Course Outline
Section 1: Course Introduction
Lesson 1 – Getting Started with VMware vSphere Security Design Training
In this lesson learn what makes vSphere security such an important topic for you and your company. You’ll find out what the course will cover as well as the basics of building a vSphere lab that you could use to practice the configurations you’ll learn in the course.
· Why vSphere Security is Critical Knowledge
· What You Will Learn in This Course
· Lab Setup
Lesson 2 – About Your Instructors
Find out who Jason Nash and Lane Leverett are, their qualifications, and why they make such excellent vSphere security instructors.
· About Jason Nash
· About Lane Leverett
Lesson 3 – Introduction to Information Security Concepts
This lesson provides a fundamental base of understanding for system and information security, specifically as it relates to virtualization security.
· The Many Layers of Security in a Virtual Environment
· The Fundamentals: A Security Primer
· AAA: Authentication, Authorization, and Accounting
· Standard Terminology
· CIA: Confidentiality, Integrity, and Availability
· The Different Shapes and Sizes of Potential Attackers
· The Steps of an Attempted Attack
· The Process for Developing and Maintaining Good Security
· Security Tools
Section 2: Information Security Concepts
Lesson 4 – Security Priorities in a Virtual Environment
Explore how security is different a virtual environment, dispel common virtualization security concerns, find out the impact of security in a virtual infrastructure, and learn what VMware is doing about security.
· Is Virtualization Secure?
· Is the Hypervisor a Security Weakness?
· Encapsulation
· Common Worries About Virtualization Security
· Types of Security Threats
· Impact of Virtualization of Security
· What is VMware Doing About Security?
· Regular Tasks a Good Admin Should Perform
Lesson 5 – Security Technologies
In this lesson you will learn technologies, features, and options for securing your vSphere environment. You will also learn how to control who has access to your virtual infrastructure as well as how to keep maintain that level of security for the long term.
· What Do I Need to Protect What?
· Pairing Assets to Security Technology
· vSphere Authentication
· Who Has Access to Your Environment?
· Creating Local VSphere Users
· VSphere Host Authentication
· Integration with Active Directory
· The VI Firewall
· Integrating Security in with the Hypervisor by Using VMsafe
· Using vShield to Secure Application and Guests
· Keeping Hosts and Guests Updated with Update Manager
Section 3: Security in Virtual Networks
Lesson 6 – vNetwork Security Architecture
This lesson will give you an overview of how security impacts the selection, deployment, and management of the vNetwork. Instructor Jason Nash also details recommendations and common mistakes seen in production environments.
· Deployment Types for Different Trust Zones
· Partially Collapsed with Separate Physical Trust Zones
· Partially Collapsed with Separate Virtual Trust Zones
· Fully Collapsed Trust Zones
· Top 10 Common Mistakes and Recommendations
· Security Considerations with the Standard vSphere vSwitch
· Security Considerations with the vSphere vdSwitch
· Layering Additional Functionally with the Cisco Nexus 1000v
· Protecting Your Management Communications
· Isolating Management
Lesson 7 – Securing vNetwork Configuration
Learn about implementing vNetwork security with features like VLANs, PVLANs, and trust zones. Also, you will get an introduction to using the Cisco Nexus 1000v Distributed Switch.
· Security Considerations in Your vNetwork Design
· Configuring the vNetwork for Different Trust Zones
· Implementing VLANs and Network Separation
· Using and Configuring Private VLANs (PVLANS)
· vSwitch Security Configuration
· Using and Configuring the vSphere dvSwitch
· Overview of the Cisco Nexus 1000v Distributed Switch
· Deployment and Configuration of the Cisco Nexus 1000v Distributed Switch
· Configure Physical and VM Port-Groups
Section 4: Protecting vCenter
Lesson 8 – Working with SSL Certificates
This lesson discusses how to use SSL Certificates, whether from a certificate authority or self signed, to secure vCenter communications.
· An Overview on How SSL Works and Why We Use It
· How VMware Uses SSL
· Example of an SSL Negotiation
· Let’s Talk About Digital Certificates
· Getting Rid of That Annoying SSL Warning when I Log into vCenter!
· Using Internal Versus Generating “Real” Certificates
· Protect Your Certificates!
