Security Watch

Virtualize This

Test networks on Microsoft Virtual Server 2005 beta.

Today, I can conceal a complete computer in the pockets of my baggy jeans and carry a complete network in a laptop case. Life just doesn't get any better than this.

I love the freedom of traveling about unencumbered. When I need basic computing power, I bring it along in a PDA. But when I need more than word processing and e-mail, I grab my high-powered laptop. I've got Microsoft Virtual PC on board and can boot up a complete Active Directory network that includes Exchange, IAS, a Certification Authority and just about anything else I might want to play with or demo. The limitation at this point is memory. Still, I can have four or five machines in my network, and when I want to, can even set up an ISA server and simulate an Internet-DMZ-private network scenario. It's a great tool for looking at defensive strategies or demoing secure access. Who'd have thought I'd be able to park a fully-functioning network on the tray table of my airplane seat?

You can join in the fun, but other than satisfying your geekoid desires to play in a virtual sandbox, what else can you do? Running a network in virtual machines on top of Windows XP is fun; what if you need a more production-oriented playground?

Grab yourself a copy of the Microsoft Virtual Server 2005 beta, slap it on a Windows Server 2003 box and jump into the future today. Virtual Server 2005 provides a more powerful environment for virtualization. Basically, like the PC version, virtual server allows you to use software to partition a single computer into multiple environments. Use it as a test network for development or patching. Use it to host those NT 4.0-based applications you're not ready to migrate to Windows 2003 yet or don't want to waste the power of a modern hardware platform on. With virtual server you can host several legacy systems. Use it to do a lot in a little space and reduce the overhead of maintaining many hardware systems.

So, how is this a good thing for security? For one thing, you can sandbox the operations away from your production network. You can also easily test new patches, new configuration recommendations and new security products in an inexpensive, risk-free environment. Set up a virtual system that mirrors your production environment and have at it. Turn off the virtual servers, and at your discretion, save the new configuration or return to the system state you had when you booted the virtual machine. When you're ready, take the same steps in your production network. Virtual server's another tool you can use for production.

Don't forget, however, what a great tool it can be for training, learning and experimentation. Nervous about rolling out PKI? A little leery of radical Group Policy-initiated security changes? Concerned about adding new products to your stable infrastructure? Lack the money to duplicate your production environment? Just want to get some hands-on for things you don't see and do every day? Need to be able to work things out while you're on the road? All of these things are also great reasons for taking the opportunity now to test virtual server. If you like it, you'll have the data you need to justify its purchase later on. If you don't, there's still time to tell Microsoft why.

To apply for beta participation, go to: http://www.microsoft.com/windowsserversystem/virtualserver/default.mspx and follow the link.

One caveat: You must have the appropriate licenses for every virtual server you load in the Virtual Server 2005 beta.

About the Author

Roberta Bragg, MCSE: Security, CISSP, Security+, and Microsoft MVP is a Redmond contributing editor and the owner of Have Computer Will Travel Inc., an independent firm specializing in information security and operating systems. She's series editor for Osborne/McGraw-Hill's Hardening series, books that instruct you on how to secure your networks before you are hacked, and author of the first book in the series, Hardening Windows Systems.

Featured

  • Get More Out of Your Outlook Inbox with TakeNote

    Brien comes across a handy, but imperfect, feature in Outlook that lets you annotate specific e-mails. Its provenance is something of a mystery, though.

  • Microsoft Resumes Rerelease of Windows 10 Version 1809

    Microsoft on Wednesday once more resumed its general rollout of the Windows 10 version 1809 upgrade, also known as the "October 2018 Update."

  • Microsoft Ups Its Windows 10 App Compatibility Assurances

    Microsoft gave assurances this week that organizations adopting Windows 10 likely won't face application compatibility issues.

  • SharePoint Online Users To Get 'Modern' UI Push in April

    Microsoft plans to alter some of the tenant-level blocking capabilities that may have been set up by organizations and deliver its so-called "modern" user interface (UI) to Lists and Libraries for SharePoint Online users, starting in April.

comments powered by Disqus
Most   Popular

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.