[TriLUG] Running QuickBooks in Virtual Box

Kevin Hunter Kesling hunteke at earlham.edu
Wed Apr 9 09:19:52 EDT 2014


At 8:29am -0400 Wed, 09 Apr 2014, Brian Grawburg wrote:
> I'm considering changing my work system, which is currently WinXP, to
> Debian 7 (to match my laptop at home). I have only one program here
> that is only available for Windows -- Quickbooks. Anyone have any
> thoughts on the advisability of running it in VB?

With the caveat that absolute security is impossible (see Trusting 
Trust; physical access is King; bugs exist; etc.), you can do a pretty 
good job with a simple setup à la:

     1. Set up your VM to be connected through a NAT interface.

       If it's only you accessing QuickBooks locally, and QuickBooks
       only needs to make inet connections to specific "trusted" sites,
       you should be good to go for a time.  You may have to revisit
       this once the stored Root Certificates expire.

     2. Snapshot your VM.

       If something /does/ happen, rolling back to a known "state of
       the guest world" is as simple as (effectively) deleting a file
       on the host system.  VirtualBox and VMWare expose this through
       a simple GUI button and an "Are you sure?" interaction.

       Hell, be paranoid and always revert to the snapshot when you
       are finished.

     3. Save your QuickBooks data to a backed-up location.

       I'm quite fond of the guest-utilities-and-"network"-mapped-
       host-files solution to save data to a host directory.  But
       any solution will do.

       Actually, this item should probably be first in the list.
       There is absolutely no substitute for good, regular, and tested
       backups for mission-critical "stuff".

Having not yet invested the (probably less than 3 minutes) to follow 
Bill's lead in terms Pipelight, this is a very similar to my setup for 
the only Windows application I use: Netflix.  I don't have mission 
critical data in XP, but I visit exactly one site.  So far, I have 
noticed no problems with the installation, having done this since early 
2010, including being (very) lax about installing updates.

> The current network is all WinXP, with one Win7, and we share a
> Western Digital MyBook NAS.

The situation changes considerably if your VM needs non-NAT access to 
the network.  The amount of paranoia to employ is up to you based on the 
specifics of your total environment, but good backups and snapshots may 
still help adapt to any problems you encounter.

Note that depending on how strict your work requirements are, you may 
also appreciate using an RDP-style solution through the virtualization 
solution (_not_ through Windows).  This would enable you to continue 
using NAT, and, assuming port forwarding and local-only RDP access, 
would mitigate all but spear-phishing attempts at access to the machine. 
  (Yes, SSH absolutely rocks.)

Good luck,

Kevin



More information about the TriLUG mailing list