Virtual Machines - Rapid Security Tool Deployment - Darren Miller

You may reprint or publish this article free of charge as long as the bylines are included.

Original URL (The Web version of the article)

------------



Title

------------

Virtual Machines

Rapid Security Tool Deployment

------------

Virtual Machines - Many of you have probably heard of them, and/or even used them . But for those of you who have not, here is a brief description.

Virtual Machines, or OS Virtualization, allows heterogeneous operating systems to run simultaneously on the same physical hardware. In a very basic form, imagine running Windows XP, Windows 2003 Enterprise Server, and Linux on the same computer at the same time. Each virtualized operating system, or environment, has access to disk drives, memory, video, input devices, and communications devices, all at the same time, on the same system.

Before we conclude this article on how virtualization is used to rapidly and securely deploy security toolsets, we will provide you with links to Virtual Machine software you can work with on a trial bases (or purchase) and at least one that is free of cost.

How We Use Virtual Machines For Various Testing

------------

Although the majority of the work we do is security assessment, we routinely deploy security measures such as perimeter defense, or enterprise firewall solutions. Many times, we are replacing an existing defense system and need to make sure that when we cut-over to the new system, everything will function properly. For instance, when deploying a firewall, or firewall clusters, we can simulate the cluster design by installed the software into virtual machines, on one physical system, and test the internal firewall to firewall communications. Also, prior to deploying the firewalls, we can create a virtual machine to represent each network protected by the firewalls and test connectivity / communication on each network e.g. Internet, private network, DMZ's, and other protected nets, all with just one system (usually a beefy laptop with a good bit of memory). This method of testing prior to cutting over has proven invaluable and mitigates the risk of serious problems that might present themselves.

How We Use Virtual Machines In Security Assessments

------------

Each time we perform a security assessment for a customer, we utilize specialized and proprietary software / tools. However, once the assessment is completed, and we move on to the next test or new customer, we need to start with a clean platform. We never use the same OS install or instance of tools for different testing phases or different customers.

Using Virtualization, we have pre-created many operating environments such as Windows, Linux, BSD, and Solaris to name a few, with clean installs and hardened operating systems. These pre-created, secure environments also contain all the necessary tools for the type of customer environment and security assessment we will be working on. By using Virtual Machines, we can deploy our testing platforms within minutes, not hours, and feel confident they are secure and ready to function. In fact, we can carry many of these ready-to-go operating environments with us when we travel using high capacity external disk systems. Typically the size of a regular paperback book.

How Else Can Virtual Machines Be Used

------------

The application, use, and benefit of Virtualization is quite broad. For people at home, or technical people who wish to learn new operating environments, Virtual Machines can be a great tool for learning. Instead of purchasing multiple physical machines to install the operating system and applications you wish to become educated on, you can purchase one performance based system, even a laptop, and use virtualization to run them all at once. They can even be configured quite easily to communicate with each other.

Another "big" benefit in using Virtual Machines, is they can be configured to more effectively and efficiently utilize your hardware investment. For instance, instead of purchasing two mid-range systems to run two different applications, you could purchase one an use virtualization to run them side-by-side. In many cases, when using dedicated systems for just one or two applications, the hardware is underutilized. Would it be a wise investment if the server you purchased is only being used at say, "25" percent of its capacity / capability? Virtualization can help you maximize the investment you make in performance based systems, and has the added benefit of server consolidation.

Conclusion

------------

Even if you are just curious about Virtual Machine technology, it can b a great way to learn many aspects of computing and network essentials. There are several major players within the Virtualization industry, such as VMware. VMware provides commercial Virtualization products, even for workstation or desktop environments. You can also visit Xensource, a great open-source (at no cost) Virtual Machine solution. They have a demo you can download, burn to CD, and boot from, or you can download the entire product and install it on a dedicated system.

Regardless of the reason you have for looking into Virtualization, I can tell you that this technology as going to be a big player in the near future. In fact, processor manufacturers are even taking steps to create processors that are Virtual Machine aware.

About the author:

About The Author

------------

Darren Miller is an Information Security Consultant with over sixteen years experience. He has written many technology & security articles, some of which have been published in nationally circulated magazines & periodicals. If you would like to contact Darren you can e-mail him at Darren.Miller@ParaLogic.Net. If you would like to know more about computer security and auto-dialer virus please visit us