Book Image

VMware vSphere Security Cookbook

By : Michael Greer
Book Image

VMware vSphere Security Cookbook

By: Michael Greer

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
VMware vSphere Security Cookbook
Michael Greer
Nov, 2014 | 334 pages
No titles found
Table of Contents (20 chapters)
VMware vSphere Security Cookbook
VMware vSphere Security Cookbook
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Threat and Vulnerability Overview
Threat and Vulnerability Overview
Introduction
Risk overview
Hypervisor threats
Hypervisor vulnerabilities
Guest virtual machine threats
Guest virtual machine vulnerabilities
Network threats
Network vulnerabilities
Storage threats
Storage vulnerabilities
Physical threats
Physical vulnerabilities
Security concepts
Summary
2
ESXi Host Security
ESXi Host Security
Introduction
Hardening the host via Console
Hardening the host via vSphere Client
Configuring host services
Configuring the host firewall
3
Configuring Virtual Machine Security
Configuring Virtual Machine Security
Introduction
Configuring administrative access options
Securing the guest OS
Guest virtual machine hardening
Configuring virtual machine resource isolation
Configuring the standard image templates
Managing snapshots
4
Configuring User Management
Configuring User Management
Introduction
Configuring vCenter Single Sign-On
Managing Single Sign-On users with vSphere Web Client
Configuring Active Directory integration
Managing Active Directory users and groups
Assigning permissions
Assigning administrative roles
5
Configuring Network Security
Configuring Network Security
Introduction
Configuring Standard vSwitch security
Configuring the port group security
Configuring VLANs
Creating DMZ networks
Providing Distributed vSwitch security options

Configuring PVLANs
6
Configuring Storage Security
Configuring Storage Security
Introduction
Configuring network isolation
Configuring iSCSI security
Configuring Header and Data Digest
7
Configuring vShield Manager
Configuring vShield Manager
Introduction
Installing vShield Manager OVA
Configuring vShield Manager settings
Adding vShield licensing to vCenter
Configuring SSL Security for Web Manager
Configuring Single Sign-On
Configuring user accounts and roles
Configuring services and service groups
8
Configuring vShield App
Configuring vShield App
Introduction
Installing vShield App
Configuring vShield App using the Web Console
Configuring vShield App Flow Monitoring
Configuring vShield App Firewall
Configuring vShield App SpoofGuard
9
Configuring vShield Edge
Configuring vShield Edge
Introduction
Installing vShield Edge
Managing appliances
Managing interfaces
Managing certificates and revocation lists
Managing firewall rules
Managing NAT rules and static routes
Managing the IPSec VPN service
Managing SSL VPN-Plus
Configuring the load-balancing service
10
Configuring vShield Endpoint
Configuring vShield Endpoint
Introduction
Installing vShield Endpoint
Configuring vShield Endpoint using an antivirus
11
Configuring vShield Data Security
Configuring vShield Data Security
Introduction
Installing vShield Data Security
Configuring the vShield Data Security policies
Managing vShield Data Security reports
12
Configuring vSphere Certificates
Configuring vSphere Certificates
Introduction
Configuring a Windows CA template
Requesting certificates from a Windows CA
Using SSL Certificate Automation Tool 5.5
Process certificate requests
Registering the Single Sign-On certificate
Registering the Inventory Service certificate
Registering the vCenter certificate
Registering the Web Client certificate
Registering the Log Browser certificate
Registering the Update Manager certificate
Installing an ESXi host certificate
13
Configuring vShield VXLAN Virtual Wires
Configuring vShield VXLAN Virtual Wires
Introduction
Prerequisites for configuring VXLAN virtual wires
Configuring VXLAN virtual wires
Testing VXLAN virtual wires
Configuring firewall rules for VXLAN virtual wires
Index
Index

Risk overview

The risk equation is composed of three components: threat, vulnerability, and cost.

Risk = Threat x Vulnerability x Cost

In brief, Cost is the damage measured in currency, as experienced in the loss of hardware or software. The cost also includes consulting hours or quantifiable staff time spent in remediating the damages caused. While cost is a key factor in the risk formula, it falls outside the scope of this book. Please refer to sites such as http://www.isaca.org for further information on risk and risk management.

