FiNaR wrote:each VM has internet access, but only VM3 will be accessible via internet
FiNaR wrote:By "not accessible via Internet", I meant that I should not be able to access them with Remote Desktop... but yes, they would need Internet Access,
OK, so each guest would be connected through NAT or "NAT network". They are slightly different setups.
If you want the guests to talk to each other as well as the internet, use "NAT network". NAT network (manual section 6.4) is like a house router, with a WAN port that connects to your physical PC's network, and a set of LAN ports, one for each guest you desire to connect to the network. Each guest will get an IP address from the NAT network's DHCP server, or you can turn that off and use static IPs in the NAT network IP range. See the main Virtualbox window, File menu, Preferences, Network. Connect guest network cards using the NAT network's name. You can open ports to any desired guest through the NAT network. Internet traffic coming to the host PC on those ports will divert into the desired guest OS.
If you want each guest independently accessing the internet but not able to talk to each other, use "NAT" on each guest. NAT is "NAT network"'s older cousin. NAT is also like a house router, but with only one LAN port, and it can communicate only with the one network card it is attached to in the guest, nothing else. You can access internet and port forward into the guest with NAT just like with NAT network. However, each guest cannot talk to the other guests unless you put another network card into the guests. Each guest will get the same IP address, 10.0.2.15, and Virtualbox will keep track of which is which when routing internet traffic.
Keep in mind that to the NAT or NAT-networked guests, the host and LAN are just more PCs on the internet, and the guest will be able to get to the host PC's services & shared folders, as well as other things on the host's LAN, via IP addresses. The host PC and the LAN can't get to the guests unless you open ports.
Keeping the Ubuntu host off the internet is done in the router. You might have to set a static IP in Ubuntu, in the IP range that the router handles, if the router cannot block internet by the Ubuntu PC's MAC address or network name.
FiNaR wrote:four physical HD attached to each image?
four raw-disk-access drives for
each guest? That sounds like a really well-provisioned host PC!
Ask in a different new post about doing raw disk access.
FiNaR wrote:having multiple HDs (physical) and multiple LAN cards (physical) does it make it "more secure"
More secure, no, not really. Raw disk access is just another way to have the guest store its data. It isn't more or less secure. More info can be had if you want, in the other post on raw disk.