You can virtualize your firewall. i have seen some whitepapers on
this., but it really does mean you need a solid server and some very
carefully constructed networking.

I prefer vmware on this, because you cna chain off physical ports to
seperate virtual machines so they cannot share ports. so firewall has
phys port A and B, and the resto of your vms share C and D. B hooks to
the same network as C and D but A is the outside.

I have not seen this in any other virtual platform.

On Mon, Apr 27, 2009 at 1:56 PM, Alex Dean <alex@crackpot.org> wrote:
>
> On Apr 27, 2009, at 1:24 PM, Eric Shubert wrote:
>
>> Mark,
>>
>> I have a couple old e-machines that I made into IPCop firewall/routers,
>> and have been decommissioned for a while (they were virtualized).
>
> Do you mean you virtualized your firewall?  Doesn't that create a risk that
> other VMs on the same hardware host might be exposed to nasty stuff which
> arrives at the firewall?  I'm recalling Austin's talk on VMs & security from
> a year or two ago.
>
> If I've misunderstood your statement, please disregard.
>
> alex
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>



-- 
A mouse trap, placed on top of your alarm clock, will prevent you from
rolling over and going back to sleep after you hit the snooze button.

Stephen
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss