virtual firewalls -- compliance

Hello all,

I am throwing around the idea of using linux firewalls in vmware for
customer environments.  The customers may or may not have
HIPAA/PCI/sOX/etc requirements.  This is in the planning stages.  Any
of you have experience heading down this route?  PCIDSS doesn't
explicitly state problems with virtual firewalls, it seems to focus on
the logic of the rules.

Thanks!