Cantitate/Preț
Produs

VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment

Autor Edward L. Haletky
en Limba Engleză Paperback – iun 2009
VMware Virtual Infrastructure Security
Securing ESX and the Virtual Environment
Edward L. Haletky
Complete Hands-On Help for Securing VMware Infrastructure-by Ed Haletky, Author of the #1 VMware ESX Deployment Guide
As VMware has become increasingly ubiquitous in the enterprise, IT professionals have become increasingly concerned about securing it. Now, for the first time, leading VMware expert Edward Haletky brings together comprehensive guidance for identifying and mitigating virtualization-related security threats on all VMware platforms.
This book reflects the same hands-on approach that made Haletky's VMware ESX Server in the Enterprise so popular with working professionals. Haletky doesn't just reveal where you might be vulnerable; he tells you exactly what to do and how to reconfigure your infrastructure to address the problem.
VMware Virtual Infrastructure Security begins by reviewing basic server vulnerabilities and explaining how security differs on VMware virtual servers and related products. Next, Haletky drills deep into the key components of a VMware installation, identifying both real and theoretical exploits, and introducing effective countermeasures. Coverage includes:
· Viewing virtualization from the attacker's perspective, and understanding the new security problems it can introduce
· Addressing VMware security holistically, with solutions that encompass all of your VMware and third-party virtualization products
· Discovering which security threats the vmkernel does (and doesn't) address
· Learning how VMsafe enables third-party security tools to access the vmkernel API
· Understanding the security implications of VMI, paravirtualization, and VMware Tools
· Securing virtualized storage: authentication, disk encryption, virtual storage networks, isolation, and more
· Protecting clustered VI3 environments that use VMware High Availability, Dynamic Resource Scheduling, vMotion, and Storage vMotion
· Securing the deployment and management of virtual machines across the network
· Mitigating risks associated with backup, performance management, and other day-to-day operations
· Using multiple security zones and other advanced virtual network techniques
· Securing Virtual Desktop Infrastructure (VDI)
· Auditing virtual infrastructure, and conducting forensic investigations after a possible breach
Until now, VMware professionals have struggled to find coherent, usable information for securing virtual infrastructure. This book fills that gap, providing realistic best practices for protecting even the most complex VMware environment.
Edward L. Haletky owns AstroArch Consulting, Inc., which specializes in providing virtualization, security, network consulting and development services. He has attained "virtuoso" status on the VMware Discussion Forums for his work answering security and configuration questions. His first book, VMware ESX Server in the Enterprise, has been a consistent VMware bestseller. He formerly served on HP's Virtualization, Linux, and High-Performance Technical Computing teams.
Tim Pierson speaks regularly on security and virtualization issues at the Pentagon and at top events including Novell's Brainshare, Innotech, and GISSA. He is co-author of Global Knowledge Windows 2000 Boot Camp. Tom Howarth moderates the VMware Communities forum, and owns TCA Consulting and PlanetVM.Net. He regularly designs enterprise-class virtualization projects, and received the VMware vExpert 2009 award.
informit.com/ph
Citește tot Restrânge

Preț: 23228 lei

Preț vechi: 29039 lei
-20%

Puncte Express: 348

Preț estimativ în valută:
4450 4820$ 3816£

Cartea nu se mai tipărește

Doresc să fiu notificat când acest titlu va fi disponibil:

Preluare comenzi: 021 569.72.76

Specificații

ISBN-13: 9780137158003
ISBN-10: 0137158009
Pagini: 521
Ilustrații: illustrations
Dimensiuni: 175 x 231 x 30 mm
Greutate: 0.89 kg
Ediția:1
Editura: Prentice Hall PTR
Locul publicării:Upper Saddle River, United States

Descriere

Complete Hands-On Help for Securing VMware vSphere and Virtual Infrastructure by Edward Haletky, Author of the Best Selling Book on VMware, VMware ESX Server in the Enterprise
 
As VMware has become increasingly ubiquitous in the enterprise, IT professionals have become increasingly concerned about securing it. Now, for the first time, leading VMware expert Edward Haletky brings together comprehensive guidance for identifying and mitigating virtualization-related security threats on all VMware platforms, including the new cloud computing platform, vSphere.
 
This book reflects the same hands-on approach that made Haletky’s VMware ESX Server in the Enterprise so popular with working professionals. Haletky doesn’t just reveal where you might be vulnerable; he tells you exactly what to do and how to reconfigure your infrastructure to address the problem.
 
VMware vSphere and Virtual Infrastructure Security begins by reviewing basic server vulnerabilities and explaining how security differs on VMware virtual servers and related products. Next, Haletky drills deep into the key components of a VMware installation, identifying both real and theoretical exploits, and introducing effective countermeasures.

