Rich Freeman on 7 Jul 2017 04:19:57 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Fios Quantum Gateway Router / Cabling type

On Thu, Jul 6, 2017 at 10:37 PM, Lee H. Marzke <> wrote:
> I believe VMware has government certification that verify that.   The old days of requiring an air-gap between
> different security levels is long gone - and VMware NSX provides much more security than air gap.

I wouldn't call a firewall an "air gap."  When you have an air gap
between different security levels there is simply no way for them to
communicate at all.

In any case, how can anything provide "much more security" than either
a firewall or an air gap, especially at that level of abstraction?

I'm not arguing that NSX isn't secure.  The statement above just
seemed to go a bit far with the claim.

I could see the argument that an implementation of a
firewall/network/etc that provides a more clearly defined
infrastructure would be more secure than an implementation that does
not, because it reduces the risk of a configuration error.  Tools for
orchestration and software-defined infrastructure can help provide
security to ensure that every host only talks to exactly the hosts it
needs to, for example.

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --