Test networks on Microsoft Virtual Server 2005 beta.
- By Roberta Bragg
Today, I can conceal a complete computer in the pockets
of my baggy jeans and carry a complete network in a laptop case. Life
just doesn't get any better than this.
I love the freedom of traveling about unencumbered. When I need
basic computing power, I bring it along in a PDA. But when I need
more than word processing and e-mail, I grab my high-powered laptop.
I've got Microsoft Virtual PC on board and can boot up a complete
Active Directory network that includes Exchange, IAS, a Certification
Authority and just about anything else I might want to play with
or demo. The limitation at this point is memory. Still, I can have
four or five machines in my network, and when I want to, can even
set up an ISA server and simulate an Internet-DMZ-private network
scenario. It's a great tool for looking at defensive strategies
or demoing secure access. Who'd have thought I'd be able to park
a fully-functioning network on the tray table of my airplane seat?
You can join in the fun, but other than satisfying your geekoid
desires to play in a virtual sandbox, what else can you do? Running
a network in virtual machines on top of Windows XP is fun; what
if you need a more production-oriented playground?
Grab yourself a copy of the Microsoft Virtual Server 2005 beta,
slap it on a Windows Server 2003 box and jump into the future today.
Virtual Server 2005 provides a more powerful environment for virtualization.
Basically, like the PC version, virtual server allows you to use
software to partition a single computer into multiple environments.
Use it as a test network for development or patching. Use it to
host those NT 4.0-based applications you're not ready to migrate
to Windows 2003 yet or don't want to waste the power of a modern
hardware platform on. With virtual server you can host several legacy
systems. Use it to do a lot in a little space and reduce the overhead
of maintaining many hardware systems.
So, how is this a good thing for security? For one thing, you can
sandbox the operations away from your production network. You can
also easily test new patches, new configuration recommendations
and new security products in an inexpensive, risk-free environment.
Set up a virtual system that mirrors your production environment
and have at it. Turn off the virtual servers, and at your discretion,
save the new configuration or return to the system state you had
when you booted the virtual machine. When you're ready, take the
same steps in your production network. Virtual server's another
tool you can use for production.
Don't forget, however, what a great tool it can be for training,
learning and experimentation. Nervous about rolling out PKI? A little
leery of radical Group Policy-initiated security changes? Concerned
about adding new products to your stable infrastructure? Lack the
money to duplicate your production environment? Just want to get
some hands-on for things you don't see and do every day? Need to
be able to work things out while you're on the road? All of these
things are also great reasons for taking the opportunity now to
test virtual server. If you like it, you'll have the data you need
to justify its purchase later on. If you don't, there's still time
to tell Microsoft why.
To apply for beta participation, go to: http://www.microsoft.com/windowsserversystem/virtualserver/default.mspx
and follow the link.
One caveat: You must have the appropriate licenses for every virtual
server you load in the Virtual Server 2005 beta.
Roberta Bragg, MCSE: Security, CISSP, Security+, and Microsoft MVP is a Redmond contributing editor and the owner of Have Computer Will Travel Inc., an independent firm specializing in information security and operating systems. She's series editor for Osborne/McGraw-Hill's Hardening series, books that instruct you on how to secure your networks before you are hacked, and author of the first book in the series, Hardening Windows Systems.