On Tue, Jan 27, 2009 at 17:42, pfsense sense <[email protected]> wrote: > has anyone considered the possibility of intergrating xen with pfsense ? > > i might be loosing my mind but wouldn't it be nice to have a pfsense running > on harware and a vistualization environemnt that allow us to install our > OS's of choice perfectly protected behind pfsense ? > > does anything else think it's a good idea ?
Regardless of what virtual appliance vendors would like to tell you, network security solutions aren't particularly well-suited for virtualization. Response times will never be as good as those on the raw hardware, and there are more subtle concerns with the added complexity, particularly in failover situations. Even more disconcerting is exposing the hypervisor within which the rest of your presumably sensitive infrastructure runs to edge security concerns. That said, there's nothing stopping you from running on an HVM-aware solution - I personally use Linux KVM on a Phenom 98xx, and Xen has at least some HVM support. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
