SECURITY 557

Virtualization Security and Operations

Wednesday, August 19, 2009 - Friday, August 21, 2009 : 9am - 5pm
Paul A. Henry, SANS Instructor
6 CPE Credits per day

Laptop RequiredFree

One of today's most rapidly evolving and widely deployed technologies is server virtualization. Many organizations are already realizing the cost savings from implementing virtualized servers, and systems administrators love the ease of deployment and management for virtualized systems. There are even security benefits to virtualization - easier business continuity and disaster recovery, single points of control over multiple systems, role-based access, and additional auditing and logging capabilities for large infrastructures.

With these benefits comes a dark side, however. Virtualization technology is the focus of many new potential threats and exploits, and presents new vulnerabilities that must be managed. In addition, there are a vast number of configuration options that security and systems administrators need to understand, with an added layer of complexity that has to be managed by operations teams. Virtualization technologies also connect to network infrastructure and storage networks, and require careful planning with regard to access controls, user permissions, and traditional security controls.

Attendees will learn about virtualization security fundamentals, with an in-depth treatment of today's most pressing virtualization security concerns: known attacks and threats, theoretical attack methods, and numerous real-world examples. Then we'll turn our attention to today's most popular enterprise server virtualization product, VMware Infrastructure 3. Attendees will learn about every aspect of locking down ESX Server and VirtualCenter management server, as well as best practices for securing the virtual machine guests that reside on ESX platforms. We'll also cover virtualization networking techniques in detail, laying out proven strategies for proper segmentation, virtual switching and routing considerations, network access controls and layer 2 policies, as well as how to build virtual DMZs and integrate with existing network infrastructure.

Finally, attendees will learn essential strategies for securing storage interfaces to Virtual Infrastructure 3, as well as best practices for backup, recovery, and redundancy. We'll then wrap up with extensive information about compliance ramifications from virtualization, strategies to create and maintain compliance-focused controls using VMware, and operations processes and concepts to focus on, such as change and configuration management, separation of duties, and least privilege.

Target Audience

Security and Compliance professionals who need to understand VMware and virtualization security techniques.

Pre-requisites

Basic knowledge of systems and networking, some exposure to VMware ESX is helpful but not essential.

Intense, fast paced. Modern day Sherlock Holmes!
-Cody Drake, Allstate Ins. Co.

Author Statement

As more organizations roll out virtualization technologies, security professionals need to understand the vast variety of configuration and architecture issues that could possibly lead to new vulnerabilities and, as a result, increased risk in their environments. This course aims to provide a firm foundation for all aspects of virtualization technology, covering the hosts, guests, networks, and management components. When students leave this class, they'll have all the tools they need to properly secure their virtual environments and maintain their desired security and compliance posture.
- Dave Shackleford, Rob VandenBrink, Chris Farrow