First, lets start off by breaking this FAQ down into 2 branches, desktop and enterprise. This is because what do you in a Virtual Machine which may run for 20 minutes a week is very different then a 24/7 system.

Software Evaluation / Desktop Virtualization:

Should you run Antivirus software?
Short answer Always. Long answer is this: evaluate the risk, the potential loss, and loss of performance to decide if it is worthwhile. If you are using a virtual machine to test software or websites where the VM is only powered on for a few minutes a day then it is probably ok to avoid the uneeded overhead. If you are running the VM as the development environment, where you are connected to the physical network and visiting websites then you may want to consider running antivirus software.

Which anti virus software should I run?
There are many out there, but any of the big three: mcafee, nortons, avast would be acceptable. For windows XP or Vista systems you can’t go wrong with grisofts free offering.

What if I’m not running Windows, ie running Linux or Solaris?
Ask yourself this, what are you really trying to protect? There are very few viruses out there for linux and solaris at this point. If you have been good about only using highly trusted repositories for your software then you should be safe. Generally it seems safe to say the biggest problem a linux system will encouter is the actual user deleting the wrong file, not a virus.

Here is a list of solaris antivirus options
Here is a list of Linux antivirus software packages
Here is a directions for installing antivirus on ubuntu
Here is an article “Note to new Linux users: No antivirus needed” from linux.com

Enterprise level virus scanning

What anti virus should I run on my corporate server?
There are a few well known quality enterprise grade antivirus options. But they are almost all for windows server in a windows environment. If you are running a linux backend, then what you really need is just enough protect to prevent the spread of viruses onto the windows portion of the network, as it is unlikely that any linux product will be as effective as a secure linux system with a properly configured firewall and security levels.

Check out this breakdown for a good starting direction Antivirus Tools Underperform When Tested in LinuxWorld ‘Fight Club’

Symantec AntiVirus Corporate Edition
They do support linux clients, here is the info from their website:
Linux Client

Symantec AntiVirus supports installation on the following Linux distributions:

* Red Hat Enterprise Linux 3.x, 4.x, 5.x
* SUSE Linux Enterprise (server/desktop) 9.x, 10.x
* Novell Open Enterprise Server
* VMware EX 2.5.x, 3.x

Note: Symantec AntiVirus Linux clients are unmanaged clients. You cannot use the Symantec management components, such as Symantec System Center, to centrally manage Symantec AntiVirus Linux clients.

What premade Virtual Machines are available for Antivirus tasks?
Check out this page from Trend Micro USA - Virtualization. They offer a variety of solutions for the enterprise customer, ranging from spam protection to full virus scanning. Their virtual machines are available for VMware workstation 5.x, 6.x, VMware Server 1.x, VMware ESX 3.x.
Also search the VMware Appliance Marketplace for antivirus, there are a few helpful premade machines there.

A few general articles about Virtual Machine performance related to antivirus:
virtualization.info: How to improve disk I/O performances with VMware Workstation
virtualization.info: Security by virtualization
The Core Dump of Thought: Anti-virus, virtualization and security paradigm
rentzsch.com: Virtualization as an Antivirus
anti-virus rants: what virtualization can and cannot do in an anti-malware context

What are you willing to pay for an operating system, including all these great programs:

Calculator, Calendar, Cardfile, Clipboard viewer, Clock, Control Panel, Notepad, Paint, Reversi, Terminal, and Write.

Now if you guessed $99.00, and the year was 1986 you would be correct.

Just incase you where wondering: what cost $99 in 1986 would cost $188.40 in 2007 (source).

Now lets compare that to the market today.

According to NewEgg: Microsoft Windows Vista Home Basic is only $189.99, so in 21 years the prices of Windows has only gone up $1.59.

Keep reading to see the video of Steve Ballmer selling Windows 1.0 from youtube.
Read more »

Install Ubuntu Server 7.10
If you haven’t read part 1, read part 1 how to install Ubuntu Server 7.10 in 34 Steps, note it isn’t actually 34 steps just a bunch of screenshots it only takes 15 minutes.

