Learn: in:
» back to Search Results

Course rating of 0 Vendor rating of 4


This course goes beyond the typical security protocols administrators use to secure their environments & delves much deeper into the actual working (& shortcomings) of the VMware environment. Students will take a 360 degree look at the potential threats


 
Course Outline

A critical and often overlooked aspect of migrating to a virtualized environment is security and setting up security properly. Like physical machines, virtualization technologies are not secure “out of the box” and VMware is no exception. The Advanced VMware Security course focuses on “where the vulnerabilities lie” and how to reduce the attack surfaces in the virtualized environment.

This course goes beyond the typical security protocols administrators use to secure their environments and delves much deeper into the actual working (and shortcomings) of the VMware environment. Students will take a 360 degree look at the potential threats, how to defend and defeat them, and establish a solid foundation to build secure virtual data centers from the ground up.

Course Summary

  • Learn the actual internal workings of VMware, and compare them to physical and virtual devices
  • Discover how to securely set up port groups and VLANSUnderstand the aspect of securing failover configurations
  • Distinguish between Denial of Service Failovers that wide open failovers and closed failovers
  • Dive deep into the different layers of security and explore features to include how traffic routes between VM’s and different hosts, common denominators of
  • Physical and Virtual Environments, and how to make the virtual environment the most secure
  • Walk away knowing how to secure a VMware environment in a DMZ and how to protect yourself from the common vulnerabilities of VMware attack surfaces from the eyes of an attacker
  • Receive in depth information on how to harden you ESX environment, and comprehensively understand all aspects of how to do that
  • Demonstrate their proficiency in class working on a state-of-the-art data center and performing hands-on labs to reinforce the learning objectives
  • Course developed and taught by a Licensed Penetration Tester who has a long history of vulnerability audits with US National Security Teams and audits of many foreign governments
  • Designed and taught from the perspective of how an attacker would get into your Virtual Environment from an attacker who has done JUST THAT!

Who Should Attend

System Administrators and Security Administrators using virtualization software.

Chapter 1 - Primer and Reaffirming Our Knowledge

ESX Networking Components
Virtual Ethernet Adapters and How they Work
Virtual Switches and How They Work
VMsafe
Virtual Switch vis-à-vis Physical Switch
Why the Spanning Tree Protocol is Superfluous
What are Virtual Ports and Why Should We Be Concerned?
VMWare So-Called “Uplink Ports” and Their Interaction with the Physical Equivalent
Concept of Port Groups - They are Out of This (Physical) World!
Virtual Switch Correctness
VLANs in VMWare Infrastructure
NIC Teaming
Load Balancing
Failover Configurations
Layer Security Features
Managing the Virtual Network with“vCenter”
Cryptography and Certificates
Symmetric vs. Asymmetric Encryption
Hashing
Digital Signatures
Breaking SSL Traffic to and from the VIC
UNIX File System Structure
Kernel
Processes
When Do the Processes Start?
Starting and Stopping Processes
Interacting with Processes
Account and Groups
Password and Shadow File Formats
Linux and UNIX Permissions
Set UID Programs
Logs and Auditing

Chapter 2 - Routing and the Security Design of VMware

Security of Routing Data
How traffic is routed between Virtual Machines on ESX hosts
Different vSwitches, same port group and VLAN
Same vSwitch, different port group and VLAN
Same vSwitch, same port group and VLAN
Security Design of the “The VMware Infrastructure Architecture”
VMware Infrastructure Architecture and Security Features
Virtualization Layer
CPU Virtualization
Buffer overflow
Memory Virtualization
Virtual Machines
Service Console
Virtual Networking Layer
Virtual Switches
Virtual Switch LANs
Virtual Ports
Virtual Network Adapters
Virtual Switch Isolation
Virtual Switch Correctness
Virtualized Storage
SAN Security
VMware Virtual Center

