> > Given that potentially sensitive information is flowing between the two > VMs, we want to prevent the host from being able to sniff on the traffic > between the two VMs. Is that possible in any way? If so, how can we > prevent the host to see traffic of the internal network? So why not have ipsec traffic between both? I think this is the only thing you can do against sniffing from the host. Although I don't really get if you can ever secure guests against their hosts.
