lifeflaw Posted January 3, 2010 Share Posted January 3, 2010 This is my first post here. Nice to meet you all. I am working lately on configuring a virtual machine with a hardened OS to function as a firewall (and possibly content filtering proxy and/or IDS). The aim is to create a security virtual appliance that can be used by and can protect the average user; the aim is to create a free or non-expensive product that offers a security comparable to hardware appliances. From the technical point of view, the virtual machine will have 2 virtual NICs. The first one will be configured as “host only” and can be accessed only by the host computer. The other virtual NIC will be bridged and can access the public network. The host computer will have the “host only” NIC of the virtual machine as its default gateway. Any traffic going from or to the host computer should pass through this security virtual machine. From the network packets point of view, it is like this [host computer] --- [security virtual machine]--- Public Network The idea is to provide a protection level higher than that offered by Windows firewall, or any installed firewall. I want a protection level similar to that offered by SoHo hardware firewall appliances such as the Cisco ASA 5500. Yet I am still not sure about the security level because the virtual machine would be running on a potentially insecure host OS. Moreover, I am still investigating the security advantage of such a virtual appliance over an installed firewall. So my question is, do you think this is a sound approach to protect a desktop OS (such as MS Windows)? Your comments and suggestions are highly appreciated. :) Note: After searching on the net, I found out that there was a paper about this approach published in USENIX, more information can be found in the link below, http://www.cs.drexel.edu/~vp/VirtualFirewall/index.html However, it doesn’t fully tackle the questions that I have in mind. Peace. Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.