I'm looking for general setup advice for the following: I'm going to be doing a class on information security. I would like to present the students with several real-world scenarios and for that, they'll need a lab environment with more than one computer. For example, one of the assignments might be, "your company network consists of computer A and computer B. you suspect computer A might be compromised. Investigate." Then I would expect the students to determine that computer A is port scanning computer B.
The way I would like to set this up is, I'd have two VMs configured so that one is doing something to the other. Then I'd snapshot both of them. Then, when a student is ready to begin the lab, clones of the VMs would be created and started. They would be running on a private network with no traffic going in or out, and a "border computer" would also be started that would have an additional interface on an external network. The student would then connect to the border system and use it to perform the investigation.
Furthermore, this is an online class so the student would need to be able to initiate this process of cloning and starting the VMs on their own. I wont be there. When the student is finished, all three VMs should be stopped and essentially thrown away. The next student would get a fresh copy from the snapshot.
I can set up one copy of this lab environment. And I think I can use VBoxManage to clone the VMs. I'm not sure what I'll do about IPs though if two students needed to work the assignment at the same time.
Have you heard of anyone doing this kind of thing before?