Wow.

Very encouraging - so now I am excited again!

I am going to attempt to convert the VMWARE files to Virtual Iron - a  
Virtualisation Platform, in my opinion, equally as functional as  
VMWare, but simpler to use, and of course - a lot more cost effective.

I have no idea if the migration will work - but I will try it - and  
feed back to everyone on this list.

The 'interesting' thing about Virtual Iron, is that it does not have  
any concept of 'Virtual Switch' but instead, just VLAN groups. We run  
Layer 3 switches, which handle all the VLAN stuff - so if we can get  
MonoWall working with Virtual Iron, perhaps this might end up being a  
very simple / effective means to double protect virtualisation  
platforms, who are already placed behind primary firewalls on the edge.

Lets roll!!

Jeff

On 9 Sep 2008, at 18:48, Lee Sharp wrote:

> Jeff Rhys-Jones wrote:
>> I have taken a good look at Monowall and think it's a great bit of  
>> coding. Monowall has a very small OS footprint, and is therefore  
>> idea to run in virtual environments.
>> Initially I was very excited about the VMWare version of Monowall,  
>> as I can see a clear need for people to use Firewall VM appliances.  
>> It's a hot topic right now.
>> However, on reading the manual - it could not be spelt out clearer,  
>> the message is this: DO NOT USE IT FOR PRODUCTION!
>> What I would really like to know is - why?
>
> Simple reasons.
>
> 1) It is less secure than a dedicated box.
>
> 2) It is very complex to set up correctly, and have networking  
> actually work.
>
> 3)  It is a complex environment, and when (not if) something breaks,  
> we don't want the blame.
>
> Knowing that, if you want to go forward, go for it!  It is a  
> warning, not a rule.
>
> 			Lee
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>