Chapter 3 - Remote DataStore Security

Fiber Channel Architecture
Mask and Zone SAN Resources
LUN Masking
SAN Zoning
Port Zoning
Hard and Soft Zoning
WWN Zoning
FCAP, FCPAP
DH-CHAP
Switch Link Fiber Channel – Security Protocol
ESP over Fiber Channel
Attacking Fiber Channel
Securing Fiber Channel
iSCSI vs Fiber Channel
iSCSI Architecture
iSCSI Security Features
Securing iSCSI SANs

Chapter 4 - Penetration Testing 101

What is a Penetration Test?
Benefits of a Penetration Test
What is the Cost of a Hack?
Current Issues
Malware/Virus
Active Zombies
Active Botnets
Identity Theft
Social Engineering, Exploits and Chained Exploits
Chained Exploit Example
The Evolving Threat
Pen Testing Methodology
Types of Pen Tests
Website Review
Common Management Errors
It’s Not Just About the Tools!

Chapter 5 - Information Gathering, Scanning and Enumeration

What Information Does the Hacker Gather?
Methods of Obtaining Information
Footprinting Defined
Maltego
Firefox Add-Ons
Google Hacking
Introduction to Port Scanning
Port Scanning Tools
NMAP
TCP Connect Port Scan
Half-Open Scan
Firewalled Ports
Service Version Detection
Additional NMAP Scans
UDP Scans
Enumeration Overview
Web Server Banner Grabbing
Telnet
SuperScan
SMTP Server Banner
DNS Enumeration
Zone Transfers
Backtrack Tools
Active Directory Enumeration
LDAPminer
Null Sessions
Enumeration with Cain and Abel
NAT Dictionary Attack Tool
THC-Hydra
Cool Stuff with Cain

Chapter 6 - Penetration Testing and the Tools of the Trade

Vulnerabilities in Network Services
Vulnerability Assessment Scanners
Nessus
Saint
Windows Password Cracking
Syskey Encryption
Cracking Techniques
Cryptanalysis
Disabling Auditing
Clearing the Event Log
Alternate Data Streams
Stream Explorer
Encrypted Tunnels
Port Monitoring Software
Rootkits
Metasploit
Fuzzers
SaintExploit and Core Impact
Penetration Testing Tool Comparison
Wireshark
ARP Cache Poisoning
Cain and Abel
Ettercap
 
Chapter 7 -DMZ Virtualization and Common Attack Vectors

Virtualized DMZ Networks
Typical Virtualized DMZ
Three Typical Virtualized DMZ Configurations
Partially Collapsed DMZ with Separate Physical Trust Zones
Partially Collapsed DMZ with Virtual Separation of Trust Zones
Fully Collapsed DMZ
Best Practices for Achieving a Secure Virtualized DMZ Deployment
Harden and Isolate the Service Console
Clearly Label Networks for each Zone within the DMZ
Set Layer Security Options on Virtual Switches
Enforce Separation of Duties
Use ESX Resource Management Capabilities
Regularly Audit Virtualized DMZ Configuration
How we understand Fake Certificate Injection to work
Generic TLS renegotiation prefix injection vulnerability
Abuses of Renegotiation
• Summary – By Protocol
• Summary – By Application
Renegotiation Solutions
Testing for a renegotiation vulnerability
Renegotiation Vulnerability requirements
Renegotiation Example
Patched server with disabled renegotiation
GuestStealer

