My Photo

About

Subscribe in a reader

Archives

Subscribe to this blog's feed

Recent Posts

Security Designs

  • Virtual Security Switch Concept

Recent Comments

Add me to your TypePad People list

Categories


« Virtual Environment User Based Access Controls | Main | Are enterprise customers concerned about virtual security? »

February 06, 2008

Isn't My Physical Firewall Good Enough?

When looking at how to secure Virtual Servers within your data center many people immediately think that if they have physical firewalls and such in their data center they are protecting those virtual servers.

The answer to the question on whether physical firewalls are good enough is no.  Physical Firewalls and some virtual security products sit inline between the virtual machines and the physical network.  These physical firewalls or virtual security products provide security between the physical world and the virtual world but provide no security within the virtual world.

Vmtovmsecurityproblem If one VM is trying to access another VM how can you enforce security policy between those VM's.  The physical firewall isn't in the communication path as you can see from the diagram to the left.

So the only way to provide the VM to VM controls is to either run host based security solutions or a security solution that is in the VM to VM communication path (Virtual Security Switch).

-JP

Posted at 02:33 PM |

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00e55005749e883300e5502dd68d8834

Listed below are links to weblogs that reference Isn't My Physical Firewall Good Enough?:

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

Verify your Comment

Previewing your Comment

Posted by:  | 

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment