Virtual firewall definition
A virtual firewall is a service or device that filters and monitors network traffic for virtual machines (VMs) in a virtual environment. Like a network firewall, a virtual firewall inspects each data packet using security policies and blocks unapproved traffic between virtual machines. Companies use virtual firewalls (typically deployed as a software appliance) as a network security solution to protect environments in which using hardware firewalls is difficult.
How virtual firewalls work
- Virtual firewalls filter data packets within a virtualized environment by managing and controlling traffic that comes and leaves the network.
- A virtual firewall works in conjunction with switches and servers to block unauthorized access to the network.
- Each virtual switch maintains a table with entries describing known networks and their directions. Using these switches, virtual firewalls can grant or reject access to the network.
Virtual firewall modes
- Bridge mode: Diagnoses and monitors the virtual machine’s incoming and outgoing traffic. Bridge mode works more like a traditional firewall.
- Hypervisor mode: The firewall works in isolation from the physical network and resides in the core hypervisor kernel. It handles the connection between the virtual machines and the host computer’s resources.
Virtual firewall benefits
- Protects the virtual network
- Helps prevent cyberattacks (e.g., remote access)
- Reduces an organization’s attack surface