Coverage includes
•    Viewing virtualization from the attacker’s perspective, and understanding the new security problems it can introduce
•    Discovering which security threats the vmkernel does (and doesn’t) address
•    Learning how VMsafe enables third-party security tools to access the vmkernel API
•    Understanding the security implications of VMI, paravirtualization, and VMware Tools
•    Securing virtualized storage: authentication, disk encryption, virtual storage networks, isolation, and more
•    Protecting clustered virtual environments that use VMware High Availability, Dynamic Resource Scheduling, Fault Tolerance, vMotion, and Storage vMotion
•    Securing the deployment and management of virtual machines across the network
•    Mitigating risks associated with backup, performance management, and other day-to-day operations
•    Using multiple security zones and other advanced virtual network techniques
•    Securing Virtual Desktop Infrastructure (VDI)
•    Auditing virtual infrastructure, and conducting forensic investigations after a possible breach
 
 
informit.com/ph   |   www.Astroarch.com

Cuprins

1  WHAT IS A SECURITY THREAT?    1
The 10,000 Foot View without Virtualization   2
The 10,000 Foot View with Virtualization    4
Applying Virtualization Security    5
Definitions    10
Threat    11
Vulnerability    11
Fault    11
The Beginning of the Journey    12
2  HOLISTIC VIEW FROM THE BOTTOM UP    15
Attack Goals    16
Anatomy of an Attack    17
Footprinting Stage    17
Scanning Stage    17
Enumeration Stage    19
Penetration Stage    21
Types of Attacks    23
Buffer Overflows    23
Heap Overflows    31
Web-Based Attacks    33
Layer 2 Attacks    41
Layer 3 Nonrouter Attacks    46
DNS Attacks    47
Layer 3 Routing Attacks    49
Man in the Middle Attack (MiTM)    51
Conclusion    57
3  UNDERSTANDING VMWARE VSPHERE AND VIRTUAL INFRASTRUCTURE SECURITY    59
Hypervisor Models    59
Hypervisor Security    60
Secure the Hardware    61
Secure the Management Appliance    62
Secure the Hypervisor    63
Secure the Management Interfaces    81
Secure the Virtual Machine    89
Conclusion    89
4  STORAGE AND SECURITY    91
Storage Connections within the Virtual Environment    92
Storage Area Networks (SAN)    93
Network Attached Storage (NAS)    95
Internet SCSI (iSCSI) Servers    96
Virtual Storage Appliances    96
Storage Usage within the Virtual Environment    97
VM Datastore    98
Ancillary File Store    98
Backup Store    99
Tape Devices    100
Storage Security    102
Data in Motion    103
Data at Rest    104
Storage Security Issues    104
VCB Proxy Server    104
SCSI reservations    106
Fibre Channel SAN (Regular or NPIV)    108
iSCSI    110
NFS    111
CIFS for Backups    112
Shared File Access over Secure Shell (SSH) or Secure Copy Use    113
FTP/R-Command Usage    115
Extents    115
Conclusion    116
5  CLUSTERING AND SECURITY       117
Types of Clusters    117
Standard Shared Storage    118
RAID Blade    122
VMware Cluster    123
Virtual Machine Clusters    125
Security Concerns    125
Heartbeats    127
Isolation    133
VMware Cluster Protocols    140
VMware Hot Migration Failures    141
Virtual Machine Clusters    142
Management    143
Conclusion    145
6  DEPLOYMENT AND MANAGEMENT    147
Management and Deployment Data Flow    148
VIC to VC (Including Plug-Ins)    148
VIC to Host    152
VC webAccess    153
ESX(i) webAccess    154
VI SDK to VC    154
VI SDK to Host    156
RCLI to Host    156
RCLI to VC    156
SSH to Host    156
Console Access    157
Lab Manager    157
Site Manager    157
LifeCycle Manager    158
AppSpeed    158
CapacityIQ    158
VMware Update Manager    158
Management and Deployment Authentication    158
Difference Between Authorization and Authentication    159
Mitigating Split-Brain Authorization and Authentication    162
Security of Management and Deployment Network    184
Using SSL    184
Using IPsec    189
Using Tunnels    189
Using Deployment Servers    190
Security Issues during Management and Deployment    191
VIC Plug-ins    192
VMs on the Wrong Network    193
VMs or Networks Created Without Authorization    194
VMs on the Wrong Storage    195
VMs Assigned to Improper Resource Pools    196
Premature Propagation of VMs from Quality Assurance to Production    196
Physical to Virtual (P2V) Crossing Security Zones    196
Conclusion    198
7  OPERATIONS AND SECURITY       199
Monitoring Operations    199
Host Monitoring    200
Host Configuration Monitoring    202
Performance Monitoring    203
Virtual Machine Administrator Operations    204
Using the Wrong Interface to Access VMs    204
