1Staff Logo

1Staff Training home page
Current Schedule page

402.898.8700
888.556.7568
For more information please fill out the form below:
*Name: A value is required. *E-mail address: A value is required.Invalid format. *Telephone #: A value is required.Invalid format. Comments:
Title: Company:

VMHAC - Hacking Uncovered VMware - BOOTCAMP

Course Length

5 Days

Course Overview

Elements of this syllabus are subject to change.

A critical and often overlooked aspect of migrating to a virtualized environment is security and setting up security properly. Like physical machines, virtualization technologies are not secure “out of the box” and VMware is no exception. The Advanced Virtualization Security course focuses on “where the vulnerabilities lie” and how to reduce the attack surfaces in the virtualized environment. It goes beyond the typical security protocols administrators use to secure their environments and delves much deeper into the actual working (and short comings) of the VMware environment. Students will take a 360 degree look at the potential threats, how to defend and defeat them, and establish a solid foundation to build secure virtual data centers from the ground up.

Course Objectives

  • Learn the actual internal workings of VMware, and compare them to physical and virtual devices.
  • Discover how to securely set up port groups and VLANS.
  • Understand the aspect of securing failover configurations
  • Distinguish between Denial of Service Failovers that wide open failovers and closed failovers.
  • Dive deep into the different layers of security and explore features to include how traffic routes between VM’s and different hosts, common denominators of Physical and Virtual Environments, and how to make the virtual environment the most secure.
  • Walk away knowing how to secure a VMware environment in a DMZ and how to protect yourself from the common vulnerabilities of VMware attack surfaces from the eyes of an attacker.
  • Receive in depth information on how to harden you ESX environment, and comprehensively understand all aspects of how to do that.
  • Demonstrate their proficiency in class working on a state-of-the-art data center and performing hands-on labs to reinforce the learning objectives.
  • Course developed and taught by a Licensed Penetration Tester who has a long history of vulnerability audits with US National Security Teams and audits of many foreign governments.
  • Designed and taught from the perspective of how an attacker would get into your Virtual Environment from an attacker who has done JUST THAT!

Who Should Attend:

System Administrators and Security Administrators using virtualization software.

Prerequisites:

Virtual Infrastructure 3.5 Ultimate Bootcamp® or equivalent. In lieu of hands-on classroom training, an in-depth knowledge of VMware’s ESX virtualization environment is required.

Course Outline

Section A: Primer and reaffirming our knowledge

Virtual Networking Concepts for the ESX Administrator

  • ESX Networking Components
  • How Virtual Ethernet Adapters actually work
  • How Virtual Switches work
  • How a VSwitch is Similar to a Physical Switch
    - How a VSwitch is different from a Physical Switch
    - Spanning Tree Protocol -- Not Needed?
    - VSwitch Isolation
    - Virtual Ports
    - Uplink Ports
    - PortGroups
    - Virtual Switch Correctness

VLANs in VMware Infrastructure

NIC Teaming

  • Load Balancing
  • Fail Over Configurations

Layer 2 Security Features

Managing the Virtual Network

Section B: Roll up your sleeves to more in-depth knowledge of how VMWare Operates and How to secure it

How Traffic Routes between VM's on an ESX Host

  1. Different vSwitches, same port group and VLAN
  2. Same vSwitch, different port group and VLAN
  3. Same vSwitch, same port group and VLAN - (HOL)

Security Design of VMWare Architecture

  • VMware Infrastructure Architecture and Security Features
  • Virtualization Layer
    - CPU Virtualization
    - Memory Virtualization
  • Virtual Machines - (HOL)
  • Service Console
    - Physical Console
    - Remote Access Devices - DRAC
    - SSH Security
    - sudo - (HOL)
  • Virtual Networking Layer
    - Virtual Switches
    - Virtual Switch LANs
    - Virtual Ports
    - Virtual Network Adapters
    - Virtual Switch Isolation
    - Virtual Switch Correctness
  • Virtualized Storage
    - SAN Security
    - iSCSI Security
  • VMware Virtual Center

VMWare in a DMZ

  • Virtualized DMZ Networks
  • Three Typical Virtualized DMZ Configurations
  • Partially Collapsed DMZ with Separate Physical Trust Zones
  • Partially Collapsed DMZ with Virtual Separation of Trust Zones
  • Fully Collapsed DMZ
  • Best Practices for Achieving a Secure Virtualized DMZ Deployment
  • Harden and Isolate the Service Console
  • Clearly Label Networks for each Zone within the DMZ
  • Set Layer 2 Security Options on Virtual Switches
  • Enforce Separation of Duties
  • Use ESX Resource Management Capabilities
  • Regularly Audit Virtualized DMZ Configuration

Hardening your ESX Server

  • Scanning your ESX Server for Vulnerabilities - (HOL) Tripwire Config Checker
  • Hardening Virtual Machines - (HOL)
  • Hardening  Virtual Machine Files and Settings - (HOL)
  • Configuring the Service Console in ESX 3.5 - (HOL)
  • Configuring Host‐level Management in ESXi 3.5 - (HOL)
  • Configuring the ESX/ESXi Host - (HOL)
  • Virtual Center
  • Virtual Center Add on Components
  • Client Components

Logs that should be audited

  • Tools to audit logs
  • Viewing Log files - (HOL)
  • Auditing ESXi

ESX and X.500 Directory Integration

  • AD
  • LDAP

Certificates

  • Certificate Use in the ESX Environment
  • Install a trusted certificate - (HOL)

*(HOL) – designates Hands On Lab

top of page