PFsense + vrtual ?
-
Hi all i was just wondering if i can setup pfsense on a virtual server ? and how secure this will be ? i will have 3 separated nics 1 Wan 2 Lan 3 DMZ
on the virtual server. the installation pf will go to a separated harddrive. what does you guys think off that ? Would it be more less secure ? than running a separated PFsense firewall ? -
We're running PfSense on Vmware ESX, and I don't see why it would be less secure then running it on a physical box.
Note that there is in fact a connection possible from the VM to the host(for example Vmware tools), which can be a security risc, but to get access to the guest(pfSense) you have bypass pfSense's security first.Running pfSense on Vmware Server/Workstation or Microsoft VirtualPC/HyperV would be less secure because of the way network has to be configured. For example: Installing a new driver for your host OS network card can reset (windows)settings(or the interface name) on that card causing that network card(you use - for worst case schenario WAN) to lose it's dedication to Vmware/VirtualPC and use default DHCP settings. This could be BAD.
On ESX this can not happen.Opinions on this topic vary by the way, and i'm not a real security guy.
-
I just rebuilt my PF-Sense server back on my XenServer 5.0 Enterprise Edition. It is working like a charm. I am using verison:
1.2.3-PRERELEASE-TESTING-VERSION
built on Sat Mar 28 00:13:48 EDT 2009It is extreamly stable and very fast. I am running serveral services and seeing a little slow response but I am will to take that with all the new virus's running around. A little extra protection is work it.
As far as my configuration goes:
I have a dedicated nic for the WAN interface, LAN interface and a shared interface on the OPT1 interface. No issues here.Citrix is now providing enterprise product for free. It works great.
RC