Virtualization is proven to be not safe, as virtual device drivers are
not written with security in mind. So the physical separation (remember,
"VLAN is not a security feature") does the thing proper and seems to be
the only solution.

On Fri, Nov 09, 2007 at 08:19:56PM +0100, Matej wrote:
>
> -a bastian host is a good idea, but I would suggest a Linux server for
> the setup, that might reduce your hardware costs
>
> -the best way to open those ports, would be to restrict them by source
> and destination addresses (in the example we narow down the scope)
>
>
>
> My idea:
>
>
>
> You could use a virtualization product. I had some positive
> experiance.
>


_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailma...rewall-wizards