nuqneH,

Looks like i am being forced into designing all-in-one box with extended
functionality, combining firewall and a buch of services i really don't like
putting into firewall, but they say it's marketing demand ;-)

The serives are antispam/anitvirus filters/IDS corellator and so on.
I strongly decline running those in the same address space. So using
system call wrappers like FreeBSD jail is not sufficient. I'd prefer
BSD-like system, but only thing that does fit my needs seems to be
User Mode Linux. Are there other things worth detailed analysis?
boschs (if i remember the name correctly) has terrific performance overhead,
vmware is proprietary..

Another question is inter-instanse communication. I need a kind of loopback
interface to let components to talk to each other without allowing access
to physical NIC when it is not required. Any hints?

_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards