Security Training
Security Certification
Internet Storm Center
Cyber Security Graduate School
Security Awareness Training
Penetration Testing
Industrial Control Systems
Cyber Defense Foundations
IT Audit
Computer Forensics
Software SecuritySEC577: Virtualization Security Fundamentals
- 12 CPE/CMU
- Laptop Provided
One of today's most rapidly evolving and widely deployed technologies is server virtualization. Many organizations are already realizing the cost savings from implementing virtualized servers, and systems administrators love the ease of deployment and management for virtualized systems. There are even security benefits to virtualization - easier business continuity and disaster recovery, single points of control over multiple systems, role-based access, and additional auditing and logging capabilities for large infrastructures.
With these benefits comes a dark side, however. Virtualization technology is the focus of many new potential threats and exploits and presents new vulnerabilities that must be managed. In addition, there are a vast number of configuration options that security and system administrators need to understand, with an added layer of complexity that has to be managed by operations teams. Virtualization technologies also connect to network infrastructure and storage networks and require careful planning with regard to access controls, user permissions, and traditional security controls.
Attendees will learn about virtualization security fundamentals with an in-depth treatment of today's most pressing virtualization security concerns: known attacks and threats, theoretical attack methods, and numerous real-world examples. Then we'll turn our attention to today's most popular enterprise server virtualization product, VMware vSphere. Attendees will learn about every aspect of locking down ESX and ESXi servers and the vCenter management server, as well as best practices for securing the virtual machine guests that reside on ESX and ESXi platforms. We'll also cover virtualization networking techniques in detail, laying out proven strategies for proper segmentation, virtual switching and routing considerations, network access controls and layer 2 policies, as well as how to build virtual DMZs and integrate with existing network infrastructure. The latest vSphere technologies will be covered, including Distributed Virtual Switches, vShield Zones, and Host Profiles.
Finally, attendees will learn essential strategies for securing storage interfaces to vSphere, as well as best practices for backup, recovery, and redundancy. We'll then wrap up with extensive information about compliance ramifications from virtualization, strategies to create and maintain compliance-focused controls using VMware, and operations processes and concepts to focus on, such as change and configuration management, separation of duties, and least privilege.
- Virtualization Basics and Introduction
- Virtual Networking
- Virtual Switch Security Policies
- Command-line Virtual Network Configuration and Administration
- Virtual Network Architecture Design
- vCenter Security and Administration
- Virtual Infrastructure Client Security
- ESX and ESXi Security
- ESX File System Security
- VM Guest Security
- Storage Considerations
- Backup and Recovery
- Virtualization Risk Assessment
- Virtualization Threats
- Virtualization Vulnerabilities
- Virtualization Attacks
- Virtualization Audit and Compliance
Notice:
For SEC577 Virtualization Security Fundamentals courses conducted in the United States, a Laptop will be provided for class use. However, for International events and Onsite Classes, a Hard Drive will be provided for class use.
| Laptop Provided |
|
Laptops for SEC577 lab exercises will be provided for students to use during class.* Students will be given CDs with labs loaded to take home after class. If you have additional questions about the laptop specifications, please contact laptop_prep@sans.org. |
| Who Should Attend |
|
