VMware Communities
WatchDawg
Contributor
Contributor
‎04-05-2012 10:33 AM

VMWARE as a Secure Data Transfer Scrubber

Good afternoon,

Let me start by saying my field of expertise is in Physical Security in a large inter-governmental agency, that is I interpret, design and recommend how to keep human and physical assets safe from threat of criminal or terrorist activity.

Recently, my office was integrated with the IT/ENs security section and due to some turnover, I have tasked myself to learn about the feasibility of using VMware Workstation as a secure data transfer station. Currently, we receive media (i.e. DVD's, USB sticks, digitals files) from other agencies. For the most part we do not know if the media we are receiving is secure from virus / malware etc.

Currently, we are utilizing a stand-alone laptop with current anti-virus software to check the media prior to it being allowed to be plugged into the network. For added security, this process is completed by my Physical Security Manager (he is the only one with access to this laptop). The problem I am encountering is my office operates 24/7 thus, not allowing important information not to be processed until the following working day.

Although I have worked with vmware, I would not be able to   write a series on Policy & Procedure or Operating Procedures for the other 'aging' security personnel in the office.

What I am looking for is a 'Crayon & Colouring Book' simple set of Policy & Procedures and Standard Operating Procedures, that I can forward up my hierarchal chain for their understanding and authorization to utilize VMware.

I defer to all of your expertise.

Cheers

Dean

0 Kudos
1 Reply
continuum
Immortal
Immortal
‎04-05-2012 03:06 PM

Do you want to use a VM for checking media ?

I would then use a LiveCD that runs VMware Workstation as the host OS. A LiveCD is clean after a reboot.

Then I would create a VM to scan the media.
An experienced user would update Virus signatures early in the morning inside this VM.
After that he would shut down the VM and set its disks to nonpersistant mode.

Other users could then use the VM all day long to examine thirdparty media.
After each scan they would reset the VM.

This way the VM would always be clean before each new scan.


There are more usual ways to harden a Workstation setup but to sum it up I would need hours ...


________________________________________________
Do you need support with a VMFS recovery problem ? - send a message via skype "sanbarrow"
I do not support Workstation 16 at this time ...

0 Kudos