The Threat component of the risk equation is measured in frequency or rate. For example, the threat of a user deleting a file will be greatly reduced if a user only has read permission on the file. By the same token, an organization with 10,000 computers has a much higher potential threat of a virus infection than an organization with 1,000 computers.

While there are threats associated specifically with the virtualization environment, a great deal of risk is caused by the misconfiguration of systems and policies. With the added complexity of virtualization comes additional layers that need to be addressed in order to make the environment secure. Without end-to-end security communication in the Storage Area Network (SAN), the storage switch, hypervisor host, and virtual machine are at risk. Likewise, communication between virtual networking components and physical networking components presents many opportunities for misconfiguration, thereby leading to the opportunity for a security breach.

The Vulnerability component, at a broad level, is measured as a percentage, which is similar to the case of a threat. The term vulnerability is most closely tied to a known deficiency or bug that presents a clear vector for compromise, and as such, caries a likelihood of 100 percent if the system is not patched to protect against said exploit.

Considering the risk equation, vulnerability is the component that has the most control. Vulnerabilities in the hypervisor platform will typically be patched by the vendor, in this case, VMware. By utilizing tools such as Update Manager, system administrators are able to keep the host systems patched in a timely and regular manner.

During the software patching cycle, it's important to do proper testing before applying a patch to a production system. This is even more critical for virtualized systems since a single virtualized host can hold a large number of virtual machines and thus will be affected adversely by a patch crippling a host.

Normal network vulnerabilities are still present in a virtualized environment. The mix between virtual networking and physical networking can present a different set of vulnerabilities based on the environment. It is important for the networking team and the server virtualization team to work together in order to ensure that both the physical and virtual networks are correctly configured and secure.

Understanding defense-in-depth

In addition to risk is the concept of defense-in-depth. The defense-in-depth model uses a layered approach, which not only increases the attacker's risk of detection but also reduces an attacker's chance of success. Defending the organization in depth means the application of a combination of people, processes, and technology to protect against threats at each layer. A good defense-in-depth architecture will build each layer of the security under the assumption that the other layer has been breached. If one layer is missing something, another layer might stop it and thereby stop the attacker.

In brief, the model consists of a series of interconnected components. The fundamental layer of policy and procedure affects every other layer. This layer includes both security policies and security procedures, as shown in the following figure:

The next layer is the Physical Security layer. This layer encompasses the remaining layers and includes secure facilities, mantraps, surveillance, and biometric identification devices.

The traditional host layer is now broken up into the virtual host and the virtual machine. The virtual host, also known as the hypervisor, includes signed drives, a secured kernel layer, and minimal management attack surfaces. The virtual machine layer includes the guest operating system, host hardening, patch management, and strong authentication. The guest operating system might also include a host-based firewall, intrusion detection system, and disk encryption system.

The data layer of the defense-in-depth model includes Access Control Lists (ACLs) and encryption.

The application layer includes hardening practices such as mechanisms to prevent SQL injection, as an example.

The network layer consists of an internal network and perimeter layers. These layers are traditionally separated by a security device such as a firewall. In a virtualized environment, both an internal network and a perimeter network can and often do reside within the same set of virtual host machines. In a complex networking scheme, it's even more critical to ensure that trusted network traffic and untrusted network traffic are properly separated in the virtual environment.

In a traditional physical environment, overall security is often more difficult to achieve, simply because there are more components and the risk of misconfiguration is higher. For example, securing a mission-critical application is more efficient when the majority of components are virtual and can be configured together by a team or an individual. In a physical environment, the same tasks could span numerous individuals around the globe. The virtual environment provides the administrator with an encapsulated landscape, which provides a better structure for tracking critical components.

The remainder of this chapter will highlight the threats and vulnerabilities to core services utilized in a virtualization environment, including storage, networks, hypervisors, virtual machines, and physical security.

Previous Section
End of Section 3
Next Section