View Single Post
  #5  
Old 28th November 2011, 01:36
neofire neofire is offline
Member
 
Join Date: Feb 2011
Location: Brisbane, QLD Australia
Posts: 35
Thanks: 0
Thanked 1 Time in 1 Post
Default

Hey 3zzz

The Reasons i Suggested a physical machine if pfsense is going to be edge firewall, (and mmidgett nailed one of the reasons) is purely from Disaster Recovery point a view ( all eggs in one basket situation ) and the other reason is security and expandability, i have seen one situation where a client had a VM firewall on the same host as his production VMs and (his firewall was setup quite poorly) and some one managed to hack and gain access to his VMware ESXi Console, and cause considerable damage to his environment

In regards to expandability, if you want to build a DMZ for example i personally like other hardware to control this and not have my esxi touching the dmz at all

if you have any more questions or concerns feel free to ask
Reply With Quote