Use Cases
MSL Setup is intended for a variety of scenarios including research, education, and enterprise. Expand each item below to view details.
A common scenario for safely running multiple projects in parallel.
Running multiple projects on the same network can expose project data and systems to each other.
By isolating networks per project, accidental misuse or compromise is contained within the affected project.
Layer-2 isolation networks contained on a single host.
Connecting test VMs directly to a corporate network can expose internal backend systems to risk.
Sharing a broadcast domain may allow tools or misconfigurations (ARP spoofing, DHCP mistakes) to impact unrelated hosts or VMs.
Network isolation is essential when testing authentication and credentials.
Placing domain controllers or vulnerable clients on the same network as production devices can lead to unintended impact.
Incorrect GPO or DNS changes from a test VM connected to the corporate network can cause severe outages.
An isolated environment for safely analyzing suspicious samples.
Analyzed samples may self-propagate or exfiltrate credentials if not properly contained.
Allowing external communication risks unintentionally sending malicious traffic, creating legal and ethical issues.
Training environments that include offensive tooling or intentionally vulnerable systems must be isolated.
Attack tools or vulnerable services on the same LAN can accidentally target unrelated devices.
Exposing intentionally vulnerable VMs to a corporate LAN can result in real-world damage.
Control systems require a “do not stop” priority for safety-critical systems.
Stopping control or production systems can lead to operational accidents rather than simple IT outages.
Test environments must be strictly separated from production to avoid any impact.
Build project-scoped, disposable test environments similar to cloud VPCs.
Environments intended for teardown and rebuild should not share networks with other systems.
Network isolation also simplifies audits and compliance explanations.
Network isolation helps localize problems for public-facing services.
Public servers (game servers, media distribution, etc.) can be compromised; isolation limits the blast radius.
Separating networks makes compliance and forensic explanations simpler.
