|
Firewalls
virtual firewalls -- compliance May 08 2008 07:37PM Terry (td3201 gmail com) (10 replies) Re: virtual firewalls -- compliance May 10 2008 12:00AM Joseph Jenkins (maillist breathe-underwater com) RE: virtual firewalls -- compliance May 09 2008 11:51PM Craig Wright (Craig Wright bdo com au) (1 replies) RE: virtual firewalls -- compliance May 12 2008 04:53PM Dan Lynch (DLynch placer ca gov) (1 replies) RE: virtual firewalls -- compliance May 12 2008 09:24PM Craig Wright (Craig Wright bdo com au) (1 replies) Re: virtual firewalls -- compliance May 20 2008 01:23PM David M. Zendzian (dmz dmzs com) (1 replies) |
|
|
Privacy Statement |
(please correct me if you do these assessments for a living) - as long as
the VM parent, or the linux VM children are not controlled or accessed by
other customers and you as the provider (or whoever manages the box) adhere
to the DSS requirements, it should audit well. It's about segregation,
logical or physical, as long as a client doesnt have access to break out and
tamper with config which could alter their segregation, I think it's fine.
Now, if you're going to host multiple customers behind those firewalls,
you'll want to VLAN each of them and probably not share a netblock among
them - again for isolation purposes.
But again.. I'm not specialized in this area. If you find the answer to
this, please let me know. I'd love to get this straight as well.
On Thu, May 8, 2008 at 3:37 PM, Terry <td3201 (at) gmail (dot) com [email concealed]> wrote:
> Hello all,
>
> I am throwing around the idea of using linux firewalls in vmware for
> customer environments. The customers may or may not have
> HIPAA/PCI/sOX/etc requirements. This is in the planning stages. Any
> of you have experience heading down this route? PCIDSS doesn't
> explicitly state problems with virtual firewalls, it seems to focus on
> the logic of the rules.
>
> Thanks!
>
That's an interesting problem. For PCI - at least in my interpretation (please correct me if you do these assessments for a living) - as long as the VM parent, or the linux VM children are not controlled or accessed by other customers and you as the provider (or whoever manages the box) adhere to the DSS requirements, it should audit well. It's about segregation, logical or physical, as long as a client doesnt have access to break out and tamper with config which could alter their segregation, I think it's fine. <br>
<br>Now, if you're going to host multiple customers behind those firewalls, you'll want to VLAN each of them and probably not share a netblock among them - again for isolation purposes.<br><br>But again.. I'm not specialized in this area. If you find the answer to this, please let me know. I'd love to get this straight as well.<br>
<br><div class="gmail_quote">On Thu, May 8, 2008 at 3:37 PM, Terry <<a href="mailto:td3201 (at) gmail (dot) com [email concealed]">td3201 (at) gmail (dot) com [email concealed]</a>> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Hello all,<br>
<br>
I am throwing around the idea of using linux firewalls in vmware for<br>
customer environments. The customers may or may not have<br>
HIPAA/PCI/sOX/etc requirements. This is in the planning stages. Any<br>
of you have experience heading down this route? PCIDSS doesn't<br>
explicitly state problems with virtual firewalls, it seems to focus on<br>
the logic of the rules.<br>
<br>
Thanks!<br>
</blockquote></div><br>
[ reply ]