Virtualization has many obvious benefits, but the one that stands out to me is being able to use it for security vulnerability testing. One of the things that has frustrated me the most over the years is how security testing tools will junk up your system – especially Windows. Install enough vulnerability scanners, network analyzers and so on over time and you’ll undoubtedly be cussing like a sailor when system slow downs, instability and blue screens of death creep into your work. Oh, not to mention the ever-frustrating situation whereby your anti-virus software “cleans” your vulnerability testing tools right off of your system!
The neat thing with virtualization software such as VMWare Workstation, VirtualBox and the lesser-known Windows XP Mode in Windows 7 (that I recently wrote about for SearchEnterpriseDesktop.com) is that you can create a virtual security testing environment to muck up as much as you’d like without having to worry about affecting your day-to-day productivity by creating problems on your local system. When problems do arise in your virtual environment, you can simply fall back to an older image that works, or just quickly recreate a new one.
I know it seems like it’d be easier to have a dedicated computer to run your security tests from. However, doing everything on one system increases efficiency when you need to be mobile and share files between the host and virtualized systems. Plus, it gives you an excuse to invest in a high-end laptop that you may not be able to justify otherwise.
Kevin Beaver is an independent information security consultant, keynote speaker, and expert witness with Principle Logic, LLC and a contributor to the IT Watch Blog.