Using the Built-in VNC to Access the Console    205
Virtual Machine Has Crashed    211
Backup Administrator Operations    211
Service Console Backups    212
Network Backups    213
Direct Storage Access Backups    213
Virtual Infrastructure Administrator Operations    214
Using Tools Across Security Zones    214
Running Commands Across All Hosts    215
Management Roles and Permissions Set Incorrectly    216
Conclusion    217
8  VIRTUAL MACHINES AND SECURITY       219
The Virtual Machine    219
Secure the Virtual Hardware    220
Secure the Guest OS and Application    239
Secure the Hypervisor Interaction Layer    241
Virtual Machine Administration    252
Virtual Machine Creation    253
Virtual Machine Modification    253
Virtual Machine Deletion    254
Conclusion    254
9  VIRTUAL NETWORKING SECURITY    255
Virtual Networking Basics    256
Basic Connections    256
802.1q or VLAN Tagging    268
Security Zones    271
Standard Zones    273
Best Practices    277
Virtualization Host with Single or Dual pNIC    278
Three pNICs    280
Four pNICs    284
Five pNICs    289
Six pNICs    295
Eight pNICs    302
Ten pNICs    304
pNIC Combination Conclusion    304
Cases    305
DMZ on a Private vSwitch    305
Use of Virtual Firewall to Protect the Virtualization Management Network    307
VMware as a Service    307
Tools    310
Intrusion Detection and Prevention    310
Auditing Interfaces    311
Conclusion    314
10  VIRTUAL DESKTOP SECURITY    315
What Is VDI?    315
Components    316
VDI Products    317
VDM    318
VDM’s Place in the Network    318
The VDM Connection Server    319
The VDM Client    319
The VDM Web Access Client    320
The VDM Agent for Virtual Desktops    321
Security Implications    322
VMware View    324
Linked Clones: What Are They and How Do They Change Security?    324
Storage Overcommit    326
Overview of Linked Clones    326
Protecting the VC    328
Offline Desktops    329
SSL in a VDM or View Environment    333
Secure VDI Implementation    338
Secure the Virtual Desktop    341
Conclusion    342
11  SECURITY AND VMWARE ESX    343
VMware ESXi Hardening Recipe    345
VMware ESX Hardening Recipe    349
Step 1: Root Password    355
Step 2: Shadow Password    355
Step    3: IPtables Firewall    355
Step 4: Lockdown by Source IP    357
Step 5: Run Security Assessments    360
Step 6: Apply Hardening per Assessments    367
Step 7: Additional Auditing Tools    388
Conclusion    394
12  DIGITAL FORENSICS AND DATA RECOVERY    397
Data Recovery    398
Data Recovery–Host Unavailable    399
Data Recovery–Corrupt LUN    400
Data Recovery–Re-create LUN    406
Data Recovery–Re-create Disk    407
Digital Forensics    408
Digital Forensics–Acquisition    408
Digital Forensics–Analysis    422
Digital Forensics–Who Did What, When, Where, and How?    426
Conclusion    428
CONCLUSION: JUST THE BEGINNING: THE FUTURE OF VIRTUALIZATION SECURITY    431
A  PATCHES TO BASTILLE TOOL    435
B  SECURITY HARDENING SCRIPT    441
C  ASSESSMENT SCRIPT OUTPUT    465
CIS-CAT Output    465
Bastille-Linux Output    470
DISA STIG Output    475
Tripwire ConfigCheck Output    496
D  SUGGESTED READING AND USEFUL LINKS    499
Books    499
Whitepapers    500
Products    501
Useful Links    502
GLOSSARY    503
INDEX    507
 

Recenzii

Praise Page for VMware vSphere and Virtual Infrastructure Security
“I’ve known Edward for a while and he is very passionate about security and virtualization and this book represents his passion for both subjects. Security is one area that is often not paid enough attention to and in a virtual environment it is absolutely critical as many different security threats exist compared to physical environments. Ed’s latest book covers every area of virtualization security and is a must read for anyone who has virtualized their environment so they can understand the many threats that exist and how to protect themselves from them.”
 
–Eric Siebert, author of VMware® V13 Implementation and Administration, blogger for Tech Target, and owner of http://vsphere-land.com and vExpert 2009
 
“This book is a comprehensive, in-depth review of security in virtualized environments using VMware Infrastructure and VMware vSphere. Edward reinforces the need to include security in every area of your virtualized environment as he thoroughly discusses the security implications present in your server hardware, storage, networking, virtual machines, and guest operating systems. Even without the focus on security, Edward’s book is a valuable reference work for the useful tidbits of knowledge he’s gathered during his career. Highly recommended!”
 
