This is the second part of the two-part series on security by isolation. In the first part I described what security by isolation was and the reasons I decided to implement it. As mentioned in the previous post the implementation was based on three virtual machines with different levels of security appropriate to the VM’s role. The most secure “Green” VM has already been covered in the previous post. In this post I am going to describe remaining two VMs which I named the “Yellow” and the “Red” virtual machines.
The “Yellow” virtual machine
For online shopping purposes I use isolated virtual machine which complies with looser security requirements than the “Green” machine. The “Green” VM was a good baseline for creating the “Yellow” VM. I cloned it using export and import features of VirtualBox. Once I had a clone I booted it up and customized the Firestarter firewall. Since the firewall was initially setup for banking websites (specific to “Green” VM) I removed those entries from the white list and proceeded by adding shopping websites I use most often. The list has been growing over time as I have been using different websites for shopping. Once everything was configured and tested I took a live snapshot of it and powered it down.
There is no need to constantly run the “Yellow” VM and consume host resources. When I decide to shop online I restore the live snapshot which automatically brings up the VM desktop along with the web browser already loaded. Once the shopping is finished I power the machine down without saving the current state. Discarding the current state keeps the VM in pristine condition and malware free.
The “Red” virtual machine
For everyday use I needed a VM that could satisfy two main use cases: test software and browse the web. Since I like to test drive new applications I needed a VM to be able to run most commonly used software. Testing software under development was also a relevant requirement. These two factors determined Windows 7 to be most suitable operating system.
Installing and running new applications leads sometimes to system instability. Another problem with installing a lot of applications under Windows is a system slow down over time. Even after an applications is removed Windows keeps some of application artifacts that negatively affect the system performance. Virtual machine eliminates these issues because of ability to discard the state of the system. Before installing a new application I take a snapshot of the system. Later on if I decide to remove the application all I need to do is roll the state back to the previous snapshot. The system becomes clean and functional once again as if the application has ever been installed.
Virtual machines are arguably one of the most valuable tools at software engineer’s disposal. During software development I constantly test new “half baked” application functionality which in some cases can be scary. Having a VM relives all my fears of system corruption. Anytime something goes wrong I roll the VM state back to the previous snapshot.
Browsing the web is the most dangerous activity from the security perspective. There is no better protection than running the browser in a VM. Having a firewall and anti-virus installed is a good defense against malware. However, it does not protect the system from unknown and new malware. Having a browser running in a VM can recover any infected system by rolling the state back to the known clean snapshot within seconds.
My impression
The entire security by isolation implementation may sound too complex and time consuming to setup. Some would argue that it provides poor user experience. Once all three machines are setup complexity can be tackled by running only one virtual machine at a time. Since I do online banking at most once a day there is no need to run the “Green” VM all day long. The same is the case for the “Yellow” VM. It needs to be started up even less often. Being able to boot them up from the live snapshot allows the system to become fully functional within seconds. The “Red” VM is the only machine that is constantly active. Running a VM increases the amount of physical resources required. I am pretty certain that there is a power consumption penalty for running a VM in comparison to running only a physical machine. I have not performed any measurements in order to determine what it actually is. That may be a potential topic for one of the future posts.
Setting up all three virtual machines took about two days. Tweaking the VM characteristics such as amount of RAM, video memory, HDD size took most of the time. I tried to find the balance between smooth user experience and minimum physical resources dedicated to each VM. The setup may take longer for people who are not familiar with virtualization products or never used VirtualBox. I found VirtualBox pretty easy to use and did not run into any major issues during the setup process.
User experience depends on expertise of the person setting up the VMs. I have been very satisfied with the performance of all three VMs. When running a VM in full screen mode it is indistinguishable from a physical machine. It is snappy and fast. The graphics is excellent. Watching videos is smooth. I have not tried playing games, but I read online that some more 3D intensive games do not perform well.
VirtualBox provides a few critical features that when properly configured bring virtualization to another level. Ability to copy/paste text between guests and host is one of those features. Another important one is a shared host folder. A folder on physical machine can be exposed to the virtual machine for file exchange between host and guests.
There are some downsides to this setup as well. I have already mentioned that VirtualBox supports multiple snapshots. Restoring to any previous snapshot discards the current one. Therefore it is not possible to build a branch of snapshots. This feature is available in VMWare Workstation product (not free). Another feature on my wish list is a shortcut key that would allow switching between the host and guests without exiting full screen mode. I am not aware if any other virtualization product supports it.
Despite not being perfect, security by isolation using three virtual machines has improved my online security and raised my productivity.
In the next week’s post, “Remote debugging with Visual Studio”, we will look at how to use Visual Studio to debug native and managed code on a remote machine which are common in server client environments.