What Is A Sandbox?
A sandbox, in the physical world, is an environment that you have control over. For example, the sandbox may have a raised border to keep the sand separate from surrounding dirt. You may choose to cover, to keep out the weather, and wildlife. It's placement was probably also a consideration, placed in a more secure location, verse next to a busy roadway. You can keep your shovel, bucket, and any other tools, close at hand. All else fails, the sand could be dumped out, and new sand can be brought in as replacement.
Like it's namesake in the physical world a sandbox virtual machine is also a controlled environment. It's borders, it's access to the network, and other devices can be partitioned off, kept separate. The tools you need are already installed, and kept available for use, regardless if isolated from the network. Best of all, if all else fails, you can restart the virtual machine in a known good configuration, or saved point in time.
Why Use A Sandbox?
Why use a separate virtual environment as a sandbox? Your laptop is backed up and updated. You could restore it, or even reinstall if needed. The answer is for security and ease of use. You can have your normal working environment, daily tools and data, but a separate environment, the sandboxes virtual machine, to do riskier task. Such as, browse risky sites, open attachments without the concern the ransomeware may encrypt your files, and you need to spend the next few hours figuring out what needs restored, and if there is additional infection needing to be cleaned up
The first thing needed, is to install a hypervisor handle the virtualization. Which we have already done in my post Installing VMware Workstation 14 Pro on Windows 10.
Second, we need to create the virtual machine, and install the guest OS. In this example, I am installing Windows 10, install the needed vm tools, install updates for the OS and install applications, and make any necessary configurations, tweaks, and changes to setting you prefer.
The third step in the process, enables us the ability to control the roll back any changes to the environment. Once everything is installed, updated, and configured to your liking, a snapshot is taken of the virtual machine, which is a point in time save of the Environment that the virtual machine is reverted to any time it's rebooted. Upon revert to this saved snapshot, you know the virtual machine is back to a particular working state, not infected, or compromised by anything that may have been done, or executed
Periodically updates for both, the operating system and any applications will be needed, or you may elect to install another tool. At this point, the only thing needed to be done, is revert to the most recent snapshot, and proceed to install, or update as needed. When complete, take another snapshot, and make sure the setting to revert on reboot, is select to the most recent snapshot taken, after making the changes.
Create The Sandbox
I have created a video that may be used to follow along, while we create a Windows 10 VM, install the OS, a couple of common tools, and updates. After everything is configured, how to take a snapshot is shown, and how to configure the VM to revert to a particular snapshot on reboot.
I hope you follow along, and start using the sandbox when doing risky tasks. Have fun!