This three day course with 60% lecture and 40% lab exercises shows you how to follow best practices for secure design, deployment, and operation of a VMware vSphere™ environment. Through lecture, discussion, and hands-on practice, you will gain the knowledge and skills necessary to meet the security and compliance goals of your organization.
Course Outline
Module 1: Course Introduction
• Introductions and course logistics
• Online resources for security and compliance
Module 2: Security in a Virtual Environment
• Review of information security and risk management concepts
• How virtualization affects security and compliance
• Top vulnerabilities in a virtual environment
• Basic guidelines for securing a virtual environment
• Security tools and technologies
Module 3: Secure Virtual Networking
• vNetwork security architecture
• Network segmentation and traffic isolation
• Secure virtual network configuration
• Traffic isolation with private VLANs
Module 4: Protecting the Management Environment
• vCenter Server authentication, authorization, and accountingWorking with SSL certificates
• Hardening the vCenter Server system
Module 5: Protecting VMware ESX/ESXi Host Systems
• ESX and ESXi security architecture
• Controlling access to storage
• Hardening ESX and ESXi hosts.
Module 6: Hardening Virtual Machines
• Virtual machine security architecture
• Configuring security parameters
Module 7: Configuration and Change Management
• Configuration and change management goals and guidelines
• Maintaining the proper configuration of vSphere components
• Monitoring logs for security-related events
• Configuration and change management tools and technologie