4

We have a private bay in which we built a private cloud with vmware vSphere. We received directly the web trafic on a firewall VM and then we forward the trafic to the appropriate VMs.

We are worry about this situation because the first machine direcly exposed to the web is the vmware hyperterminal. Is this a common and safe architecture? Is it better to do this kind of architecture or to put the firewall on a dedicated server?

Julio
  • 155
  • 2
  • 7

1 Answers1

2

Please use a dedicated firewall device. A Cisco ASA 5505 firewall is a good option.

There are many questions about using a virtualized firewall in ESXi to bridge external and internal connectivity. People should not do this.

ewwhite
  • 197,159
  • 92
  • 443
  • 809
  • Thank you, one last question is this cisco firewall better than a dedicated server with pfsense? – Julio Dec 14 '14 at 12:49
  • 1
    Can you provide justifications or at least links that describes the pros/cons of virtualized firewall. – Lie Ryan Dec 14 '14 at 14:55