Overview

            One of today's most rapidly-evolving and widely-deployed technologies is server virtualization. Many organizations are already realizing the cost savings from implementing virtualized servers, and systems administrators love the ease of deployment and management for virtualized systems. More and more organizations are deploying desktop, application and network virtualization, as well. There are even security benefits of virtualization - easier business continuity and disaster recovery, single points of control over multiple systems, role-based access, and additional auditing and logging capabilities for large infrastructures.

Duration:

06 days

Who should attend

• Security personnel who are tasked with securing virtualization and private cloud infrastructure
• Network and systems administrators who need to understand how to architect, secure and maintain virtualization and cloud technologies
• Technical auditors and consultants who need to gain a deeper understanding of VMware virtualization from a security and compliance perspective

You will be able to

• Lock down and maintain a secure configuration for all components of a virtualization environment
• Design a secure virtual network architecture
• Evaluate virtual firewalls, intrusion detection and prevention systems, and other security infrastructure
• Evaluate security for private and hybrid cloud environments
• Perform vulnerability assessments and penetration tests in virtual and private cloud environments, and acquire forensic evidence
• Perform audits and risk assessments within a virtual or private cloud environment

Certificate

 Class completion certificate is issued by Robusta.

Course contents

1. Virtualization Security Architecture and Design

• Virtualization components and architecture designs
• Different types of virtualization, ranging from desktops to servers and applications
• Hypervisor lockdown controls for VMware, Microsoft Hyper-V, and Citrix Xen
• Virtual network design cases, with pros and cons of each
• Virtual switches and port groups, with security options available
• Available commercial and open-source virtual switches, with configuration options
• Segmentation techniques, including VLANs and PVLANs
• Virtual machine security configuration options, with a focus on VMware VMX files

2.    Virtualization and Private Cloud Infrastructure Security

• Storage security and design considerations
• How to lock down management servers and clients for vCenter, XenServer, and Microsoft SCVMM
• Security design considerations for Virtual Desktop Infrastructure (VDI)
• Security-focused use cases for VDI
• Private cloud security architecture
• Configuration options for securing private cloud components
• Specific private cloud models and how security applies to each of them
• Virtual firewalls and network access controls
• Commercial and open-source virtual firewalls
• Designing intrusion detection for virtual environments and the private cloud
• Setting up promiscuous interfaces and traffic capture in a virtual environment
• Host-based IDS/IPS for virtualization

3.     Virtualization Offense and Defense (Part I)

• Attack models that pertain to virtualization and cloud environments
• Penetration testing cycles with a focus on virtualization and cloud attack types
• Specific virtualization platform attacks and exploits
• How to modify vulnerability management processes and scanning configuration to get the best results in virtualized environments
• How to use attack frameworks like VASTO, Virtualization Assessment Toolkit to exploit virtualization systems
• How to implement intrusion detection tools and processes in a virtual environment
• What kinds of logs and logging are most critical for identifying attacks and live incidents in virtual and cloud environments

4. Virtualization Offense and Defense (Part II)

• How anti-malware tools function in virtual and cloud environments
• What kinds of new tools and tactics are available for effective anti-malware operations in the cloud and virtual machines
• Pulling Netflow and packet data from virtual environments for analysis
• How forensics processes and tools should be used and adapted for virtual systems
• What tools are best to get the most accurate results from virtual machine system analysis
• How to most effectively capture virtual machines for forensic evidence analysis
• What can be done to analyze hypervisor platforms, and what does the future of virtual machine forensics hold?

5.    Virtualization and Cloud Integration: Policy, Operations and Compliance

• How security can adapt to accommodate virtualization infrastructure
• How virtualization tools and technology can augment and facilitate security
• A simple, bulletproof risk assessment strategy for virtualization and private cloud environments
• Threats, vulnerabilities and impacts to consider when evaluating virtualization and private cloud technologies
• New and updated policies needed for virtualization and cloud environments
• Service-level agreements and performance considerations for cloud operations
• Governance models for private clouds
• Encryption tools and techniques for securing mobile virtual machines
• Data lifecycle policies and processes to ensure virtual machines and their data are monitored and updated
• Identity and access management fundamentals for private clouds
• Scripting for automation with shell scripts, as well as vSphere CLI and PowerCLI
• In-depth disaster recovery and business continuity planning processes and capabilities that virtualization and private clouds can augment

6: Auditing and Compliance for Virtualization and Cloud

• Assessment and audit plans for virtualization and private cloud components
• Key configuration controls from the leading hardening guides from DISA, CIS, VMware, and Microsoft
• Scripting techniques in VI CLI for automating audit and assessment processes
• Sample scripts that help implement key audit functions
• Compliance mandates and how you can institute controls in both virtualization and cloud infrastructure to satisfy requirements