Home    |    Instructor-led Training    |    Online Training     
         
 
Courses
ADA
Adobe
Agile
AJAX
Android
Apache
AutoCAD
Big Data
BlockChain
Business Analysis
Business Intelligence
Business Objects
Business Skills
C/C++/Go programming
Cisco
Citrix
Cloud Computing
COBOL
Cognos
ColdFusion
COM/COM+
CompTIA
CORBA
CRM
Crystal Reports
Data Science
Datawarehousing
DB2
Desktop Application Software
DevOps
DNS
Embedded Systems
Google Web Toolkit (GWT)
IPhone
ITIL
Java
JBoss
LDAP
Leadership Development
Lotus
Machine learning/AI
Macintosh
Mainframe programming
Mobile
MultiMedia and design
.NET
NetApp
Networking
New Manager Development
Object oriented analysis and design
OpenVMS
Oracle
Oracle VM
Perl
PHP
PostgreSQL
PowerBuilder
Professional Soft Skills Workshops
Project Management
Python
Rational
Ruby
Sales Performance
SAP
SAS
Security
SharePoint
SOA
Software quality and tools
SQL Server
Sybase
Symantec
Telecommunications
Teradata
Tivoli
Tomcat
Unix/Linux/Solaris/AIX/
HP-UX
Unisys Mainframe
Visual Basic
Visual Foxpro
VMware
Web Development
WebLogic
WebSphere
Websphere MQ (MQSeries)
Windows programming
XML
XML Web Services
Other
Virtualization and Private Cloud Security
Overview

We are well aware that virtualization has been widely implemented, however, there are questions regarding adequate considerations for security threats, known or perceived. It appears that many organizations rest on superior security at the physical layer for a secure virtual layer. This is due in part to an organization that is not aware of the risks associated specifically with the virtual layer or individuals that lack the knowledge to implement adequate security measures. This course changes everything.

This course covers all known and many perceived risks, demonstrates how to hack some of those risks and covers the best hardening practices known today. It covers many technologies related to the VMware vCloud Suite so that you know what you can and cannot do with the software as well as what needs to be added to your security posture to ensure a secure private cloud!

Technology:

vCloud Suite 5.5, vSphere 5.5, vCAC 5.5, vCOps 5.5, vCloud Networking and Security 5.5. All previous 5.x versions discussed.

Prerequisites

Network+ Certification or Equivalent Knowledge, Two Years’ Experience with Microsoft or Linux Servers, Basic Virtualization/Cloud Knowledge

Audience

Security Administrators and Engineers, Pen Testers, Virtualization/Cloud Administrators, and Engineers, System Engineers and Administrators

Course duration

5 days

Why Attend this Course

  • Learn the latest technologies used to secure the vSphere and Private Cloud Infrastructure.
  • The risks to a virtual datacenter are higher than most organizations realize, be prepared to mitigate those risks.
  • Become a leader in the industry by staying on top of the security issues related to the private cloud.
  • We cover the best third party solutions related to virtualization and the private cloud.
  • This course will teach you how to test some of these known risks.
  • Our team of developers have worked in the security field for many years, they pioneered today’s designs for a secure virtual infrastructure and wrote the first course on virtual security, they have tried and true best practices throughout this course.
  • Take the VM’s home with you for additional work after class!
  • 50% of your time will be hands on.
Course outline

