virtualbox.org

I have a PC connected to a secure intranet network/domain and I want to use the GUEST to connect to internet without copromising the security of the HOST. I have the following setup:

HOST : Windows Vista on intranet network with security critical applications.
Two (2) NICS installed: The first connected on the secure intranet, the second connected to internet router - no DHCP server. The second network adapter never gets a valid IP to connect to internet from the HOST OS (on purpose).
GUEST : Windows 7. Bridged Adapter attached to the second NIC of the HOST with valid IP settings (IP/gateway/DNS) to connect to internet. I have installed Guest Additions to share a HOST folder and exchange files.

My questions:
Is the above setup safe enough for the HOST machine and the secure local intranet?
Is there any risk that internet traffic "leaks" to the HOST?
Are the HOST or the local intranet resources exposed to internet threats?
Can I tweak the setup to make it safer for the HOST and the intranet?

Thank you.

GeoNolis wrote:Is the above setup safe enough for the HOST machine and the secure local intranet?

That would depend on your requirements of "safe" really... Yes, it could be, if you double check with my second answer

GeoNolis wrote:Is there any risk that internet traffic "leaks" to the HOST?

The only way would be with a NIC sniffer, but I am not sure to which extend. Also, the use rwould need to be able to install and/or use a NIC sniffer in the first place.

GeoNolis wrote:Are the HOST or the local intranet resources exposed to internet threats?

No

GeoNolis wrote:Can I tweak the setup to make it safer for the HOST and the intranet?

Yes, disable the TCP/IP stack on the host NIC poiting to internet, instead of just disabling the DHCP. That way, there is simply no way to communicate over TCP/IP for the host on the internet network.