Isp wan connected directly to Xcp-ng and run Pfsense vm (any security concerns)

Hi, I have a Dell Poweredge R330 that I run Xcp-ng on with 2 built-in network ports.

Is it safe to use network port nr. 2 as Isp wan which is only connected to the Pfsense Vm and nic 1 as Lan and management network?

How is the security in Xcp-ng Considering that the isp wan is connected directly to dom0 without any firmware or router?

Or do I have to have the dedicated pci network card that I can pass through to the Pfsense Vm to increase security?

There are no known flaws at this time so if you properly configure it things should be secure, if a flaw does come up or you misconfigure it, then it’s not going to be secure. Pass through card is a better option.

ok thanks for reply :slight_smile: