InfoSec Workstation Build

Hey everyone,

I’m currently in the market to build a new workstation. i dunno what route to go down and looking for some input.
Information Security workstation as i am currently working through some certifications for work.

i have been looking at the new AMD stuff and looks tempting but worried about compatibility and stability. I have thought about going down the ebay Xeon route. Also not looking to do any overclocking , looking for a stable and quite build. I am mainly trying to work out if a Ryzen 1700 would be enough with 32 to 64GB ram or do i splash out on threadripper. Budget is open but i’m not going to spend loads on kit if i don’t need it. (Significant Other Acceptance Factor)
Not really going to be hardcore gaming on it, so i was thinking like a RX460 or something to drive the monitors and maybe do some password cracking with OpenCL or GTX1050 and CUDA.
I am also looking to move over my ATX Case,750Watt PSU , 256GB SSD and Monitors across which are 27inch BenQ and old 19inch lcd which i have in portrait.
I have planned to pick up some more SSD’s for VM storage and backup to NAS if needed.
Hyper Visor wise i am open to suggestions but I have the opportunity to get VMware Workstation pro through work. (which does help as places like SANS deliver VM’s as VMWare builds)

Host will probably be linux (fedora 26) unless good reason to use something else.

In the VM i am looking to build an “Mini enterprise network” to attack and learn both offensive and defensive stuff

so something like this to start

Basic VM isolation with pfSense, using three interfaces:

“Internet” (NAT with port forward set up for DMZ VMs)
DMZ ( / vmnet1 / Host-Only network)
Internal ( / vmnet2 / Host-Only network)

So no more then 5-10 VM’s not all running at the same time and mostly Idling presenting an target.

Then i might also have a couple of VM’s spun up as i feel like it to try something new i.e programming , trying new distro’s or playing about with compiling linux kernels.

I think that’s it , sorry for rambling on a bit .


Considering price point and what you want to do with it then makes more sense being that it has more cores for the same money. Unless you’re looking at some used xeons like a dual processor setup you can’t beat ryzen in the new market, $/core.


thanks for getting back to me

I have found this which is £886

or so far on a ryzen 1700 build im looking at over £1000 , but struggling with RAM and motherboard choice. i am looking at the gigabyte stuff as per wendell’s recommendation, but the RAM speed and compatibility , i dont really know what the most upto date information on that is. spend 4hrs last night going through loads of different sources.

Are you looking to have this as a primary workstation or a lab server? I thought it was a lab server but you said not hardcore gaming so I wasn’t sure.

I’ve used Dell Tower servers (T410 and T430) for InfoSec labs, as well as my own primary desktop. The servers were Hyper-V or ESXi that had a setup similar to the HP Z620: Two Xeon processors, 64GB of RAM, 6TB of storage. It was perfect for that. I set up pfSense to forward RDP and ssh sessions into the VMs that I wanted to play with. I had Domain Controllers, File servers, Snort monitoring, other reporting services, and some “role based” workstations. HR, Accounting, and ProjectMgmt were Windows 7 and 10, Research and Development were Debian.

Fedora is a good host if you’re using KVM or Virtualbox. I prefer VMware Workstation when I’m on my primary desktop, but Fedora struggles with that in some respects. It might not be worth the hassle of getting it up and running.

You don’t need the greatest workstation or some big, beastly box. You can get by on 16GB of RAM. Hell, I had one guy I worked with that had a GNS3 lab with several VMs on his laptop with only 8GB of RAM.

primary workstation. I have just thrown Fedora 26 and Vmware player 14.0 onto a laptop and it seem to get up and running ok took me 10mins of additional terminal fun!

i have now put together a ryzen 1700 system with 32gb ram should keep me going for a good couple of years. Im guessing as im not gaming i would need to worry about all the iommu issues that are going on with the amd platform just now?

Most of infosec type work doesn’t require a fast machine. Lot of it is just learning and reading and keeping up with what’s going on, lots of tools are just scripts.

But you will need ram for VMs.

Once in a blue moon you may need to run a build, or run a fuzzer, lots of ram helps for builds (cache), fuzzers like afl are coverage guided - don’t need a lot of CPU for those typically.

In terms of performance for building and fuzzing and that kind of stuff, you care about the frequency and amount of cache more than you care about cache latency and locking interthread performance, it’s basically a server suitable type of workload.