Chapter 8 - Hardening Your ESX Server

Hardening Your ESX Server
ESX Best Practices
Virtual Machines
Secure Virtual Machines as You Would Secure Physical Machines
Disable Unnecessary or Superfluous Functions
Take Advantage of Templates
Prevent Virtual Machines from Taking Over Resources
Isolate Virtual Machine Networks
VM Segmentation
Minimize Use of the VI Console
Virtual Machine Files and Settings
Disable Copy and Paste Operations Between the Guest Operating System and Remote Console
Limit Data Flow From the Virtual Machine to the Datastore
SetInfo Hazard
Do Not Use Nonpersistent Disks
Ensure Unauthorized Devices are Not Connected
Prevent Unauthorized Removal or Connection of Devices
Avoid Denial of Service Caused by Virtual Disk Modification Operations
Specify the Guest Operating System Correctly
Verify Proper File Permissions for Virtual Machine Files
Configuring the Service Console in ESX
Configure the Firewall for Maximum Security
Limit the Software and Services Running in the Service Console
Use VI Client and vCenter to Administer the Hosts Instead of Service Console
Use a Directory Service for Authentication
Strictly Control Root Privileges
Control Access to Privileged Capabilities
Establish a Password Policy for Local User Accounts
ESX/Linux User Authentication
Configuring ESX Authentication
ESX Authentication Settings
Do Not Manage the Service Console as if It Were a Linux Host
Maintain Proper Logging
ESX Log File Locations
ESX Log Files
Establish and Maintain File System Integrity
Secure the SNMP Configuration
Protect against the Root File System Filling Up
Disable Automatic Mounting of USB Devices
Configuring the ESX/ESXi Host
Isolate the Infrastructure-Related Networks
Configure Encryption for Communication between Clients and ESX/ESXi
Label Virtual Networks Clearly
Do Not Create a Default Port Group
Do Not Use Promiscuous Mode on Network Interfaces
Protect against MAC Address Spoofing
Secure the ESX/ESXi Host Console
Mask and Zone SAN Resources Appropriately
Secure iSCSI Devices Through Authentication

Chapter 9 - Hardening your ESXi Server

Best Practices ESXi
Configuring Host-Level Management in ESXi
Strictly Control Root Privileges
Control Access to Privileged Capabilities
Maintain Proper Logging
Establish and Maintain Configuration File Integrity
Secure the SNMP Configuration
Ensure Secure Access to CIM
Audit or Disable Technical Support Mode

Chapter 10 - Hardening your vCenter Server

vCenter
Set Up the Windows Host for vCenter with Proper Security
Limit Administrative Access
Limit Network Connectivity to vCenter
Use Proper Security Measures when Configuring the Database for vCenter
Enable Full and Secure Use of Certificate-Based Encryption
vCenter Server Certificates Replacement
Pre-Installation, During Installation, Post-Installation
vCenter Log Files and Rotation
Collecting vCenter Log Files
Use vCenter Custom Roles
Document and Monitor Changes to the Configuration
vCenter Add-on Components
VMware Update Manager
VMware Converter Enterprise
VMware Guided Consolidation
General Considerations
Client Components
Restrict the Use of Linux-Based Clients
Verify the Integrity of VI Client
Monitor the Usage of VI Client Instances
Avoid the Use of Plain-Text Passwords
vShield Zones
vShield VM Flow Features

Chapter 11 - 3rd Party Migration Tools

3rd Party Products
Virtualization: Greater Flexibility, Diminished Control
Altor
Catbird * Authors Pick
HyTrust * Authors Pick
Reflex
Trend Micro
Tripwire
Catbird In-Depth Look *Authors Pick
Understanding Compliance Scope
HyTrust – In-Depth Look * Authors Pick
Key Capabilities
What’s Missing?
Making Sense of It All


Prerequisites & Certificates
Pre-Requisites

- Course VMW01 VMware vSphere 4.1 Ultimate Boot Camp or equivalents knowledge and experience

Certificates offered

Certificate of completion


Cancellation Policy
10 business day cancellation policy. if the course is confirmed and the student cancels within 10 days of the course, then they get charged and apply a credit for future courses. If they cancel outside of 10 business days, then there are no charges at all.
Map & Reviews
CTE Solutions
[ View Provider's Profile ]

Reviews
 

This course has not yet been rated by one of our members.

If you have taken a course through this vendor please log into your account and leave feedback for this vendor. You will be helping ensure our members get directed to the best training facilities.

