Tony V. Robinson
June 1, 2017
CreateSpace Independent Publishing Platform
Building Virtual Machine Labs
This book couldn’t have found me at a better time. I had just finished the infrastructure for my new lab, having finally set aside the time and money to upgrade to some real hardware to run my lab projects on. With my build complete and operating system installed, I was ready to build out the virtual network. I knew in theory I wanted to set up a virtual infrastructure with some basic security controls to control and monitor VMs I was working on. I assumed I would use PfSense again and was playing with the idea of Snort and some other SIEM implementation to properly collect logs for analysis. However, I was struggling with how to get the network set up to allow me to collect network traffic while also giving me a good degree of confidence that if I bring something nasty into my lab I can contain it. This book gave me a great starting point on a solid setup that I was able to then tweak for my needs.
Building Virtual Machine Labs is a great starting point for anyone who wants to set up a home lab but doesn’t know where to start. It is written like a “build your own adventure” book. You pick your base virtualization solution and follow the book’s guide from there. Tony explains his choice of products and configuration and helps give you the pros and cons of each option. You can then jump around the book for each of the tools you would like a detailed walkthrough on. I followed his Virtual Box tutorial and was able to get everything up and running in a day. The book probably saved me weeks of research and experimentation until I was happy with my setup.
I appreciated that Tony scoped the book to just the setup of the lab. There were several instances where he could have gone off on a tangent explaining concepts like Linux basics which would have made the book drag quite a bit. Here he just pointed you to online resources or Google to fill in the blanks. This prevented the book from wasting too much time on hand holding. Overall, it kept a good balance between detailed tutorial and exposition.
Throughout my 10 year career I have worked as a web developer, systems administrator, software engineer, security analyst and now cybersecurity engineer. I currently develop software applications to automate security vulnerability and compliance scanning and reporting for a multinational financial institution.