Re: [fw-wiz] Virtualization and firewalling?



The only firewall virtualization I have seen is VSX, Crossbeam, and
Shasta, but I don't know of any host-based solution per-se. Is there some
issue I'm missing (since I have not tried this myself) installing some
centrally managed host-based FW/IPS on VM's?

On Sun, 18 Mar 2007, Paul D. Robertson wrote:

On Sun, 18 Mar 2007, Robby Cauwerts wrote:

Now we're starting to see a big push for hardware virtualization, is
anyone seeing a move to per-virtual-system firewalling on the hosting OS?


This is already available for years on the firewall market.
Check Point VSX (If money is no problem), Cisco ASA with their security
contexts, ....

Aren't these just a way of packaging rules on an appliance rather than
providing access control on a hosting OS? While there's likely to be some
immediate benefit from appliances if you do moving of guests around the
same physical subnet, that's not going to scale to moving to alternate
locations very well, where you're going to need the hosting OS anyway.

Also, as we get to things like the newer Linux KVM, won't we start to see
the ability to compratment based on the hosting system being part of the
TCB?

Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
paul@xxxxxxxxxxxx which may have no basis whatsoever in fact."
http://www.fluiditgroup.com/blog/pdr/

_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards



--
Carric Dooley
COM2:Interactive Media USA
http://www.com2usa.com


--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards



Relevant Pages

  • Re: Firewalls
    ... MS Exchange Hosting: http://www.intermedia.net/exchangehosting ... Windows 2000 Web Hosting: http://www.intermedia.net/webhosting ... W98 doesn't have it's firewall. ... >ISP - it may block some ports for security reasons. ...
    (microsoft.public.security)
  • Re: Firewalls
    ... W98 doesn't have it's firewall. ... Did you try to disable "Internet Alert" ... MS Exchange Hosting: http://www.intermedia.net/exchangehosting ...
    (microsoft.public.security)
  • Firewall choice for web hosting
    ... I am looking into a new firewall choice for organisation I have just ... joined which hosts a very large volume web site. ... Normally I would use Cisco PIX products, a choice based somewhat on my ... For a hosting only solution I am wondering if there is a better ...
    (comp.security.firewalls)
  • Re: Proofread this setup
    ... We arent hosting e-mail, ftp or a web ... webhosting.com), ... > The symantec firewall IS hardware based. ...
    (comp.security.misc)