This three day course with 60% lecture and 40% lab exercises shows you how to follow best practices for secure design, deployment, and operation of a VMware vSphereβ’ environment. Through lecture, discussion, and hands-on practice, you will gain the knowledge and skills necessary to meet the security and compliance goals of your organization.
Course Outline
Module 1: Course Introduction
β’ Introductions and course logistics
β’ Online resources for security and compliance
Module 2: Security in a Virtual Environment
β’ Review of information security and risk management concepts
β’ How virtualization affects security and compliance
β’ Top vulnerabilities in a virtual environment
β’ Basic guidelines for securing a virtual environment
β’ Security tools and technologies
Module 3: Secure Virtual Networking
β’ vNetwork security architecture
β’ Network segmentation and traffic isolation
β’ Secure virtual network configuration
β’ Traffic isolation with private VLANs
Module 4: Protecting the Management Environment
β’ vCenter Server authentication, authorization, and accountingWorking with SSL certificates
β’ Hardening the vCenter Server system
Module 5: Protecting VMware ESX/ESXi Host Systems
β’ ESX and ESXi security architecture
β’ Controlling access to storage
β’ Hardening ESX and ESXi hosts.
Module 6: Hardening Virtual Machines
β’ Virtual machine security architecture
β’ Configuring security parameters
Module 7: Configuration and Change Management
β’ Configuration and change management goals and guidelines
β’ Maintaining the proper configuration of vSphere components
β’ Monitoring logs for security-related events
β’ Configuration and change management tools and technologie