–Scott Lowe, virtualization blogger, author, and VMware vExpert

Praise Page for VMware vSphere and Virtual Infrastructure Security "I've known Edward for a while and he is very passionate about security and virtualization and this book represents his passion for both subjects. Security is one area that is often not paid enough attention to and in a virtual environment it is absolutely critical as many different security threats exist compared to physical environments. Ed's latest book covers every area of virtualization security and is a must read for anyone who has virtualized their environment so they can understand the many threats that exist and how to protect themselves from them." -Eric Siebert, author of VMware(R) V13 Implementation and Administration, blogger for Tech Target, and owner of http://vsphere-land.com and vExpert 2009 "This book is a comprehensive, in-depth review of security in virtualized environments using VMware Infrastructure and VMware vSphere. Edward reinforces the need to include security in every area of your virtualized environment as he thoroughly discusses the security implications present in your server hardware, storage, networking, virtual machines, and guest operating systems. Even without the focus on security, Edward's book is a valuable reference work for the useful tidbits of knowledge he's gathered during his career. Highly recommended!" -Scott Lowe, virtualization blogger, author, and VMware vExpert

Notă biografică

Edward L. Haletky is the author of the well-received book VMware ESX Server in the Enterprise: Planning and Securing Virtualization Servers. A virtualization expert, Edward has been involved in virtualization host security discussions, planning, and architecture since VMware ESX version 1.5.x. Edward owns AstroArch Consulting, Inc., providing virtualization, security, network consulting, and development. Edward is a 2009 VMware vExpert, Guru, and moderator for the VMware Communities Forums, providing answers to security and configuration questions. Edward moderates the Virtualization Security Roundtable Podcast held every two weeks where virtualization security is discussed in depth. Edward is DABCC’s Virtualization Security Analyst.
 
Edward is the virtualization Security Analyst at www.virtualizationpractice.com
  
Tim Pierson has been a technical trainer for the past 23 years and is an industry leader in both security and virtualization. He has been the noted speaker at many industry events, including Novell’s Brainshare, Innotech, GISSA, and many military venues, including the Pentagon and numerous facilities addressing security both in the United States and Europe. He is a contributor to Secure Coding best practices and coauthor of Global Knowledge Windows 2000 Boot Camp courseware.
 
 
Tom Howarth is DABCC’s Data Center Virtualization Analyst. Tom is a moderator of the VMware Communities Forums. Tom owns TCA Consulting and PlanetVM.Net. He regularly designs large virtualization projects for enterprises in the U.K. and elsewhere in EMEA. Tom received the VMware vExpert 2009 award.
 

Textul de pe ultima copertă

Complete Hands-On Help for Securing VMware vSphere and Virtual Infrastructure by Edward Haletky, Author of the Best Selling Book on VMware, VMware ESX Server in the Enterprise As VMware has become increasingly ubiquitous in the enterprise, IT professionals have become increasingly concerned about securing it. Now, for the first time, leading VMware expert Edward Haletky brings together comprehensive guidance for identifying and mitigating virtualization-related security threats on all VMware platforms, including the new cloud computing platform, vSphere. This book reflects the same hands-on approach that made Haletky's VMware ESX Server in the Enterprise so popular with working professionals. Haletky doesn't just reveal where you might be vulnerable; he tells you exactly what to do and how to reconfigure your infrastructure to address the problem. VMware vSphere and Virtual Infrastructure Security begins by reviewing basic server vulnerabilities and explaining how security differs on VMware virtual servers and related products. Next, Haletky drills deep into the key components of a VMware installation, identifying both real and theoretical exploits, and introducing effective countermeasures.
Coverage includes - Viewing virtualization from the attacker's perspective, and understanding the new security problems it can introduce - Discovering which security threats the vmkernel does (and doesn't) address - Learning how VMsafe enables third-party security tools to access the vmkernel API - Understanding the security implications of VMI, paravirtualization, and VMware Tools - Securing virtualized storage: authentication, disk encryption, virtual storage networks, isolation, and more - Protecting clustered virtual environments that use VMware High Availability, Dynamic Resource Scheduling, Fault Tolerance, vMotion, and Storage vMotion - Securing the deployment and management of virtual machines across the network - Mitigating risks associated with backup, performance management, and other day-to-day operations - Using multiple security zones and other advanced virtual network techniques - Securing Virtual Desktop Infrastructure (VDI) - Auditing virtual infrastructure, and conducting forensic investigations after a possible breach informit.com/ph www.Astroarch.com