Guest OS Network isolation question.

Hi,

I want to create the following situation:
Two guests are running in the same network and can communicate.
Both the guests are isolated from the Internet and from the host machine (network wise).

The reason I want this setup is for malware analysis.
I want one guest to run the malware, and the other guest simulate the Internet for it.
In the same time I don't want the malware going out to the real Internet or doing something to my host.

Is it possible? How?

I'm pretty tech-savvy so if things need to be done from the terminal it's ok by me.

 

Well.. We have 3 network modes. Shared is obviously not an option. Host only prevents Vms to go online - but they obviously communicating with Host. Bridged network can do the trick - you can assign individual IPs for VMs and in Configure --> Options choose to isolate Windows from Mac - so there would be no connection between them .


In order to prevent VMs to go online you need to drop the internet connection in Window itself - but i am not pretty sure they will be able to communicate between them ... try it

 

Thanks for the reply.

I'm not sure I fully understand your suggestion though.

About the bridged network.
Which host interface are you suggesting to bridge with?
Should I create a new interface on the host and set the bridged network with it?
A VLAN interface perhaps?

About the "isolate mac from windows" in the VM options.
I'm don't think it is network related.
I've tried to bridge the network with (en0, vnic0, vnic1) after setting the "isolate mac from windows".
In all these cases I saw VM originated network packets on the host interface that I was bridged with.

About the VMs network isolation.
I think that I really need L2 isolation setup outside the VM, otherwise the malware could change the settings
in the windows and get out.
And I would not like that to happen

help, pretty please ...

 

1.You can create separate interface if you have additional Ethernet cable for example or wifi connection. The best solution which works in most environments is to set it to Default Adapter.
2. Isolation is a pure Network thing as all connections between Vm and Mac are being set through the Network mapping
3. There is no way to set up any network isolation outside the Vm using Parallels Desktop settings i'm afraid. Only using Virtual Machine configuration menu.

 

Try to set up Host only mode and restrict all connections to the Mac from host only network.

 

That's interesting.
Can you advise me on how to restrict all connections to the Mac from the host only network?