
VMware VI3.5 Bootcamp Training

Virtualization Security

We gladly provide on-site training at your location.

	Course #:	NT458
	Duration:	5 days
Click Here To Request a Custom Quote For Training at Your Site.

Overview

A critical and often overlooked aspect of migrating to a virtualized environment is security and setting up security properly. Like physical machines, virtualization technologies are not secure out of the box and VMware is no exception. The Advanced Virtualization Security course focuses on where the vulnerabilities lie and how to reduce the attack surfaces in the virtualized environment. It goes beyond the typical security protocols administrators use to secure their environments and delves much deeper into the actual workings (and short comings) of the VMware environment.

Students will take a 360 degree look at the potential threats, how to defend and defeat them, and establish a solid foundation to build secure virtual data centers from the ground up. This course was designed from the perspective of how an attacker would get into your Virtual Environment and is taught by a Licensed Penetration Tester with a long history of vulnerability audits with US National Security Teams and audits of many foreign governments.

Learning Objectives

Learn the actual internal workings of how things work inside VMware, and compare them to physical and virtual devices.
Discover how to securely set up port groups and VLANS.
Understand the aspect of securing failover configurations.
Distinguish between Denial of Service Failovers that are either wide open failovers or closed failovers.
Dive deep into the different layers of security and explore features to include how traffic routes between VM's and different hosts, common denominators of Physical and Virtual Environments, and how to make the virtual environment the most secure.
Walk away knowing how to secure a VMware environment in a DMZ and how to protect yourself from the common vulnerabilities of VMware attack surfaces from the eyes of an attacker.
Receive in-depth, comprehensive information about all aspects of hardening your ESX environment.
Demonstrate proficiency in class by working on a state-of-the-art data center and erforming hands-on labs which reinforce learning objectives.

Prerequisites

VMware Installation/Administration training or equivalent. In lieu of the hands-on classroom training, an in-depth knowledge of VMware�s ESX virtualization environment is required.

Outline

Section A - Primer and reaffirming our knowledge Virtual Networking Concepts for ESX Administrators

ESX Networking Components
How Virtual Ethernet Adapters actually work
How Virtual Switches work
- Similiarities & Differences of VSwitches & Physical Switches
- Spanning Tree Protocol
- VSwitch Isolation
- Virtual Ports, Uplink Ports, PortGroups
- Virtual Switch Correctness

VLANs in VMware Infrastructure

NIC Teaming

Load Balancing and Fail Over Configuration

Layer 2 Security Features

Managing the Virual Network

Section B - Roll up your sleeves to more in-depth knowledge of how VMWare Operates and how to secure it.

How Traffic Routes between VM's on an ESX Host

Different vSwitches, same port group and VLAN
Same vSwitch, different port group and VLAN
Same vSwitch, same port group and VLAN - (HOL)

Security Design of VMWare Architecture

VMware Infrastructure Architecture and Security
Virtualization Layer (CPU & Memory Virtualization)
Virtual Machines - (HOL)
Service Console
- Physical Console
  - Remote Access Devices - DRAC
    - SSH Security, sudo - (HOL)
Virtual Networking Layer, Switches, and Switch LANs

Appendix A. Learning Resources

System Requirements
Hardware – minimal:	N/A
Hardware – recommended:	N/A
Operating system:	N/A
Software:	N/A