Some highly confidential applications cannot tolerate the possibility of any remote connection or exploit. Machines that require this level of security are usually kept in access restricted rooms and often built without network cards. This type of configuration is a recommended best practice for credential originating systems such as a root certificate authority where the compromise of the root keys would put all certificates and applications that were signed by that authority at risk.
Although some of Oracle VM's features such as High Availability and Master Failover are not available without a network, peer Oracle VM Servers and shared storage, the product can be configured for single-node service where VMs can provide these secure applications using a local text console, host networking and/or a shared disk to access them.
If host based network security and traffic restriction is needed between virtual machines on the same host, the ebtables application can provide Ethernet frame filtering across the Linux based bridges.
Guidelines for the no network connection model:
Restrict physical access to the machines.
Restrict login access to trusted administrators.
Inspect removable media before connection and after disconnection, or ban them entirely from the secure area.
Securely wipe or destroy replaced hard drives. Make sure that replacement hard drives are inspected or even wiped prior to installation.
Implement ebtables rules if host-based network traffic control is needed between guests.