· Installing Your Own Certificates
· About the Digital Certificate Files
· How to Replace Existing SSL Certificates
Lesson 9 – Hardening the vCenter Server System
Appling security’s triple A (Authentication, Authorization, and Accounting) to harden the underlying operating system, vCenter, and the vSphere Client. Finally, find out how to monitor vCenter logs to know that the infrastructure is secure.
· Authentication, Authorization, and Accounting with vCenter
· Best Practices for Deploying and Protecting vCenter
· Hardening the Underlying Operating System
· Don’t Forget the vSphere Client!
· Monitoring the vCenter Logs
Section 5: Protecting ESX/ESXi Host Systems
Lesson 10 – ESX and ESXi Security Architecture
In this lesson you will learn the difference between ESX Classic and ESXi Server when it comes to security. You will also learn about security at each layer of ESX/ESXi as well as how to secure the ESX service console.
· Why is ESXi More Secure Than ESX Classic – or is It?
· The Virtualization Layer, Virtual Network Layer, and Virtual Machine Layer
· What is the Service Console/Management Interface and Why Does it Need to Be Secured?
Lesson 11 – Controlling Access to Storage
Shared storage is required by advanced vSphere features. So, you implemented it and put all your virtual machines on it. But, is it secure? Learn how to secure fiber channel, iSCSI, and NFS vSphere storage.
· Common Security for All Protocols
· Fiber Channel: Zoning and LUN Masking
· iSCSI: CHAP and LUN Masking
· NFS (Network File System)
Lesson 12 – Hardening ESX and ESXi Host Systems
Based on the vSphere security hardening guide, this lesson shows you, step by step, how to take a base ESX/ESXi installation and give it heavy-duty security.
· ESX Hardening – User and Group Configuration
· Sudo
· Customize SSH
· Secure ESX Web Proxy
· Configuring Password Policies
· Configure the ESX Firewall
· ESXi Hardening – Enabling ESXi Lockdown Mode
· Tech Support and Remote Tech Support Configuration
· Common Hardening – Isolate the ESX/ESXi and vCenter Management Networks
· Enabling Certificate Checking in vCenter
· Configuring CA Signed Certificates
· Configure SSL Timeouts
Section 6: Hardening Virtual Machines
Lesson 13 – Virtual Machine Security Architecture
Find out the enhancements to security that virtualization brings, the challenges that virtualization introduces, and the common OS hardening needed for virtual machines.
· Virtual Machine Isolation
· Virtualization Security Enablers
· Virtualization Security Challenges
· Operating System Security Best Practices
Lesson 14 – Hardening Virtual Machines - Best Practices
Learn how to apply real-world proven virtual machine security practices in your infrastructure, step by step!
· Use a Firewall or Access Control Lists
· Use an Antivirus Solution
· Use VMware Update Manager
· Limit Who Has Console Access
· Do Not Use the VMCI if Possible
· Isolate VMotion and/or FT Networks
· Use vCenter Roles
· Use Virtual Machine Log Rotation
· Turn off or Disable Unneeded Services
· Turn on Auditing and/or Logging
Section 7: Standardizing ESX/ESXi Host Configurations
Lesson 15 – Using Host Profiles to Standardize ESX/ESXi Configuration
In this lesson you will learn how to use vSphere’s host profiles as a template to insure that new and existing ESX/ESXi hosts comply with security policies and best practices.
· How Host Profiles Help Secure ESX/ESXi
· What is Supported with Host Profiles
· What is Not Supported with Host Profiles
· Create, Apply, and Check Compliance with a Host Profile
Lesson 16 – Keeping Hosts and VMs Secure with Update Manager
VMware’s Update Manager (VUM) is a powerful vSphere security enabler that you can use to keep both hosts and virtual machines up to date with security patches. Find out how to do it, step by step.
· Using VMware Update Manager (VUM) to Help Secure ESX/ESXi and VMs
· Deployment Options for Update Manager
Section 8: vSphere Logging and Event Monitoring
Lesson 17 – Understanding and Managing vSphere Logs
A critical piece of any security monitoring is the proper monitoring and alerting of security events. Find out how to monitor vSphere security logs, how to retain those logs, and how to use vCenter alarms to make sure you know when security events occur.
