More on virtualization
I know I’m late to the virtualization game but I still have to blog about how impressed I am with it.
I recently got a new Intel-based mac with a Core 2 Duo processor, 3 GB RAM and a 200 GB hard drive and a copy of Parallels software. Parallels is VMWare for a Mac.
I’ve already built and replicated an XP workstation image; the original without IE7 and the replica with IE7. Now I can fire up the WinXP-IE7 image and test internal apps and sites with IE7 ’till I’m blue in the face and not worry that its breaking my stuff (which it does).
I also have two Windows 2003 Servers; one with IIS and the original as a template to spin off others. I just used the 2k3SRVR-IIS image to build a hardening template using Microsoft’s Security Configuration Wizard, or SCW. Now when I need to harden IIS servers, I already have a template from which to work.
And those are just two examples of how virtualization will make me more efficient and effective. I can also test exploits against virtual machines, share images with colleagues, etc. Last night I found instructions on how to convert VM images to Parallels images. That means I can get copies of production virtual machines, convert them to Parallels and then test exploits and see REAL WORLD results.
I can use virtualization to test patches, configuration changes, etc. The list goes on.
I spoke to a friend of mine who manages an IT team for a city government and he said starting in ’07 they are phasing in dual-core laptops with virtualization software as a standard, so they can get rid of a lot of junk in their labs and under their desks. That’s going to make his team so much more efficient because it makes testing easier by degrees.
Think about it; a team can have a central location to store read-only, baseline images of Exchange servers, IIS servers, typical desktop configurations complete with installed software; the woyks! Then if, say I wanted to test an attack against our Exchange server, I could download the Exchange image and pound on it all day and not worry about impacting users but still be confident that my testing is fairly close to “real world” scenarios. I can even do all the testing on my laptop and ensure that the test machine can only network with my machine. That way it doesn’t pose a risk to the network and vice versa.
If you aren’t monkeying with virtualization yet you should. It just rawks.
