Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletter Hub
Free Learning
Arrow right icon
timer SALE ENDS IN
0 Days
:
00 Hours
:
00 Minutes
:
00 Seconds
Arrow up icon
GO TO TOP
VMware vSphere Security Cookbook

You're reading from   VMware vSphere Security Cookbook Over 75 practical recipes to help you successfully secure your vSphere environment

Arrow left icon
Product type Paperback
Published in Nov 2014
Publisher
ISBN-13 9781782170341
Length 334 pages
Edition 1st Edition
Arrow right icon
Author (1):
Arrow left icon
Michael Greer Michael Greer
Author Profile Icon Michael Greer
Michael Greer
Arrow right icon
View More author details
Toc

Table of Contents (15) Chapters Close

Preface 1. Threat and Vulnerability Overview FREE CHAPTER 2. ESXi Host Security 3. Configuring Virtual Machine Security 4. Configuring User Management 5. Configuring Network Security 6. Configuring Storage Security 7. Configuring vShield Manager 8. Configuring vShield App 9. Configuring vShield Edge 10. Configuring vShield Endpoint 11. Configuring vShield Data Security 12. Configuring vSphere Certificates 13. Configuring vShield VXLAN Virtual Wires Index

Network threats

Network threats are the largest in number due to the nature of the Internet and enterprise data connectivity. Since virtual switches function similar to physical switches, most, if not all, threats that have faced the traditional networking environment continue to face the virtualization environment. Even threats to specific Cisco IOS versions, for example, can affect the virtual network environment since there is a Cisco Nexus 1000 virtual switch available for VMware. There are several types of network attacks that generally fall into the following categories:

  • Denial of service attack: This attack is usually focused on large commercial websites with the intent of making the website unavailable. A denial of service takes place when the web server or network device is overloaded by legitimate requests. In the case of an e-commerce website, a denial of service attack can cost the company millions of dollars. In another example, a recent attack used Network Time Protocol (NTP) to take down popular gaming services including League of Legends and www.ea.com.
  • Hijacking or man-in-the-middle attack: This attack takes advantage of the TCP/IP protocol stack between endpoints. Hijacking is an attack where the attacker takes control over a legitimate user session that has already been connected and authenticated. In a man-in-the-middle attack, the attacker is able to observe, intercept, read, and modify messages between two systems. As an example, an attacker might set up a fake Wi-Fi hotspot at a coffee shop and observe traffic that passes from the users to the Internet.
  • Sniffing: This is the process of capturing and collecting network packets regardless of their destination. A sniffer is either hardware or software that can listen on a wired or wireless network interface. Common sniffer software includes Wireshark, TCPdump, and Network Monitor. A full view of the data within each collected packet is provided by a sniffer if the packets are not encrypted.
  • Trojans: This is also known as malware or spyware. Once installed by the unwitting user, the code can collect certain information from the user's system and send it back to the attacker.
  • Spoofing: IP spoofing is when an attacker sends IP packets from a false source address. This technique is used to trick the destination address into allowing the traffic since the source address is seen as valid. IP spoofing is often used in distributed denial of service attacks. In this example, the attacker sends a flood of packets that appear to have originated from multiple valid source addresses to a specified target address in an attempt to overload the network device.

Other types of network threats do exist, but for the purposes of this overview, the general types explained give you the background required for configurations in the virtual environment.

You have been reading a chapter from
VMware vSphere Security Cookbook
Published in: Nov 2014
Publisher:
ISBN-13: 9781782170341
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image