Keep your work and personal software separated. If you don’t need it to do your job, don’t install it on your work machine. If you don’t need to access a site for work, don’t access it on your work machine.

At the end of the day, it’s not your computer and you shouldn’t treat it like it is.

Consider it non-secure for personal stuff. Consider the possibility of full monitoring. They may not see the contents of encrypted traffic from the VM, sure, but there’s still a possibility of keylogging and even screen monitoring, possibly something else.

To answer your question, the guest OS should reject the security software’s certificates, should it attempt MITM. Otherwise there wouldn’t be much of a reason to use HTTPS over plain HTTP.
It can still do blocking I guess.

Secondly, it’s a work device, and that software is there for a reason. Trying to get around it may have different results. Your employer might not care much, or they could assume something malicious on your side, and fired you are.
So don’t use it past work-related use cases, don’t borrow it to kids nor anyone else. That bit of hardware is most likely not worth the risk.

IT Guy here - we have been ordered by management to operate a computer system to setup and maintain a usable and secure computer environment for the work the management needs to be done.

To do this, your IT team and selected Windows 11 as the plattform, this is due go several factors.

1. Compabillity - Windows is the de-facto standard, if you want to do buisniss with other companies, Windows is a safe bet.
2. Familiarity - Windows is the de-facto standard, people know how to use it with little training.
3. Managabillity - Windows has excellent tools for central management, so IT policies can easily be implmented centrally.

With your Linux VM you will introduce new security holes, remove central management and throw familiarity out the window.

In any sane company, and unauthorized VM would at minimum be grounds for immediate termination.

If you want to do a proof of concept for your idea, you need management buy in, speak with the CTO and ask about migrating your proccesses to Linux ant do it above board.

I don’t know for sure, but I don’t think they’d be able to read https traffic. That would be encrypted on the vm itself before being sent to the host, so the host couldn’t see it.

If they’re scanning your system remotely for unapproved software, I imagine they won’t let you use a vm at all, since it kinda breaks that requirement.

I’ve faced this decision.

As long as the stuff I’m doing on the Linux VM is legitimate work, I find that no one cares.

Every so often someone asks questions about how the underlying concerns are being addressed - most critically backups.

As long as I have reasonable answers, or I express willingness to collaborate on solutions, it tends to work out.

That said, I’m a manager of software development, so I receive a lot of leeway to tell people what tools I need.