Options
Ideal lab with an eye on security
reppgoa
Member Posts: 151
Hey all,
I wanted some opinions on what the ideal lab would be for someone with an eye on security. I know I have many milestones I must hit before I get that coveted entry level security position, but I want the best possible lab to learn the things I will need to know on my journey. I want something that I can do sys admin type things on, AD, exchange, deployments as well as database environments like SQL. I also want something that I can setup to attack varying VM's. I would like something powerful enough to sustain me for a couple years. I would like to include switches, routers, and other hands on equipment. I have a decent budget, but of course would like to get the best cost/quality ratio. I am just so overwhelmed at this point with all of the options that I feel like I am drowning. As always, any and all advice is welcome, thanks!
I wanted some opinions on what the ideal lab would be for someone with an eye on security. I know I have many milestones I must hit before I get that coveted entry level security position, but I want the best possible lab to learn the things I will need to know on my journey. I want something that I can do sys admin type things on, AD, exchange, deployments as well as database environments like SQL. I also want something that I can setup to attack varying VM's. I would like something powerful enough to sustain me for a couple years. I would like to include switches, routers, and other hands on equipment. I have a decent budget, but of course would like to get the best cost/quality ratio. I am just so overwhelmed at this point with all of the options that I feel like I am drowning. As always, any and all advice is welcome, thanks!
Comments
-
Options
ehnde
Member Posts: 1,103
You are aware that you'll be needing to use virtualization, that's a good start
Many people here will recommend ESXi Free VMware vSphere Hypervisor: Bare Metal Hypervisor (Based on VMware ESXi) It's free and works very, very well. The licensing works in a way that you can only have it running on a single machine. I suppose you could do two registrations and have two servers running ESXi, but you couldn't manage both simultaneously.
I have a server with an Athlon x2 3.0ghz CPU, 6gb of RAM, 7 network cards, and a single hard drive (the bottleneck). It can easily run anywhere from 6 - 20 virtual machines...but it depends on what VMs you are running.
What you are seeking is pretty broad, and to accomplish all that you want can easily take several years. You mentioned AD, SQL, networking, security.....I'd say pick what you're most interested in and start there.
Active Directory - MCTS 70-640
SQL - Microsoft SQL Server Certification l Database Administrator and Developer or perhaps oracle?
Networking - Check out the CCENT
Security - CompTIA Security+Climb a mountain, tell no one. -
Options
blargoe
Member Posts: 4,174 ■■■■■■■■■□
Not knowing how far along you are in your career path and studies, I would suggest starting small and growing your environment gradually. You need a PC with multiple cores, a bunch of memory (I'd say 8GB with room to grow), and a big hard drive at least 7200 RPM. You can take this setup and easily run a domain controller and 2-3 exchange servers, for example. When you are comfortable with both navigating/administering the VM host and the environment within, you could add perhaps an external switch with VLAN capability and a firewall and integrate that into your environment... set up a real external facing email server or web server with SQL backend and attack it to your hearts content... the possibilities are really endless
IT guy since 12/00
Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
Working on: RHCE/Ansible
Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands... -
Options
mattlee09
Member Posts: 205
QFT.Not knowing how far along you are in your career path and studies, I would suggest starting small and growing your environment gradually. You need a PC with multiple cores, a bunch of memory (I'd say 8GB with room to grow), and a big hard drive at least 7200 RPM.
Spend the time going through some HCL's
vmware.com/go/hcl
ESX / ESXi 4.0 Whitebox HCL
Put together a box, cross check it with the HCL, tweak some, and then rinse-repeat. For Exchange/AD VM's, with some crafty search keywords, you can find others experiences with certain hardware (processor, memory limitations).
I agree - It's a terribly boring thing to do when your ready to get started on your cert/learning path, but every minute spent is worth it. I have a setup from several years ago, and only have 6 gig of RAM. While it's served me well, I'm pretty well stuck with the 6 unless I buy a whole new kit.
On another side-note, I think your very much like me. During the early stages of my Cisco studies, I spent tons of time looking at hardware/eBay prices, and hardly none reading the books in front of me. If I would have started with the book initially, instead of being googly-eyed at all the switches and routers (that I now know I hardly understood anything about), I'd be much farther along.
Like blargoe said, "the possibilities are really endless". Don't make the same mistake I did - Pick up some books and get started with the vastness of topics you'll need to know to make the hardware tick, and you'll begin to understand much better what will be required for a security lab.
Again - I recently realized that was my same hangup. I definitely want to be knowledgeable in any and every domain of IT, but people make full careers out of SQL, Exchange, networking, and are still never "experts" with it. Gotta start small and take it one at a time (which, depending, "should" take you several months). -
Options
certhelp
Member Posts: 191
You are aware that you'll be needing to use virtualization, that's a good start
Many people here will recommend ESXi Free VMware vSphere Hypervisor: Bare Metal Hypervisor (Based on VMware ESXi) It's free and works very, very well. The licensing works in a way that you can only have it running on a single machine. I suppose you could do two registrations and have two servers running ESXi, but you couldn't manage both simultaneously.
I have a server with an Athlon x2 3.0ghz CPU, 6gb of RAM, 7 network cards, and a single hard drive (the bottleneck). It can easily run anywhere from 6 - 20 virtual machines...but it depends on what VMs you are running.
20 VMs? What OSs do these VMs run when running 20 simultaneously? How are you using 7 network cards.