[ previous ] [ next ] [ threads ]
 
 From:  Jeff Rhys-Jones <jeff at acc dash international dot co dot uk>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Why should one not use Monowall for production systems on a VM Platform
 Date:  Tue, 9 Sep 2008 17:48:31 +0100 
I have taken a good look at Monowall and think it's a great bit of  
coding. Monowall has a very small OS footprint, and is therefore idea  
to run in virtual environments.

Initially I was very excited about the VMWare version of Monowall, as  
I can see a clear need for people to use Firewall VM appliances. It's  
a hot topic right now.

However, on reading the manual - it could not be spelt out clearer,  
the message is this: DO NOT USE IT FOR PRODUCTION!

What I would really like to know is - why?

Is it something to do with a fundamental issue - like performance -  
security?

I have had a trawl through these lists and it seems that people *are*  
using monowall on ESX - and it seems that from what most people say -  
the main issue are issues / mis-configurations of  virtual switches.

If used as an additional layer of security (in a virtual data centre,  
behind a dedicated firewall and providing better VM to VM segregation)  
- would it hurt?

Or would it cause everything to fall to bits?

Anyone?

Jeff

ACC International Ltd

t: +44 (0) 20 70436093
f: +44 (0) 20 70436099
e: jeff at acc dash international dot co dot uk