Here are some reviews of the training vendor.
I realize that we are constantly dealing with technology, but I still think for a registration fee of almost $3,000, that a hardcover book should be included. I know that the option to print the book on a one-time basis exists.
Reviewed by 2016
no
Reviewed by 2016
The instructor was very knowledgeable and answered all questions. Jarod did an excellent job presenting.
Reviewed by 2015
The room was cold. I had to sit next to the space heater. It would be good to tell future patrons to dress warmly AHEAD of time. No suprises.
Reviewed by 2015
He was great and offered his contact info for further questions.
Reviewed by 2015
Howard was a fantastic instructor and the course was exactly what I required.
Reviewed by 2014
The trainer was excellent - the course exceeded my expectations.
Reviewed by 2014
This course provides an excellent overview and a bit of practice on the various functions of SharePoint 2013. I was disappointed at the number of exceedingly long breaks given after each module. I would have preferred less break time and more content to the course. Having never taken a SharePoint course with another provider, I don't know if this is the norm with all providers of just this one in particular.
Reviewed by 2014
I ranked the "Use of Technology" low because for Users who were remote the VM's that were setup were a little wonky. Could be very slow at times and then sometimes they needed to be refreshed to work properly with the lab. In some instances we couldn't follow along as replication would not occur fast enough and we would have our lab cut short (for us remote Users).
Reviewed by 2014
The instructor was good at remembering to acknowledge the online students even though he was facing a classroom of students also.
Reviewed by 2014
Insructor was not so good with the live examples. Also the handouts was not so useful
Reviewed by 2013
The trainer was excellent, very knowledgeable and had a lot of valuable experience to share. The problem was that there were way too many workshops that took too long and interfered with getting the maximum benefit from the instructor and the course.
Reviewed by 2013
This was quite informative. It was a great opportunity to have ‘real life’ discussions with certified PMs. The instructor had excellent examples and was able to share his PM experiences with us with concrete examples. In addition, this was a great opportunity to network with private sector/public sector PMs and develop a better appreciation of PM on both sides of the fence. Cheers, CL
Reviewed by 2013
no
Reviewed by 2013
I did not like the video format
Reviewed by 2013
As a remote attendee, it appeared the instructor paid attention to the "Attendee" and "Chat" windows only a few times throughout the day, so I was not confident that he would see if I sent a message or raised my hand during the course.
Reviewed by 2013
The chairs were not very comfortable and the material contained spelling and grammatical error (a few but still)as well as repetition of words.
Reviewed by 2013
Was a bit slow the last 1/2 day. Of course, for some, this was the last of a 4 day course (not just 2 days).
Reviewed by 2013
I really enjoyed the course and I learned a lot. The pace was excellent.
Reviewed by 2013
good!
Reviewed by 2013
The room was excellent on its own - less distraction and no noise around you. There was no direction to the room when I walked in and therefore was not sure if I was heading in the right direction. We were not provided with the direction that there was coffee and fridge on the 3rd floor, and the bathroom floor was dirty.
Reviewed by 2012
This course was great, very informative, had Lionel as instructor and he was also very good.
Reviewed by 2012
Instructor was eager to assist but lacked subject matter expertise. Course time management was very poor. Content provided could have been delivered effectively in a one day course.
Reviewed by 2012
Good Course, good trainer. All questions addressed equally and in a timely professional manner.
Reviewed by 2011
The course content was interesting; however, the instructor didn't have enough knowledge about Microsoft Sharepoint 2010 Development and wasn't able to answer questions without google search. In the future CTE needs to make sure the instructors have real on-hands experience and are highly trained in the technologies they are supposed be teaching.
Reviewed by 2011
need-to-train-a-group-banner

This course currently does not have any dates scheduled. Please call 1-877-313-8881 to enquire about future dates or scheduling a private, in house course for your team.

This page has been viewed 1225 times.