1 |
On Tue, Aug 7, 2012 at 10:17 AM, James <wireless@×××××××××××.com> wrote: |
2 |
<SNIP> |
3 |
> Hello Mark, |
4 |
> |
5 |
> I think I'll put the R stuff as research interest on a separate |
6 |
> machine to evaluate... I'm Looking for some guidance on this |
7 |
> (VM) subject, related to online stock trading. Should I set up a |
8 |
> machine on a hardened system? SeLinux? Other ideas like a |
9 |
> transparent bride with some specific application filtering? |
10 |
> |
11 |
|
12 |
Sounds like you're beyond my abilities. I use standard stable Gentoo |
13 |
myself. (I.e. - NOT ~amd64) Each Windows VM has it's own Windows |
14 |
license as well as it's own virus protection license. I run different |
15 |
trading apps in different VMs. All trading VMs are Virtualbox. |
16 |
|
17 |
In my case the compute server is a 12 core Intel machine. I dedicate |
18 |
10 cores to the VMs (6 cores to one VM, 2 cores each to the other 2 |
19 |
VMs) for 3 VMs using 10 cores. That leaves 2 cores to Gentoo to manage |
20 |
the hardware. |
21 |
|
22 |
I do similar things on an 8 core machine, etc. I always reserve 2 CPUs |
23 |
for Gentoo. |
24 |
|
25 |
NOTE: Windows and it's apps are memory hogs so you'll need a LOT more |
26 |
memory than you think to make this work well day in and day out. |
27 |
|
28 |
> Should I setup a specific application firewall between the VM system |
29 |
> and the outside net? A generic security (architectural) approach is of |
30 |
> keen interest to me (reading references?). Windows security for me is |
31 |
> often troublesome; so specific (private?) suggestions are also of keen |
32 |
> interest to me. |
33 |
> |
34 |
|
35 |
Again, probably beyond my abilities to give guidance. I use standard |
36 |
Windows virus & firewall protection inside each VM and hope for the |
37 |
best figuring it's no worse than using Windows on real hardware. |
38 |
|
39 |
As with everything Windows, it's all a crap shoot as far as I can tell. |
40 |
|
41 |
HTH, |
42 |
Mark |