That is true that it doesn't say anything about whether the firewalls
need to be physical devices or not. The only thing I would be wary of
is what is coming down in the next version which is supposed to be out
in a couple of months.
On May 8, 2008, at 12:37 PM, Terry wrote:
> Hello all,
>
> I am throwing around the idea of using linux firewalls in vmware for
> customer environments. The customers may or may not have
> HIPAA/PCI/sOX/etc requirements. This is in the planning stages. Any
> of you have experience heading down this route? PCIDSS doesn't
> explicitly state problems with virtual firewalls, it seems to focus on
> the logic of the rules.
>
> Thanks!
