This soon to be released VMware Training Course will show you how to follow best practices for secure design, deployment, and operations of a VMware vSphere™ environment. Through lecture, discussion, and hands-on practice, you will gain the knowledge and skills necessary to meet the security and compliance goals of your organization. Because this course is currently beta, there may be changes to the final course.
Objectives
- Identify vulnerabilities in the current design of a vSphere environment and recommend corrective actions
- Harden vSphere components as described in the security hardening guides for vSphere 4
- Use VMware® vShield Zones to provide firewall protection to virtual machines and monitor virtual machine network traffic
- Recommend configuration and change management policies, processes, and systems
Outline
Module 1: Course Introduction
• Introduction to how virtualization affects security and compliance
• Security and compliance resources
Module 2: Security in a Virtual Environment• Review of information security and risk management concepts
• Top vulnerabilities in a virtual environment
• Basic guidelines for securing a virtual environment
• Security tools and technologies
Module 3: Secure Virtual Networking
• Configuring trust zones
• Isolating vSphere network traffic
• Controlling access to the management network
• Hardening virtual network components
• Guidelines for using VLANs and private VLANs
Module 4: Secure Infrastructure Management
• Setting up management clusters
• Working with SSL certificates
• Best practices for implementing an access control model
• Setting up centralized logging
• Hardening vCenter Server and VMware vCenter Update Manager systems
Module 5: Protecting ESX/ESXi Host Systems
• ESX and ESXi security architecture
• Controlling access to storage
• Hardening ESX and ESXi host systems
Module 6: Protecting Virtual Machines
• Hardening virtual machines
• Installing, configuring, and using vShield Zones to provide firewall protection and monitor network traffic
Module 7: Configuration and Change Management
• Configuration and change management goals and guidelines
• Maintaining the proper configuration of vSphere components
• Monitoring logs for security-related events
• Configuration and change management tools and technologies