Vmware Vsphere and Virtual Infrastructure Security Securing the Virtual Environment

ISBN-10: 0137158009

ISBN-13: 9780137158003

Edition: 2009

List price: $54.99
eBook available
30 day, 100% satisfaction guarantee

If an item you ordered from TextbookRush does not meet your expectations due to an error on our part, simply fill out a return request and then return it by mail within 30 days of ordering it for a full refund of item cost.

Learn more about our returns policy


eBooks Starting from $39.99
Buy eBooks
what's this?
Rush Rewards U
Members Receive:
You have reached 400 XP and carrot coins. That is the daily max!
Study Briefs

Limited time offer: Get the first one free! (?)

All the information you need in one place! Each Study Brief is a summary of one specific subject; facts, figures, and explanations to help you learn faster.

Add to cart
Study Briefs
Business Ethics Online content $4.95 $1.99
Add to cart
Study Briefs
Business Law Online content $4.95 $1.99
Add to cart
Study Briefs
Management Online content $4.95 $1.99
Customers also bought

Book details

List price: $54.99
Copyright year: 2009
Publisher: Prentice Hall PTR
Publication date: 6/22/2009
Binding: Paperback
Pages: 552
Size: 7.25" wide x 9.75" long x 1.25" tall
Weight: 1.980
Language: English

Edward L. Haletky graduated from Purdue University in 1988 with a degree in Aeronautical and Astronautical Engineering. Since then, he has worked programming graphics and other low-level libraries on various UNIX platforms. He currently works for Hewlett-Packard in the High Performance Technical Computing Expert Team, dealing with Tru64 and Linux Clustering technologies, as well as general Linux and VMware environments. Edward has also published articles about interoperability, clustering, and security issues for Linux. Background: Assist customers in solving Compaq Tru64 UNIX, and LINUX Operating System, compiler, shell, and application related issues. Assist customers in the programming and maintenance of Sierra and Beowulf Clusters. Created customer tools for information gathering of installed software for Linux and Tru64. Act as a mentor for new employees. Participate in continuing education in the fields LINUX Security, Clustering, tools, desktops, and applications. Education: BS in Aeronautical and Astronautical Engineering from Purdue University in 1

