On Tue, Nov 23, 2010 at 01:38:04PM +0100, carlopmart wrote:
>Hi all,
>
> First of all, I don't want to start a flame. I will to know your
>opinion about using virtual firewalls in virtual infraestructures
>like vmware, kvm ,xen, etc ... like OpenBSD.
>
> Advantages are very clear for me: provisioning, administration
>tasks, etc ... But I will to know disadvantages. What is your opinion
>from the point of view of security?
Bypassing a virtual FW is so easy, just click in any hypervisor GUI,
moving machine, adding new iface etc... It's not so easy with real cabling.
You can have good privilegs in hypervisor GUI mgmnt but still - real
hw firewall is more separated...
What a pity OpenBSD doesn't run on Power{5,6,7} servers. I'd like to
put it in a lpar just for fun :)
jirib
