I'm an FE college lecturer. I want to set up the sun virtualbox so that it provides a virtual machine but that machine is blind deaf and dumb to the host operating system and host operating resources. This is so I can demonstrate different OS systems, get students to install OS, upgrade software, run a command line interface etc without altering the state of the host machine C drive. This is to prevent me obviously getting hung by the college IT techies when the C drive and all their secured and locked down settings would have been savaged by the IT students' experiments. I want to know how I can set up virtual box and lock it down to only recognise its own volume - whilst still being able to drop to the host to use it's programs, like Office, so the students can make comparison reports and get screen shots to illustrate what they are doing.
I'm fighting a battle here to be able to use resources to teach standalone installation and upgrade skills without destroying a locked down and secure network. Can anyone help me achieve this before I get career transitioned to a mental assylum ?
Locking down the virtual machines
-
MarkCranness
- Volunteer
- Posts: 875
- Joined: 10. Oct 2009, 06:27
- Primary OS: MS Windows 7
- VBox Version: VirtualBox+Oracle ExtPack
- Guest OSses: Windows Server 2008 R2; Ubuntu 11.04; Windows 2000 Server; Windows XP
Re: Locking down the virtual machines
By default a VirtualBox Virtual Machine (VM) cannot see the host OS or host drives, unless explicitely given access via VirtualBox Shared Folders, or using a network share to the host (or other IP hosts on the network).
Also by default, a VM can take control of host USB devices (but only by direct user menu/action in the VM), but you can easily configure it so those user menus are not available.
By default the VM will have network/IP access to the host and other IP hosts on the lan (including to the internet if the host can access the internet), but you can easily configure it that so it can't.
The VM runs in a window of it's own, and you can 'drop' to the host (almost) as easily as switching between different running windows on the host.
It is fairly easy to configure (IMO), so I suggest:
- Reading the user manual available as a download, or readable online from here: http://www.virtualbox.org/wiki/Downloads
- Download it and install it and have a play/experiment.
- If you have specific questions about any feature, please ask (after having studied the manual of course, the moderator over my shoulder suggests...)
Also by default, a VM can take control of host USB devices (but only by direct user menu/action in the VM), but you can easily configure it so those user menus are not available.
By default the VM will have network/IP access to the host and other IP hosts on the lan (including to the internet if the host can access the internet), but you can easily configure it that so it can't.
The VM runs in a window of it's own, and you can 'drop' to the host (almost) as easily as switching between different running windows on the host.
It is fairly easy to configure (IMO), so I suggest:
- Reading the user manual available as a download, or readable online from here: http://www.virtualbox.org/wiki/Downloads
- Download it and install it and have a play/experiment.
- If you have specific questions about any feature, please ask (after having studied the manual of course, the moderator over my shoulder suggests...)
-
mpack
- Site Moderator
- Posts: 39134
- Joined: 4. Sep 2008, 17:09
- Primary OS: MS Windows 10
- VBox Version: VirtualBox+Oracle ExtPack
- Guest OSses: Mostly XP
Re: Locking down the virtual machines
I would also suggest that any operating systems your students install, or any software updates they install, should always come from an ISO image of an install CD mounted in the VM (perhaps these ISO images could be on a network server visible to the host?), and never from a physical CD in the host drive. That way it should be impossible for a student to accidentally do the installation on the host instead of the guest.