Hacking Uncovered - VMware® Training
| Aanbieder | Twice IT Training |
| Kosten | €4.500,00 |
Overzicht
Virtualization is big, exciting, and a game-changing solution for your datacenter. But the down and dirty secret is that most all virtualization deployments are not secure. It is NOT that VMWare is insecure, it is very secure! It is simply not secure out of the box. Don't find out about this simple fact the hard way from a hacker. You will never get this class from VMWare themselves. This class will show you things that VMWare would rather be kept secret! Who better to show you how to protect your computer system than the person who breaks into them for a living? Students will take a 360 degree look at the potential threats, how to defend and defeat them, and establish a solid foundation to build secure virtual data centers from the ground up. o Learn the actual internal workings of VMware, and compare them to physical and virtual devices. o Discover how to securely set up port groups and VLANS. o Understand the aspect of securing failover configurations o Distinguish between Denial of Service Failovers that wide open failovers and closed failovers. o Dive deep into the different layers of security and explore features to include how traffic routes between VM’s and different hosts, common denominators of Physical and Virtual Environments, and how to make the virtual environment the most secure. o Walk away knowing how to secure a VMware environment in a DMZ and how to protect yourself from the common vulnerabilities of VMware attack surfaces from the eyes of an attacker. o Receive in depth information on how to harden you ESX environment, and comprehensively understand all aspects of how to do that. o Demonstrate their proficiency in class working on a state-of-the-art data center and performing hands-on labs to reinforce the learning objectives. o Course developed and taught by a Licensed Penetration Tester who has a long history of vulnerability audits with US National Security Teams and audits of many foreign governments. o Designed and taught from the perspective of how an attacker would get into your Virtual Environment from an attacker who has done JUST THAT!
Volledige omschrijving
Bestemd voor
Security Administrators, CIO, CSO, CTO, Network Administrators, Server Administrators.Benodigde kennis
Virtual Infrastructure 3.5 Ultimate Bootcamp® or equivalent. In lieu of hands-on classroom training, an in-depth knowledge of VMware’s ESX virtualization environment is required. InschrijvenBeschrijving
Section A: Primer and reaffirming our knowledge Virtual Networking Concepts for the ESX Administrator o ESX Networking Components o How Virtual Ethernet Adapters actually work o How Virtual Switches work o How a VSwitch is Similar to a Physical Switch - How a VSwitch is different from a Physical Switch - Spanning Tree Protocol -- Not Needed? - VSwitch Isolation - Virtual Ports - Uplink Ports - PortGroups - Virtual Switch Correctness VLANs in VMware Infrastructure NIC Teaming o Load Balancing o Fail Over Configurations Layer 2 Security Features Managing the Virtual Network Section B: Roll up your sleeves to more in-depth knowledge of how VMWare Operates and How to secure it How Traffic Routes between VM's on an ESX Host o Different vSwitches, same port group and VLAN o Same vSwitch, different port group and VLAN o Same vSwitch, same port group and VLAN - (HOL) Security Design of VMWare Architecture o VMware Infrastructure Architecture and Security Features o Virtualization Layer - CPU Virtualization - Memory Virtualization o Virtual Machines - (HOL) o Service Console - Physical Console - Remote Access Devices - DRAC - SSH Security - sudo - (HOL) o Virtual Networking Layer - Virtual Switches - Virtual Switch LANs - Virtual Ports - Virtual Network Adapters - Virtual Switch Isolation - Virtual Switch Correctness o Virtualized Storage - SAN Security - iSCSI Security o VMware Virtual Center VMWare in a DMZ o Virtualized DMZ Networks o Three Typical Virtualized DMZ Configurations o Partially Collapsed DMZ with Separate Physical Trust Zones o Partially Collapsed DMZ with Virtual Separation of Trust Zones o Fully Collapsed DMZ o Best Practices for Achieving a Secure Virtualized DMZ Deployment o Harden and Isolate the Service Console o Clearly Label Networks for each Zone within the DMZ o Set Layer 2 Security Options on Virtual Switches o Enforce Separation of Duties o Use ESX Resource Management Capabilities o Regularly Audit Virtualized DMZ Configuration Hardening your ESX Server o Scanning your ESX Server for Vulnerabilities - (HOL) Tripwire Config Checker o Hardening Virtual Machines - (HOL) o Hardening Virtual Machine Files and Settings - (HOL) o Configuring the Service Console in ESX 3.5 - (HOL) o Configuring Host-level Management in ESXi 3.5 - (HOL) o Configuring the ESX/ESXi Host - (HOL) o Virtual Center o Virtual Center Add on Components o Client Components Logs that should be audited o Tools to audit logs o Viewing Log files - (HOL) o Auditing ESXi ESX and X.500 Directory Integration o AD o LDAP Certificates o Certificate Use in the ESX Environment o Install a trusted certificate - (Hands On Lab)