Ideal lab with an eye on security

reppgoareppgoa Member Posts: 151
Hey all,

I wanted some opinions on what the ideal lab would be for someone with an eye on security. I know I have many milestones I must hit before I get that coveted entry level security position, but I want the best possible lab to learn the things I will need to know on my journey. I want something that I can do sys admin type things on, AD, exchange, deployments as well as database environments like SQL. I also want something that I can setup to attack varying VM's. I would like something powerful enough to sustain me for a couple years. I would like to include switches, routers, and other hands on equipment. I have a decent budget, but of course would like to get the best cost/quality ratio. I am just so overwhelmed at this point with all of the options that I feel like I am drowning. As always, any and all advice is welcome, thanks!

Comments

  • ehndeehnde Member Posts: 1,103
    You are aware that you'll be needing to use virtualization, that's a good start :D

    Many people here will recommend ESXi Free VMware vSphere Hypervisor: Bare Metal Hypervisor (Based on VMware ESXi) It's free and works very, very well. The licensing works in a way that you can only have it running on a single machine. I suppose you could do two registrations and have two servers running ESXi, but you couldn't manage both simultaneously.

    I have a server with an Athlon x2 3.0ghz CPU, 6gb of RAM, 7 network cards, and a single hard drive (the bottleneck). It can easily run anywhere from 6 - 20 virtual machines...but it depends on what VMs you are running.

    What you are seeking is pretty broad, and to accomplish all that you want can easily take several years. You mentioned AD, SQL, networking, security.....I'd say pick what you're most interested in and start there.

    Active Directory - MCTS 70-640
    SQL - Microsoft SQL Server Certification l Database Administrator and Developer or perhaps oracle?
    Networking - Check out the CCENT
    Security - CompTIA Security+
    Climb a mountain, tell no one.
  • blargoeblargoe Member Posts: 4,174 ■■■■■■■■■□
    Not knowing how far along you are in your career path and studies, I would suggest starting small and growing your environment gradually. You need a PC with multiple cores, a bunch of memory (I'd say 8GB with room to grow), and a big hard drive at least 7200 RPM. You can take this setup and easily run a domain controller and 2-3 exchange servers, for example. When you are comfortable with both navigating/administering the VM host and the environment within, you could add perhaps an external switch with VLAN capability and a firewall and integrate that into your environment... set up a real external facing email server or web server with SQL backend and attack it to your hearts content... the possibilities are really endless :)
    IT guy since 12/00

    Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
    Working on: RHCE/Ansible
    Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands...
  • mattlee09mattlee09 Member Posts: 205
    blargoe wrote: »
    Not knowing how far along you are in your career path and studies, I would suggest starting small and growing your environment gradually. You need a PC with multiple cores, a bunch of memory (I'd say 8GB with room to grow), and a big hard drive at least 7200 RPM.
    QFT.

    Spend the time going through some HCL's
    vmware.com/go/hcl
    ESX / ESXi 4.0 Whitebox HCL

    Put together a box, cross check it with the HCL, tweak some, and then rinse-repeat. For Exchange/AD VM's, with some crafty search keywords, you can find others experiences with certain hardware (processor, memory limitations).

    I agree - It's a terribly boring thing to do when your ready to get started on your cert/learning path, but every minute spent is worth it. I have a setup from several years ago, and only have 6 gig of RAM. While it's served me well, I'm pretty well stuck with the 6 unless I buy a whole new kit.

    On another side-note, I think your very much like me. During the early stages of my Cisco studies, I spent tons of time looking at hardware/eBay prices, and hardly none reading the books in front of me. If I would have started with the book initially, instead of being googly-eyed at all the switches and routers (that I now know I hardly understood anything about), I'd be much farther along.

    Like blargoe said, "the possibilities are really endless". Don't make the same mistake I did - Pick up some books and get started with the vastness of topics you'll need to know to make the hardware tick, and you'll begin to understand much better what will be required for a security lab.

    Again - I recently realized that was my same hangup. I definitely want to be knowledgeable in any and every domain of IT, but people make full careers out of SQL, Exchange, networking, and are still never "experts" with it. Gotta start small and take it one at a time (which, depending, "should" take you several months).
  • certhelpcerthelp Member Posts: 191
    ehnde wrote: »
    You are aware that you'll be needing to use virtualization, that's a good start :D

    Many people here will recommend ESXi Free VMware vSphere Hypervisor: Bare Metal Hypervisor (Based on VMware ESXi) It's free and works very, very well. The licensing works in a way that you can only have it running on a single machine. I suppose you could do two registrations and have two servers running ESXi, but you couldn't manage both simultaneously.

    I have a server with an Athlon x2 3.0ghz CPU, 6gb of RAM, 7 network cards, and a single hard drive (the bottleneck). It can easily run anywhere from 6 - 20 virtual machines...but it depends on what VMs you are running.

    20 VMs? What OSs do these VMs run when running 20 simultaneously? How are you using 7 network cards.
Sign In or Register to comment.