What Is a Security Threat?
The 10,000 Foot View without Virtualization
The 10,000 Foot View with Virtualization
Applying Virtualization Security
The Beginning of the Journey
Holistic View from the Bottom Up
Attack Goals
Anatomy of an Attack
Footprinting Stage
Scanning Stage
Enumeration Stage
Penetration Stage
Types of Attack
Buffer Overflows
Heap Overflows
Web-Based Attacks
Layer 2 Attacks
Layer 3 Nonrouter Attacks
DNS Attacks
Layer 3 Routing Attacks
Man in the Middle Attack (MiTM)
Understanding VMware vSphere<sup>TM</sup> and Virtual Infrastructure Security
Hypervisor Models
Hypervisor Security
Secure the Hardware
Secure the Management Appliance
Secure the Hypervisor
Secure the Management Interfaces
Secure the Virtual Machine
Storage and Security
Storage Connections within the Virtual Environment
Storage Area Networks (SAN)
Network Attached Storage (NAS)
Internet SCSI (iSCSI) Servers
Virtual Storage Appliances
Storage Usage within the Virtual Environment
VM Datastore
Ancillary File Store
Backup Store
Tape Devices
Storage Security
Data in Motion
Data at Rest
Storage Security Issues
VCB Proxy Server
SCSI reservations
Fibre Channel SAN (Regular or NPIV)
CIFS for Backups
Shared File Access over Secure Shell (SSH) or Secure Copy Use
FTP/R-Command Usage
Clustering and Security
Types of Clusters
Standard Shared Storage
RAID Blade
VMware Cluster
Virtual Machine Clusters
Security Concerns
VMware Cluster Protocols
VMware Hot Migration Failures
Virtual Machine Clusters
Deployment and Management
Management and Deployment Data Flow
VIC to VC (Including Plug-Ins)
VIC to Host
VC webAccess
ESX(i) webAccess
VI SDK to Host
RCLI to Host
SSH to Host
Console Access
Lab Manager
Site Manager
LifeCycle Manager
VMware Update Manager
Management and Deployment Authentication
Difference Between Authorization and Authentication
Mitigating Split-Brain Authorization and Authentication
Security of Management and Deployment Network
Using SSL
Using IPsec
Using Tunnels
Using Deployment Servers
Security Issues during Management and Deployment
VIC Plug-ins
VMs on the Wrong Network
VMs or Networks Created Without Authorization
VMs on the Wrong Storage
VMs Assigned to Improper Resource Pools
Premature Propagation of VMs from Quality Assurance to Production
Physical to Virtual (P2V) Crossing Security Zones
Operations and Security
Monitoring Operations
Host Monitoring
Host Configuration Monitoring
Performance Monitoring
Virtual Machine Administrator Operations
Using the Wrong Interface to Access VMs
Using the Built-in VNC to Access the Console
Virtual Machine Has Crashed
Backup Administrator Operations
Service Console Backups
Network Backups
Direct Storage Access Backups
Virtual Infrastructure Administrator Operations
Using Tools Across Security Zones
Running Commands Across All Hosts
Management Roles and Permissions Set Incorrectly
Virtual Machines and Security
The Virtual Machine
Secure the Virtual Hardware
Secure the Guest OS and Application
Secure the Hypervisor Interaction Layer
Virtual Machine Administration
Virtual Machine Creation
Virtual Machine Modification
Virtual Machine Deletion
Virtual Networking Security
Virtual Networking Basics
Basic Connections
802.1q or VLAN Tagging
Security Zones
Standard Zones
Best Practices
Virtualization Host with Single or Dual pNIC
Three pNICs
Four pNICs
Five pNICs
Six pNICs
Eight pNICs
Ten pNICs
pNIC Combination Conclusion
DMZ on a Private vSwitch
Use of Virtual Firewall to Protect the Virtualization Management Network
VMware as a Service
Intrusion Detection and Prevention
Auditing Interfaces
Virtual Desktop Security
What Is VDI?
VDI Products
VDM's Place in the Network
The VDM Connection Server
The VDM Client
The VDM Web Access Client
The VDM Agent for Virtual Desktops
Security Implications
VMware View
Linked Clones: What Are They and How Do They Change Security?
Storage Overcommit
Overview of Linked Clones
Protecting the VC
Offline Desktops
SSL in a VDM or View Environment
Secure VDI Implementation
Secure the Virtual Desktop
Security and VMware ESX
VMware ESXi Hardening Recipe
VMware ESX Hardening Recipe
Root Password
Shadow Password
IPtables Firewall
Lockdown by Source IP
Run Security Assessments
Apply Hardening per Assessments
Additional Auditing Tools
Digital Forensics and Data Recovery
Data Recovery
Data Recovery-Host Unavailable
Data Recovery-Corrupt LUN
Data Recovery-Re-create LUN
Data Recovery-Re-create Disk
Digital Forensics
Digital Forensics-Acquisition
Digital Forensics-Analysis
Digital Forensics-Who Did What, When, Where, and How?
Conclusion: Just the Beginning: The Future of Virtualization Security
Patches to Bastille Tool
Security Hardening Script
Assessment Script Output
CIS-CAT Output
Bastille-Linux Output
Tripwire ConfigCheck Output
Suggested Reading and Useful Links
Useful Links
Free shipping on orders over $35*

*A minimum purchase of $35 is required. Shipping is provided via FedEx SmartPost® and FedEx Express Saver®. Average delivery time is 1 – 5 business days, but is not guaranteed in that timeframe. Also allow 1 - 2 days for processing. Free shipping is eligible only in the continental United States and excludes Hawaii, Alaska and Puerto Rico. FedEx service marks used by permission."Marketplace" orders are not eligible for free or discounted shipping.

Learn more about the TextbookRush Marketplace.