Packaged virtual appliances in a nutshell

Virtual security appliances — because the vendor who can’t be bothered to package their software to work with multiple OS versions is completely trustworthy to throw in an arbitrary version of Linux, harden it, and keep it up-to-date also.

Chris Hoff has written a nice series of posts about this trend.  The approach of sticking servers from multiple trust domains on the same SAN is a lot like installing a firewall, then tunneling all your apps over http.  Won’t we ever learn?