Install ssh server:
sudo apt-get install ssh openssh-server

https://help.ubuntu.com/community/SSHHowto

[Optional Steps]
Remove CD from repository list:
sudo vi /etc/apt/sources.list

Once inside of VI, hit i to be in insert mode, scroll down to deb cdrom:[Ubuntu-Server 7.10 _Gutsy Gibbon_ …. and add # to the beginning of the line. hit esc, then :x to save and exit

sudo aptitude update

sudo aptitude upgrade

Add build tools to Ubuntu
sudo aptitude install linux-headers-`uname -r` build-essential

Ok, problem… ssl on Ubuntu http://ubuntuforums.org/showthread.php?t=337040
sudo mkdir -p /etc/vmware/ssl/
sudo touch /etc/vmware/ssl/rui.key
sudo touch /etc/vmware/ssl/rui.crt

And if you are on a 64 bit host:
sudo apt-get install ia32-libs

use wget to get the files from VMware:
wget [URL of the file that shall be downloaded]

Visit http://vmware.com/download/server/ to find download links.
(You must agree to the license agreement to access download urls)

extract the files:
tar -xzf ./VMware-server-1.0.4-56528.tar.gz

goto the new directory containing the VMware files:
cd vmware-server-distrib

run the installer:
sudo ./vmware-install.pl

hit enter to all choices for basic installation. When you get to the license agreement hit space to page through it, then type y and hit enter.

When it gets to the steps about your networking, you need to have an understanding of the difference between the host only networking, NAT, and standard networking. To read more about VMware networking read this: VMWare networking It explains all three, and the differences between them.

Networking issues with Ubuntu and VMware Server:
http://ubuntuforums.org/showthread.php?t=478611
http://communities.vmware.com/thread/84170

Re: VMWare VMnet compile error
1. get this - http://npw.net/~phbaer/vmnet.tar
2. copy it into your /usr/lib/vmware/modules/source
3. run vmware-config.pl again

This Worked for me. I found it at http://www.vmware.com/community/thread.jspa?threadID=84170&start=0&tstart=0

Congrats, you are done installing VMware server. You can now connect to the vmware console with the Windows based client tools or the web interface.I will have more on both of those methods in the next post. Installing VMware Server Part 3.

Sources:
http://ubuntuforums.org/showthread.php?t=337040
http://www.howtoforge.com/ubuntu_vmware_server

NOTE: This method is not for experienced System administrators, who happen to have or are willing to setup a PXE boot Server. If you can boot from a PXE server, no media required, please do so, and don’t follow this method. For more information on why this method may be completely wrong and a waste of your time read this post: How Not to Install Linux by Demetri J. Mouratis

This is a step by step, with screen shots of the Installation of Ubuntu 7.10 Server edition. Installation takes less then 15 minutes, depending on your system, speed of optical drive and amount of time the server spends waiting for you to hit next.

For more information on Ubuntu server, visit their website at http://www.ubuntu.com/products/whatisubuntu/serveredition

The hardware used is an entry level Dell PowerEdge Servers, brand new out of the box. The model is SC440, and very pleased to announce no driver issues at this point. The system shipped with an Intel Dual Core Pentium and 512 meg of ram. It is highly recommended to upgrade the ram, and this system will be maxed to out the full 4 gig when the shipment arrives from Crucial.com later this week.

Step 0. Download Ubuntu CD Image,
The CD Image, in ISO format, can be downloaded from http://www.ubuntu.com/getubuntu/download Make sure you choose the correct “type computer you have”, in our case it is 64bit installation.

Next, burn ISO to CD, this can vary greatly depending on the operating system you are on, the software you have and the type of cd or dvd you may be burning. I suggest searching Google for a detailed step by step guide just for this portion.

burn cd iso windows xp
burn cd iso windows vista
burn cd iso linux
burn cd iso osx

I used Disc Juggler, which is available as a demo. The demo has a file size cap as well as a speed cap, but it does a fine job burning the ISO image, and doesn’t generate many coasters.

Step 1. Boot the Server from the CD,
Insert the CD into the servers optical drive. Depending on your configuration you may need to hit f11 to enter the boot device option screen. Once the CD has booted this is the first screen you should see:

Go ahead and choose Install to the Hard Disk, by hitting Enter.

