Dave here
I'm building a concept for a customer and they want to build a dev environment for their small business network. This is for pen testing, and as close as they can virtualized version of their physical infrastructure.
They have two pretty decent servers each with 6 NIC's, a Synology with plenty of disk for this project and a 24 port Cisco switch. The pen testers will plug their physical hosts into the switch and the security team want to attach a SIEM with a SPAN on one of the ports of the virtualized routers. I think I can do this with TaaS but more reading required, if not I'll have to virtualize a server for them to receive traffic on and forward it somehow.
I'm sure it will but would an Openstack run Controller+Compute on server A and Compute on server B with a Cinder store on the Synology? Any reference architecture you could point me at?
There would be the pen testers hitting a virtualized firewall in a DMZ with 2 VMs, then out from there to their server or client networks that would have say 5 Windows VMs in each using? I'm thinking there would be max 20 VMs worst case if I multi-NIC a couple of virtual routers like pfsense or similar to replicate their network fully.
I guess like a cyber range but without user/network simulation.
I'm saying do it on AWS but they insist on having it on the hardware they have left over from other projects (no ESX licensing).
Am I heading in the right direction with this? Both servers are the same spec 24 core 128g ram with 100gb spinning disk and then 4TB in Synology.
Sorry english not first language ,
Cheers Dave