I just attended a VMUG where they brought in a heavy hitter that quite effectively made the case for their new product VMware vDefend Distributed Firewall (formerly known as VMware NSX Distributed Firewall). The primary focus of my job is getting us off of VMware, so I don't care about his product. If its not free, its a non-starter.
He did impress upon me the unique vantage point of the hypervisor as a place to interdict the spread of ransomware. With 80% of your enterprise virtualized, the hypervisor sees all. It's surveillance and interdiction capability cannot be circumvented like an agent. My NetAdmin however, is unimpressed.
So here's my question(s).
He did impress upon me the unique vantage point of the hypervisor as a place to interdict the spread of ransomware. With 80% of your enterprise virtualized, the hypervisor sees all. It's surveillance and interdiction capability cannot be circumvented like an agent. My NetAdmin however, is unimpressed.
So here's my question(s).
- What does the PVE firewall bring to the table that you can't get via your physical network stack?
- I see it does Suricata. That's cool. How's that working out for folks?
- Is there anything else wonderful about the PVE firewall? Or maybe is it a POS that I should stay away from?