktops are on a different subnet than your connection servers and the rest of your data-center equipment. Desktops in the same Isolated PVLAN are not able to be seen by the others, except the selected ones in the promiscuous PVLAN. See no Evil, Hear no Evil?!?!?! Or is that the other way around 🙂

Make sure your physical switch supports Private VLAN’s.

The vDS comes is included with View Enterprise license.

Check out the following posts \videos to help you configure your vDS with Isolated mode.

Understanding vSphere Private VLANs For Fun and Profit

Configuration of Private VLAN (PVLAN) on vNetwork Distributed Switch

Private VLAN (PVLAN) on vNetwork Distributed Switch – Concept Overview

After attending BriForum I differently see the need for some security related posts. Physical PC’s and virtual desktops suffer from the same problem, they both have humans interacting with them. We (Humans) are crazy lot, we never do what you think we should and we are gullible when we see emails involving our co-workers wages. Despite having me or you in the driver seat I do think virtual desktops offer a better chance of preventing a possible breach. Sure if someone wants to get in and are properly motivated the will mostly likely succeed but why not make their life hard?


  1. Indeed, Private VLAN can be a great tool for VDI.

    Great post.

  2. If some one desires to be updated with newest technologies therefore he must be visit this web page and be up to date all
    the time.

Speak Your Mind