Book Image

VMware View Security Essentials

By : Daniel Langenhan
Book Image

VMware View Security Essentials

By: Daniel Langenhan

Overview of this book

Most people associate security with network security and focus on firewalls and network monitoring. However, there is more to security than that. Security starts with the establishment of a stable environment, protecting this environment not only from intrusion, but also from malicious intent. It is about tracking the issue and recovering from it. These elements of security are what this book aims to address. VMware View Security Essentials addresses the topic of security in the corporate environment in a new way. It starts with the underlying virtual infrastructure and then delves into securing your base, your connection, and your client. This is not only a “how-to” book, but is also a book that explains the background and the insights of View security for the experienced professional's desktop virtualization. This book takes you through the four major View security areas. Each area deals with all the aspects of security and explains the background as well as laying out simple-to-follow recipes to implement a higher security standard. We start at the Virtualization base and work our way through the various View server types. We will then dive into the problems and issues of securing a connection before we address the security of the desktop itself. We conclude with a look into the backing up of our View installation and preparing for disaster recovery.
Table of Contents (12 chapters)

SSL certificates

All vSphere components and for that matter all View components communicate via a secure connection using SSL certificates. The following diagram shows all the API (HTTPS SSL secured) connections between the different layers:

All VMware products automatically create certificates during installation. However, when using certificates that have been issued from a Certificate Authority (CA), you make sure that no man-in-the-middle attack can occur. For this, we have to exchange the VMware self-signed SSL certificates that VMware uses by default with CA signed certificates.

Certificates improve not only the security for inter-server communication, but especially the client-server connectivity.

In this section we will see how we can import SSL certificates. If you don't have any trusted certificate, I will quickly show you how you get an Active Directory (AD) CA signed certificate.

Creating a Certificate Authority (CA) and obtaining a certificate

If you do not have a valid signed certificate...