I love virtualization

I love virtualization! It really makes learning enjoyable!

Some consider virtualization not to be “cool” as I’m not physically handling the hardware, but the pros outweigh the cons in my opinion. The greatest pro is that I am able to gain experience without having to worry about breaking anything; if something does break then all I need to do is revert and voila, I’m up and running again. An additional pro is that there are immense cost savings, not only the upfront purchase of hardware cost but also in running power and cooling costs. Finally, I am able to train myself remotely! Regardless if I am travelling to another city, working from home, or in a classroom environment, I am able to get the same effective training as long as I have a connection to the virtualization cloud.

Virtualization Environment Use Case

In this case, I’m able to learn about network security using Cisco ASAs, routers, switches as well as user endpoint devices like Linux or Windows hosts. I’m able to create a large or small network – whatever I feel like! In the environment above I learned how to use a Cisco Adaptive Security Appliance (ASA) as a firewall to set up 3 security zones.

1. Untrusted (Outside) zone – security/trust level 0
2. DMZ (Semi-trusted) zone – security/trust level 70
3. Trusted (Internal) zone – security/trust level 100

The network segmentation by trust level has the major advantage of controlling network that is permitted between hosts. Inbound connections from a lower to higher trust zone are not permitted, and therefore can be one method of preventing an attacker from infiltrating an internal network.

In the upcoming weeks, I will be learning how to use Cisco hardware to create VPN tunnels as well as intrusion detection/prevention systems.