Ideal lab with an eye on security

Hey all,

I wanted some opinions on what the ideal lab would be for someone with an eye on security. I know I have many milestones I must hit before I get that coveted entry level security position, but I want the best possible lab to learn the things I will need to know on my journey. I want something that I can do sys admin type things on, AD, exchange, deployments as well as database environments like SQL. I also want something that I can setup to attack varying VM's. I would like something powerful enough to sustain me for a couple years. I would like to include switches, routers, and other hands on equipment. I have a decent budget, but of course would like to get the best cost/quality ratio. I am just so overwhelmed at this point with all of the options that I feel like I am drowning. As always, any and all advice is welcome, thanks!

Find more posts tagged with

Comments

ehnde

You are aware that you'll be needing to use virtualization, that's a good start

Many people here will recommend ESXi Free VMware vSphere Hypervisor: Bare Metal Hypervisor (Based on VMware ESXi) It's free and works very, very well. The licensing works in a way that you can only have it running on a single machine. I suppose you could do two registrations and have two servers running ESXi, but you couldn't manage both simultaneously.

I have a server with an Athlon x2 3.0ghz CPU, 6gb of RAM, 7 network cards, and a single hard drive (the bottleneck). It can easily run anywhere from 6 - 20 virtual machines...but it depends on what VMs you are running.

What you are seeking is pretty broad, and to accomplish all that you want can easily take several years. You mentioned AD, SQL, networking, security.....I'd say pick what you're most interested in and start there.

Active Directory - MCTS 70-640
SQL - Microsoft SQL Server Certification l Database Administrator and Developer or perhaps oracle?
Networking - Check out the CCENT
Security - CompTIA Security+

blargoe

Not knowing how far along you are in your career path and studies, I would suggest starting small and growing your environment gradually. You need a PC with multiple cores, a bunch of memory (I'd say 8GB with room to grow), and a big hard drive at least 7200 RPM. You can take this setup and easily run a domain controller and 2-3 exchange servers, for example. When you are comfortable with both navigating/administering the VM host and the environment within, you could add perhaps an external switch with VLAN capability and a firewall and integrate that into your environment... set up a real external facing email server or web server with SQL backend and attack it to your hearts content... the possibilities are really endless

mattlee09

blargoe wrote: »

Not knowing how far along you are in your career path and studies, I would suggest starting small and growing your environment gradually. You need a PC with multiple cores, a bunch of memory (I'd say 8GB with room to grow), and a big hard drive at least 7200 RPM.

QFT.

Spend the time going through some HCL's
vmware.com/go/hcl
ESX / ESXi 4.0 Whitebox HCL

Put together a box, cross check it with the HCL, tweak some, and then rinse-repeat. For Exchange/AD VM's, with some crafty search keywords, you can find others experiences with certain hardware (processor, memory limitations).

I agree - It's a terribly boring thing to do when your ready to get started on your cert/learning path, but every minute spent is worth it. I have a setup from several years ago, and only have 6 gig of RAM. While it's served me well, I'm pretty well stuck with the 6 unless I buy a whole new kit.

On another side-note, I think your very much like me. During the early stages of my Cisco studies, I spent tons of time looking at hardware/eBay prices, and hardly none reading the books in front of me. If I would have started with the book initially, instead of being googly-eyed at all the switches and routers (that I now know I hardly understood anything about), I'd be much farther along.

Like blargoe said, "the possibilities are really endless". Don't make the same mistake I did - Pick up some books and get started with the vastness of topics you'll need to know to make the hardware tick, and you'll begin to understand much better what will be required for a security lab.

Again - I recently realized that was my same hangup. I definitely want to be knowledgeable in any and every domain of IT, but people make full careers out of SQL, Exchange, networking, and are still never "experts" with it. Gotta start small and take it one at a time (which, depending, "should" take you several months).

certhelp

ehnde wrote: »

You are aware that you'll be needing to use virtualization, that's a good start

Many people here will recommend ESXi Free VMware vSphere Hypervisor: Bare Metal Hypervisor (Based on VMware ESXi) It's free and works very, very well. The licensing works in a way that you can only have it running on a single machine. I suppose you could do two registrations and have two servers running ESXi, but you couldn't manage both simultaneously.

I have a server with an Athlon x2 3.0ghz CPU, 6gb of RAM, 7 network cards, and a single hard drive (the bottleneck). It can easily run anywhere from 6 - 20 virtual machines...but it depends on what VMs you are running.

20 VMs? What OSs do these VMs run when running 20 simultaneously? How are you using 7 network cards.