Virtual Security Lab using ESXi

I've been working on solving a very specific problem. I'd like to have access to a general security lab on campus such that myself and a few friends can practice for a cybersecurity competition. The university has a great Security lab, the only problem is, everyone loves using it and it has relatively strong physical security. Either way, a few students cannot walk in at 3:00AM and start running attack scenarios. Go figure.

After a few chats it started to emerge that virtualizing the lab would be the best idea. There are a few issues with using virtualization to practice but they are generally solvable. The only seemingly unsolvable issue includes practicing scenarios using guests acting as virtual machine managers. There are also concerns with the network, but Cisco provides a nice virtual machine switch called the Nexus 1000v. Using the Nexus we'll have access to a fully virtualized IOS responsible for switching our other virtual machines. Slap an ASA and PIX on top (connected physically to the host) and you've got yourself a security lab. Now how to facilitate the virtual lab? Well, ESXi is a great solution. The ESXi operating system is a relativity light install that is managed remotely via a vSphere client. Each student wanting to use the virtual lab requests a user account for the ESXi server, logs in with their credentials, and starts reeking havoc by creating, destroying, attacking, and defending their virtual machines.

The fun part is ESXi is not designed to run on most hardware, especially personal computer hardware. Thankfully there is a a great set of tutorials and forum called vm-help. I found the website midway during the ESXi install on my desktop when I was prompted with an empty list of drives to install the OS onto. My nVidia MCP78 SATA, hardware ID 10DE:0AD4, controller was not supported. The website has a great list that maps vendor hardware IDs to forum posts and corresponding drivers. In most cases, either the DAS controller or NIC will be unsupported. To solve this, "whitebox" users need to create an OEM package and build it into the ESXi bootloader options. Within the OEM package users mimic the filesystem layout and may override/overwrite files. To get my SATA controller to work I had to overwrite two files. (Keep in mind this process is outlined on the vm-help site.) A hardware ID to description mapping file, and a hardware ID to driver mapping file. Thankfully someone had ported the Linux AHCI driver to ESXI and the nVidia MCP78 chipset was supported by AHCI.

At the end of the night I had extracted the OS from the install media on to a USB drive, which is actually a great option for those wanting to try out ESXi. You'll still need support for some type of DAS or NAS to create a virtual disk datastore when you're up and running. Now I'm trying to find or purchase an adequate machine to run at least ten virtual machines simultaneously. I'm hoping the install/setup will be similar (and I'll find a supporting driver). Worst case scenario I'll put together some type of supported NAS.