Migrating from Bare Metal to ESXi VM

  • Hi, I am currently running a baremetal PFsense, but contemplating on migrating into an ESXI server.

    I have two questions I would like to ask please:

    Would assigning a dedicated NIC in Passthrough manner make it more secure compared to E1000 or VMXNET3? Or is it more complexity for no apparent security gain?

    The WAN link will be directly connected to the Internet, no ISP router (Only modem mode). would this reduce security?

    Thanks in advance.

  • I virtualized mine maybe 3 months ago partly as an "I'm stuck at home and need a project" and partly for energy savings. My server has the ram and plenty of CPU so what the hey lets try. I didn't passthrough. Decided instead to setup separate vswitches/portgroups and just dedicate nics that way; one for WAN and another for LAN and put PFSense VM in both portgroups. I'm using the free ESXI 6.7.

    These days, mixing servers/IOT and desktops in the same LAN is probably a bigger security issue than virtualizing PFSense.