The only firewall virtualization I have seen is VSX, Crossbeam, and
Shasta, but I don't know of any host-based solution per-se. Is there some
issue I'm missing (since I have not tried this myself) installing some
centrally managed host-based FW/IPS on VM's?
On Sun, 18 Mar 2007, Paul D. Robertson wrote:
> On Sun, 18 Mar 2007, Robby Cauwerts wrote:
>
> > > Now we're starting to see a big push for hardware virtualization, is
> > > anyone seeing a move to per-virtual-system firewalling on the hosting OS?
> >
> >
> > This is already available for years on the firewall market.
> > Check Point VSX (If money is no problem), Cisco ASA with their security
> > contexts, ....
>
> Aren't these just a way of packaging rules on an appliance rather than
> providing access control on a hosting OS? While there's likely to be some
> immediate benefit from appliances if you do moving of guests around the
> same physical subnet, that's not going to scale to moving to alternate
> locations very well, where you're going to need the hosting OS anyway.
>
> Also, as we get to things like the newer Linux KVM, won't we start to see
> the ability to compratment based on the hosting system being part of the
> TCB?
>
> Paul
> -----------------------------------------------------------------------------
> Paul D. Robertson "My statements in this message are personal opinions
> paul@compuwar.net which may have no basis whatsoever in fact."
> http://www.fluiditgroup.com/blog/pdr/
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@listserv.icsalabs.com
> https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
>
>
--
Carric Dooley
COM2:Interactive Media USA
http://www.com2usa.com
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
|