Hmmm I've been wondering about that myself (yes I to have heavy ties into it ).

For the moment (I say with my tongue in cheek) I think we're still reasonable safe, it takes a whole other thinking to start attacking at hardware level, and I think there aren't alot of people going there right now.

This doesn't mean it can't happen, there's a reason that Symantec and Intel are joining forces to develop chips with hardcoded security measures in them. Sure it's part Marketing and salestricks, but then again ...

As long as I don't see proof of the opposite (and I mean real proof, not the ifs and whens) that hopping between virtual switches that aren't connected is NOT possible, I'll be installing a firewall on bare metal ...