Read more »

Hardware requirements

Hyper-V requires an x64-based processor, hardware-assisted virtualization, and hardware data execution protection. The following hardware has been tested extensively and is suitable for use with Hyper-V. Some of the hardware requires an update to the BIOS, as noted. This list does not imply support of the platform for Hyper-V by the respective vendors.

Read more »

Want to build a safe secure redundant load balanced corporate infrastructure all inside one box?

Here are some simple DIY plans.

What is required is a dual nic server, with a installed virtual machine manager capable of supporting a virtual networks along with bridged connections to the intranet and internet.

Here is the diagram of the layout of your secure network:

The thinking behind this is to protect your servers from attacks from the internet. By passing all traffic from the first physical nic into a firewall virtual machine and then onto the virtual network prevents many common attacks, yet provides effective access to all resources from the outside and inside your corporation. The addition of a load balancer virtual machine allows the addition of multple http or mail servers to cover the demands. By adding a second virtual network for the database and http server it prevents bottlenecks on the main virtual network and secures the database server from outside attacks.

Some other ideas include having a VPN virtual machine to allow direct access from the primary physical nic to the secondary nic, bypassing the firewall and virtual network.

Here are some great pre made virtual images to use for your secure virtual network:

Firewall Images
Sieve Firewall

Load Balancer Images:
The Loadbalancer.org Virtual Appliance

Hercules Load Balancer Virtual Appliance

Web Server Only Images:
Apache Appliance

Database Only Images:
MySQL Database Server
Microsoft SQL Server 2005 Enterprise Edition Virtual Appliance
PostgreSQL Database Server

Mail Server Images:
MailEdge Enterprise Messaging Server 2.0
Microsoft Exchange Server 2007 Virtual Appliance

Network Attached Storage:
FreeNAS

VOIP Image:
Asterisk-Skypho 0.9.1
PBXware - IP-PBX Phone System
VoIPonCD - an easy to configure Voice over IP PBX

Additional Points of Interest:

Network firewalls

Virtual machines are not protected by any firewall software on the host operating system. The reason for this is that the virtual machines are essentially connected to the network at layer 2 while most conventional firewalls operate at layer 3 or higher (http://en.wikipedia.org/wiki/OSI_model). As such virtual machines should always have appropriate fire walling software enabled. If your guest operating system does not have firewall software readily handy (or you do not want to install a software firewall in the guest operating system) using Shared Networking under Virtual PC (as opposed to connecting the virtual machine directly to the network) will gain you a modicum of network security as - like with most NAT routing solutions - external network entities will be unable to communicate directly with your virtual machine. source

Additional Articles

Virtual PC Guy’s WebLog : Network Load Balancing (NLB) and virtual machines

Network Load Balancing scenarios that are supported for use with Virtual Server 2005 R2

How to build an ISA firewall lab with Virtual PC 2004

Setting Up A Virtual Pc “complex” Network

Microsoft.com: Securing Virtual Server

I’m postponing the 3rd and 4th part in the long awaited VMware player posts. I have decided to upgrade my hardware to create more usable experience. My current laptop only has 512 meg of ram, which is shared for the video and main system operations. I’m ordering the following upgrade, and expect to have it by the end of the week.

It will be nice having 2 gig of ram, more power, more speed. Recently as I have been getting into more Photoshop this laptop has really been lagging. Now, try loading up virtual environments which want 512 or more, not going to work.

My tax return is going towards the mother of visual drool equipment.

UltraSharp 2407WFP Wide-Screen Black Flat Panel Monitor, LCD with Height Adjustable Stand

I expect it in a few weeks. It isn’t the 30″, but most laptops and most desktops don’t have the dual DVI power for 30″ of visual display. The reason why I like the 24, compared to the 20, 22, or 27 is the native resolution matches my laptop, and most systems I have looked at recently, including the Mac Mini.

Mac mini 1.83GHz Intel Core Duo

The Mac Mini is going to be a great addition to my hardware arsenal. I’m just waiting for them to release the Mac Mini Intel Core 2 Duo. It won’t be long, I expect it in June at WWDC. Mac OSX, Vista, XP, Linux, VMware, Virtual PC, all inside a small little box. Easy to transport, fun to look at, and wireless. I most likely will run it headless, using VNC or Remote Desktop. Then I can just have it sitting on a shelf, no keyboard, no mouse, no monitor. Just sitting there purring away.