Chapter 1 – Course Introduction

Chapter 2 – Virtualization and Cloud Overview
    1. Overview of Virtualization
    2. Overview of Cloud Technologies
    3. Design
      a. Functional Requirements
      b. Security Implications
      c. Examples
Chapter 3 – Developing a vSphere Private Cloud Security Posture
    1. CIA Triad
    2. Threat Modeling
    3. Emerging Threats
      a. External Threats
      b. Internal Threats
    4. Seven Step Approach to a Desired Security Posture
    5. Control Architecture
    6. Deep Dive into vSphere Risks
      a. Virtual Machine Risks
      b. ESXi Hosts Risks
      c. vNetwork Risks
      d. vCenter Risks
      e. vStorage Risks
      f. vCloud – Related to Private Cloud Risks
Chapter 4 – vSphere Native Controls
    1. ESXi Secure Architecture/ul>
      a. vCPU
      b. vMemory
    2. Virtual Machines Secure Architecture
      a. Virtual Machine Hardware
      b. Virtual Machine Files
      c. vCenter Features
        i. vMemory Management
        ii. vCPU Management
        iii. Clones and Templates
        iv. Roles and Permissions
    3. Host and Cluster Native Controls
      a. VMKernel Preventative Controls
      b. vSphere 5.x Preventative Controls
      c. ESXi File Systems Structure
      d. Logging
      e. Lock Down Mode
      f. SSH Access
      g. ESXi Firewall
    4. vCloud Networking and Security
      a. Edge
      b. App Firewall
      c. VXLAN
      d. Data Security
      e. vCloud Ecosystem Framework
    5. vCenter Native Controls
      a. Single Sign-On
      b. High Availability
      c. Distributed Resource Scheduler
      d. vSphere Data Protection
      e. vSphere Replication
      f. Disaster Recovery Options
Chapter 5 – vNetwork Native Controls
    1. vSwitch Native Controls
    2. DvSwitch Native Controls
    3. How traffic routes
    4. Forged Packets
    5. VLANs
    6. PVLANs
    7. App Firewall
Chapter 6 – vStorage Security
    1. Understanding Storage within the Virtual Architecture
    2. Native Controls
      a. Storage Capabilities based on Versions
      b. Storage I/O Control
      c. vSphere Storage API’s
      d. All Paths Down and Permanent Device Loss
      e. Storage Profiles, Clusters and DRS
    3. Fiber Channel Security
    4. iSCSI Security
    5. NAS Security
Chapter 7 – Third Party Mitigation Solutions
    1. Catbird
    2. Cisco Adaptive Security Virtual Appliance
    3. Firefly Host – Juniper Networks Product
    4. HyTrust
    5. Sophos Endpoint Antivirus – Cloud
    6. Reflex VMC
    7. TrendMicro Deep Security
    8. WatchGuard
Chapter 8 – Assessing and Remediating
    1. Assessment Program Objectives
    2. Assessment Program Scope
    3. Prerequisites and Reliance
    4. Assessment Skills Requirement
Chapter 9 – Hardening the Virtual Machines
    1. The Basics
    2. Making best use of Templates
    3. Isolating the VM
    4. Managing Resources
    5. Advanced Settings
    6. Preventing Known Risks
    7. Auditing the VM
    8. Endpoint Security
Chapter 10 – Hardening the Host
    1. The Basics
    2. Managing Users
    3. DCUI Management
    4. Managing Access to Host
    5. Firewall Best Practices
    6. Advanced Settings
    7. vNetwork Hardening
    8. vStorage Hardening
    9. Managing Certificates
Chapter 11 – Hardening vCenter
    1. The Basics
    2. Controlling Access
    3. Managing Plug-Ins
      a. Converter
      b. Update Manager
      c. vCLI
      d. And Others
    4. Managing Certificates
    5. vCert Manager
    6. Using the App Firewall
Appendix – Additional Products only covered in extended hour’s delivery (Bootcamp Format)
    1. vCloud Native Controls
      a. How vCloud functions with vSphere
      b. Roles and Permissions
      c. Tenant and Landlord Controls
      d. vNetwork Controls
      e. vStorage Controls
      f. vApp Controls
    2. Compliance and vCenter Configuration Manager
      a. Overview of Compliance
      b. How Configuration Manager Helps
      c. Key components
      d. Free Compliance Checking Tools
    3. Additional vCloud Networking Deep Dive
      a. Edge
      b. VXLAN
      c. Data Security

Please contact your training representative for more details on having this course delivered onsite or online

Training Outlines - the one stop shopping center for IT training.
© Training Outlines All rights reserved