On 23/11/10 13:56, Bahador NazariFard wrote:
OK
You are right.
But you know in this case your security level is not higher than virtual
machine.
Because your security level in complex chained system is not higher than
weakest point.In fact you are accepting the risk of using virtual machine.
I think in this case if your virtual machine system is not stronger than
OpenBSD you should not use it.
If one can exploit virtual machine he/she can hurt your platform.
I think virtual systems are very very useful but they are not very good for
security box.
I think virtual machine is one of your assets that you should be able to
protect it.
because it may have many guest and provide several services for your client
.
For example in this senario you can not protect your network even your
firewall box against DoS or DDoS attack.
because your virtual machine has to get a lot of packet before your
firewall.
This is a good post. I have esxi servers and they work well, but you'd
have a hardware firewall sitting at the front of network, unless you
want to do firewall testing etc. If you can afford to get some esxi
servers, I'm sure you can pay the little bit extra to get an OpenBSD
firewall on the go, even two for that matter