VMware vSphere Security Design: Security Basics
Part 1 of 3 in the VMware vSphere Security Design series focuses on the essential security concepts in VMware virtualization.
What you'll learn
Part 1 of 3 in the VMware vSphere Security Design series focuses on the essential security concepts in VMware virtualization. The goal of this course is to take you beyond basic implementation, configuration, and administration of VMware vSphere and teach you the skills needed to properly secure a vSphere environment. You’ll learn information security and risk management concepts, how virtualization affects security, guidelines and best practices for securing a virtual environment, and securing virtual machines. This course is recommended for those who have existing VMware vSphere knowledge who want to enhance their security knowledge.
Table of contents
- Introduction 2m
- The Many Layers of Security in a Virtual Environment 5m
- The Fundamentals: A Security Primer 3m
- AAA Authentication, Authorization, and Accounting 5m
- Standard Terminology 6m
- CIA: Confidentiality, Integrity, and Availability 5m
- The Different Shapes and Sizes of Potential Attackers 6m
- The Steps of an Attempted Attack 3m
- The Process for Developing and Maintaining Good Security 3m
- Security Tools 6m
- What We Covered 2m
- Introduction 1m
- Is Virtualization Secure? 9m
- Is The Hypervisor a Security Weakness? 1m
- Encapsulation 2m
- Common Worries About virtualization Security 3m
- Types of Security Threats 2m
- Impact of Virtualization of Security 3m
- What is VMware Doing About Security? 2m
- Regular Tasks a Good Admin Should Perform 2m
- What We Covered 3m
- What Do I Need to Protect What? 3m
- Pairing Assets to Security Technology 4m
- vSphere Authentication 2m
- Who Has Access to Your Environment? 2m
- Creating Local VSphere Users 3m
- VSphere Host Authentication 2m
- Integration with Active Directory 5m
- The VI Firewall 1m
- Integrating Security in with the Hypervisor by Using VMsafe 1m
- Using vShield to Secure Application and Guests 2m
- Keeping Hosts and Guests Updated with Update Manager 1m
- What We Covered 2m
- Introduction 1m
- Deployment Types for Different Trust Zones 3m
- Partially Collapsed with Separate Physical Trust Zones 3m
- Partially Collapsed with Separate Virtual Trust Zones 2m
- Fully Collapsed Trust Zones 2m
- Top 10 Common Mistakes and Recommendations 6m
- Security Considerations with the Standard vSphere vSwitch 3m
- Security Considerations with the vSphere vdSwitch 1m
- Layering Additional Functionally with the Cisco Nexus 1000v 3m
- Protecting Your Management Communications 2m
- Isolating Management 1m
- What We Covered 2m
- Introduction 2m
- Security Considerations in Your vNetwork Design 5m
- Configuring the vNetwork for Different Trust Zones 1m
- Implementing VLANs and Network Separation 13m
- Using and Configuring Private VLANs (PVLANS) 6m
- vSwitch Security Configuration 4m
- Using and Configuring the vSphere dvSwitch 21m
- Overview of the Cisco Nexus 1000v Distributed Switch 7m
- Deploy and Configure of the Cisco Nexus 1000v Distributed Switch 17m
- Configure Physical Ports and VM Port-Groups 25m
- What We Covered 3m
- Introduction 1m
- An Overview on How SSL Works and Why We Use It 5m
- How VMware Uses SSL 1m
- Example of an SSL Negotiation 2m
- Let's Talk About Digital Certificates 2m
- Getting Rid of That Annoying SSL Warning in vCenter! 1m
- Using Internal Versus Generating 'Real' Certificates 2m
- Protect Your Certificates! 2m
- Installing Your Own Certificates 1m
- About the Digital Certificate Files 1m
- How to Replace Existing SSL Certificates 14m
- What We Covered 2m
About the authors
Jason Nash has over 15 years of industry experience and is currently the Data Center Solutions Principal at Varrow, a leader in virtualization, storage, and DR located in the southeast. Before Varrow, Jason was a Platform Architect at a large investment bank where he helped to develop the organization's IT strategy. He has published several books on networking, Windows, and Linux. Jason was designated a vExpert by VMware and holds a BS in Networking Technology and a MS in Information Security.
David has authored over 100 courses for Pluralsight.com around enterprise data center technologies such as cloud computing, virtualization, and (especially) VMware vSphere. He is a partner at ActualTechMedia.com where he creates compelling enterprise technology content, moderates online events, and helps to connect some of the best-known technology companies in the industry with the end user community. With over 20 years in enterprise technology, he has served as an IT Manager, administrator, an... more