Virtualization and Private Cloud Security Training

Print Friendly, PDF & Email

Introduction:

Virtualization and Private Cloud Security Training Course Hands-on

One of today's most rapidly-evolving and widely-deployed technologies is server virtualization. Many organizations are already realizing the cost savings from implementing virtualized servers, and systems administrators love the ease of deployment and management for virtualized systems. More and more organizations are deploying desktop, application and network virtualization, as well. There are even security benefits of virtualization - easier business continuity and disaster recovery, single points of control over multiple systems, role-based access, and additional auditing and logging capabilities for large infrastructures.
Virtualization Vulnerabilities

With these benefits comes a dark side, however. Virtualization technology is the focus of many new potential threats and exploits, and presents new vulnerabilities that must be managed. In addition, there are a vast number of configuration options that security and system administrators need to understand, with an added layer of complexity that has to be managed by operations teams. Virtualization technologies also connect to network infrastructure and storage networks, and require careful planning with regard to access controls, user permissions and traditional security controls.

In addition, many organizations are evolving virtualized infrastructure into private and hybrid clouds - shared services running on virtualized infrastructure. Security architecture, policies, and processes will need to be adapted to work within a cloud infrastructure, and there are many changes that security and operations teams will need to accommodate to ensure assets are protected

Customize It

● We can adapt this course to your group’s background and work requirements at little to no added cost.
● If you are familiar with some aspects of this Virtualization and Private Cloud Security Training course, we can omit or shorten their discussion.
● We can adjust the emphasis placed on the various topics or build the course around the mix of technologies of interest to you (including technologies other than those included in this outline).
● If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the course in manner understandable to lay audiences.

Audience / Target Group

• Security personnel who are tasked with securing virtualization and private cloud infrastructure
• Network and systems administrators who need to understand how to architect, secure and maintain virtualization and cloud technologies
• Technical auditors and consultants who need to gain a deeper understanding of VMware virtualization from a security and compliance perspective

Virtualization and Private Cloud Security Training Related Courses

Duration: 5 days

Prerequisites

Objectives:

After completing this Virtualization and Private Cloud Security Training course, attendees will be able to:

• Best practices for configuring and designing virtual security controls and infrastructure
• Vulnerabilities and threats related to virtual infrastructure and cloud environments
• How the network security landscape (products and architecture) is changing with virtualization and private clouds
• New vulnerability assessment and forensic techniques to use within a virtual environment
• How scripting and automation can assist with audits in a virtual environment

Course Content:

  SEC579.1: Virtualization Security Architecture and Design

Virtualization components and architecture designs
Different types of virtualization, ranging from desktops to servers and applications
Hypervisor lockdown controls for VMware, Microsoft Hyper-V, and Citrix Xen
Virtual network design cases, with pros and cons of each
Virtual switches and port groups, with security options available
Available commercial and open-source virtual switches, with configuration options
Segmentation techniques, including VLANs and PVLANs
Virtual machine security configuration options, with a focus on VMware VMX files

Virtualization and Private Cloud Infrastructure Security

Storage security and design considerations
How to lock down management servers and clients for vCenter, XenServer, and Microsoft SCVMM
Security design considerations for Virtual Desktop Infrastructure (VDI)
Security-focused use cases for VDI
Private cloud security architecture
Configuration options for securing private cloud components
Specific private cloud models and how security applies to each of them
Virtual firewalls and network access controls
Commercial and open-source virtual firewalls
Designing intrusion detection for virtual environments and the private cloud
Setting up promiscuous interfaces and traffic capture in a virtual environment
Host-based IDS/IPS for virtualization

Virtualization Offense and Defense (Part I)

Attack models that pertain to virtualization and cloud environments
Penetration testing cycles with a focus on virtualization and cloud attack types
Specific virtualization platform attacks and exploits
How to modify vulnerability management processes and scanning configuration to get the best results in virtualized environments
How to use attack frameworks like VASTO, Virtualization Assessment Toolkit to exploit virtualization systems
How to implement intrusion detection tools and processes in a virtual environment
What kinds of logs and logging are most critical for identifying attacks and live incidents in virtual and cloud environments

Virtualization Offense and Defense (Part II)

How anti-malware tools function in virtual and cloud environments
What kinds of new tools and tactics are available for effective anti-malware operations in the cloud and virtual machines
Pulling Netflow and packet data from virtual environments for analysis
How forensics processes and tools should be used and adapted for virtual systems
What tools are best to get the most accurate results from virtual machine system analysis
How to most effectively capture virtual machines for forensic evidence analysis
What can be done to analyze hypervisor platforms, and what does the future of virtual machine forensics hold?

Virtualization and Cloud Integration: Policy, Operations and Compliance

How security can adapt to accommodate virtualization infrastructure
How virtualization tools and technology can augment and facilitate security
A simple, bulletproof risk assessment strategy for virtualization and private cloud environments
Threats, vulnerabilities and impacts to consider when evaluating virtualization and private cloud technologies
New and updated policies needed for virtualization and cloud environments
Service-level agreements and performance considerations for cloud operations
Governance models for private clouds
Encryption tools and techniques for securing mobile virtual machines
Data lifecycle policies and processes to ensure virtual machines and their data are monitored and updated
Identity and access management fundamentals for private clouds
Scripting for automation with shell scripts, as well as vSphere CLI and PowerCLI
In-depth disaster recovery and business continuity planning processes and capabilities that virtualization and private clouds can augment

Auditing and Compliance for Virtualization and Cloud

Assessment and audit plans for virtualization and private cloud components
Key configuration controls from the leading hardening guides from DISA, CIS, VMware, and Microsoft
Scripting techniques in VI CLI for automating audit and assessment processes
Sample scripts that help implement key audit functions
Compliance mandates and how you can institute controls in both virtualization and cloud infrastructure to satisfy requirements

Request More Information

Time Frame: 0-3 Months4-12 Months

No Comments Yet.

Leave a comment