· Monitoring Log Files for Security
· Where vSphere Stores Local Log Files
· Using Syslog for Logging Repository
· How to Monitor and Retain Log Files for Auditing Purposes
· Using vCenter Alarms for Security Monitoring
· Monitoring vSphere Configuration Files
· Aggregating Log Files – A Demo of Splunk
Section 9: Getting Started with Top vSphere Security Tools
Lesson 18 – vShield: Zones, App, and Edge
VMware’s vShield is a suite of virtualization security products designed to keep your virtual datacenters secure, ESXi hosts secure, the edge of the network secure, and even your VM apps secure. Find out how it works, what it can do for you, and how to implement vShield zones in your vSphere infrastructure.
· An Overview of the vShield Suite
· Centralized Management of the vShield Suite Using vShield Manager
· Protecting Virtual Machines with vShield Zones
· How vShield Zones Does Traffic Analysis
· Configuring vShield Zones Firewall Policies
· Enhancements Provided by vShield App
· Deploy the vShield Manager
· Deploy Agent VMs
· Moving VMs Between Protected and Unprotected Hosts
· Using vShield Edge to Provide Multi-tenancy Security
· Putting All of the Pieces Together, Deploying the vShield Suite for Maximum Benefit
Lesson 19 – vShield: Endpoint and Trend Micro Deep Security
vShield endpoint provides third-party companies the ability to perform revolutionary virtual network security. You will learn how vShield endpoint works and how you would use Trend Micro’s Deep Security for vSphere to ensure your virtual infrastructure is virus-free without installing any anti-virus agents on your virtual machines.
· What is vShield Endpoint?
· An Overview of Trend Micro’s Deep Security
· Pros and Cons
· Deployment Steps
· Deploy Endpoint
· Install Deep Security Manager
· Prepare the vSphere Host and Deploy an Agent VM
· Install Drivers on the Guest and Activate the Guest to Be Managed
· Configure Anti-malware and Intrusion Prevention Functionality
· Where/When Would I Use Deep Security?
Lesson 20 – Hytrust Appliance
One of the most popular and useful third-party virtual infrastructure security solutions is the Hytrust appliance. Learn how it can help you and how it works in this lesson.
· An Overview of Hytrust
· Pros and Cons
· Hytrust Installation Demo
· Where/When Would I Use Hytrust
Lesson 21 – Compliance and vCenter Configuration Manager
VMware’s vCenter compliance and configuration manager ensures that the virtual infrastructure is never misconfigured or insecure by automatically detecting and comparing changes to policies. Learn how it works and how you would use it to maintain configuration security and compliance. Additionally, find out how to use VMware’s free compliance checker.
· What is Compliance?
· How Do We Do Compliance?
· Why is Compliance Important?
· Tools for Managing Compliance
· About VMware Configuration Manager
· VMware’s Compliance Checker for vSphere and PCI Compliance Checker
· Installing and Running Free Compliance Checking Tools
Section 10: Course Conclusion
Lesson 22 – Next Steps
In this lesson David Davis provides direction for what to do now that you have completed this course including additional resources for further study.
· What is Your Next Step?
· We Value Your Opinion
==================================================
This DVDs are only suitable for a PC/laptop/Mac; it WILL NOT play on a TV
==================================================
This DVDs are only suitable for a PC/laptop/Mac; it WILL NOT play on a TV
==================================================
Payment mode : Pay on my account ,Buying via eBay or Paypal
Shipping : By Courier through all over India
Shipping charge : Rs 50/- Flat Rate shipping anywhere in India
You can get with in two days
Any Advanced Graphic Design Software Tutorials, IT Software Tutorials, Multimedia Software Tutorials, All Engineering purpose Software Tutorials & All Software Tutorials Available
For more details
Email : digitalcollections4u@gmail.com
https://www.facebook.com/TutorialsDvDs
Shipping : By Courier through all over India
Shipping charge : Rs 50/- Flat Rate shipping anywhere in India
You can get with in two days
Any Advanced Graphic Design Software Tutorials, IT Software Tutorials, Multimedia Software Tutorials, All Engineering purpose Software Tutorials & All Software Tutorials Available
For more details
Email : digitalcollections4u@gmail.com
https://www.facebook.com/TutorialsDvDs
No comments:
Post a Comment