left_spacer_pic
right_spacer_pic
main header pic

Securing the Cloud with
VMware vSphere


A five-day, hands-on Bootcamp.

This course provides a solid understanding of the various components that make up the vSphere environment. From the virtual CPU to the storage devices attached to your host and everything in and around that network, you will learn about the interconnectivity and design of all those components. You will walk away with a solid understanding of how the adversary infiltrates the virtual environment and most importantly, how you can secure that environment.

Target Audience

This course is designed for System & Security Administrators responsible for the administration and security of VMware ESX/ESXi virtualization environments.

Pre-Requisites

Applicants for this program must have completed at least one of the following courses:

Virtual Infrastructure 3.5 Ultimate Bootcamp

vSphere 4.1 Ultimate Bootcamp

VMware vSphereT 4.1 Advanced Administration

OR have equivalent knowledge of VMware's ESX/ESXi virtualization environment.

Program Content

Module One: Course Introduction and Methodology

Module Two: Penetration Testing 101

What is a Penetration test

Penetration Testing Methodologies

LAB: Information gathering

LAB: Scanning

LAB: Enumeration

LAB: Tools of the trade

Website review

LAB: Hashing, Encryption, and Certificates

Where do we start with vSphere

Module Three:
Primer and Re-affirming our Knowledge

What is Virtualization

ESX vs ESXi

vSphere 4.1 Product Features

LAB: Management Interfaces

LAB: General Administrative Features

LAB: Advanced Administrative Features

Module Four: Security Architecture vCPU, vMemory

Linux Kernal Architecture

LAB: Log Files

Security Architecture

LAB: Security Roles and Permissions

LAB: vCPU

vMemory

Module Five: Routing and the vNetwork

Networking Components

LAB: Physical Switch Configuration

LAB: NIC Teaming

LAB: VLANs

vDS

Network I/O Control

Cisco Nexus 1000v

Network Routing

Module Six: vStorage - Architecture and Security Implementations

LAB: Virtualized Storage

Pluggable Storage Architecture

Storage Control

vSphere API for Array Integration

Fibre Channel

LAB: iSCSI
 

Module Seven: Hardening the Virtual Machines

Harden the Server

Unnecessary Functions

LAB: Using Templates

LAB:VM Isolation

LAB: VM Advanced Settings

ZSetInfo Hazard

LAB: VMCI

LAB: Isolation Tools

VMSafe Settings

                                                                        cont >>>

 

 

Module Eight: Hardening the Host

LAB: Service Console Security

File System Integrity

Encrypted Communication

LAB: DCUI - Direct Console User Interface

LAB: SIM - Common Information Model

LAB: Tech Support Mode

Proxy.xml

ESXi Lockdown mode

Module Nine: Hardening Virtual Center

LAB: Limiting Administrative Access

Limiting Network Connectivity

LAB: Server Certificate Replacement

LAB: Controlling Log Files

Custom Rules

Update Manager

VMware Converter

LAB: Managing the vCenter Clients

LAB: vShield

Module Ten: Virtualizing your DMZ

DMA Virtualization with VMware infrastructure

Three typical virtualized DMA Configurations

LAB: Best Practices for achieving a secure Virtualized DMZ Deployment

Common Attack Vectors

Module Eleven: Third Party Mitigation Tools

Altor Networks

LAB: Catbird's vCompliance

HyTrust

 Reflex Systems VMC

CheckPoint Virtual Appliances

LAB: Trend Micro

TripWire Configuration Management

 Get Certified

On completion of this course, you are eligible to take the Certified Virtualization Security Expert Exam.

Pricing

5-days, 8.00am - 6.00pm each day - $3995 per person

Fees are payable in full, prior to the Course commencement.

For our Schedule , please click here >>

Courses are also available at your location (on-site) should you have 6 or more people requiring the training.

 
For more information and an Application Form, please CONTACT us directly:

contact us  1-888-446-7898    

contact us  Sales@BinaryResearch.net

 

 


footer_left   footer_right
spacer

© copyright 2007-2011 binary research international
spacer