Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
VMware vSphere Security Cookbook
VMware vSphere Security Cookbook

VMware vSphere Security Cookbook: Over 75 practical recipes to help you successfully secure your vSphere environment

eBook
£7.99 £39.99
Paperback
£49.99
Subscription
Free Trial
Renews at £16.99p/m

What do you get with a Packt Subscription?

Free for first 7 days. £16.99 p/m after that. Cancel any time!
Product feature icon Unlimited ad-free access to the largest independent learning library in tech. Access this title and thousands more!
Product feature icon 50+ new titles added per month, including many first-to-market concepts and exclusive early access to books as they are being written.
Product feature icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Product feature icon Thousands of reference materials covering every tech concept you need to stay up to date.
Subscribe now
View plans & pricing
Table of content icon View table of contents Preview book icon Preview Book

VMware vSphere Security Cookbook

Chapter 1. Threat and Vulnerability Overview

In this chapter, we will cover the following topics:

  • Risk overview
  • Hypervisor threats
  • Hypervisor vulnerabilities
  • Guest virtual machine threats
  • Guest virtual machine vulnerabilities
  • Network threats
  • Network vulnerabilities
  • Storage threats
  • Storage vulnerabilities
  • Physical threats
  • Physical vulnerabilities
  • Security Concepts

Introduction

Risk management, while outside the scope of this book, is a key foundation in the creation of a secure system. Proper risk assessment will not only identify what is being protected, the cost, and the criticality of those assets, but also identify the likelihood of the system or systems being breached. With the state of governance, compliance, and the growing requirement to notify customers of the security breach, it's more important than ever to create an auditable system based on well-defined security policies.

Not long ago, type I hypervisor systems, such as VMware ESX and Microsoft Hyper-V, were considered inferior for the task of running highly secure environments. The virtualization market has made substantial progress in the security space in a short span of time.

This chapter provides a brief overview and review of the risk and the associated components of risk pertaining to the virtualization environment. The ultimate goal is to determine the acceptable risk, which is the level of risk that a company is willing to take in order to conduct business.

Risk overview

The risk equation is composed of three components: threat, vulnerability, and cost.

Risk = Threat x Vulnerability x Cost

In brief, Cost is the damage measured in currency, as experienced in the loss of hardware or software. The cost also includes consulting hours or quantifiable staff time spent in remediating the damages caused. While cost is a key factor in the risk formula, it falls outside the scope of this book. Please refer to sites such as http://www.isaca.org for further information on risk and risk management.

The Threat component of the risk equation is measured in frequency or rate. For example, the threat of a user deleting a file will be greatly reduced if a user only has read permission on the file. By the same token, an organization with 10,000 computers has a much higher potential threat of a virus infection than an organization with 1,000 computers.

While there are threats associated specifically with the virtualization environment, a great deal of risk is caused by the misconfiguration of systems and policies. With the added complexity of virtualization comes additional layers that need to be addressed in order to make the environment secure. Without end-to-end security communication in the Storage Area Network (SAN), the storage switch, hypervisor host, and virtual machine are at risk. Likewise, communication between virtual networking components and physical networking components presents many opportunities for misconfiguration, thereby leading to the opportunity for a security breach.

The Vulnerability component, at a broad level, is measured as a percentage, which is similar to the case of a threat. The term vulnerability is most closely tied to a known deficiency or bug that presents a clear vector for compromise, and as such, caries a likelihood of 100 percent if the system is not patched to protect against said exploit.

Considering the risk equation, vulnerability is the component that has the most control. Vulnerabilities in the hypervisor platform will typically be patched by the vendor, in this case, VMware. By utilizing tools such as Update Manager, system administrators are able to keep the host systems patched in a timely and regular manner.

During the software patching cycle, it's important to do proper testing before applying a patch to a production system. This is even more critical for virtualized systems since a single virtualized host can hold a large number of virtual machines and thus will be affected adversely by a patch crippling a host.

Normal network vulnerabilities are still present in a virtualized environment. The mix between virtual networking and physical networking can present a different set of vulnerabilities based on the environment. It is important for the networking team and the server virtualization team to work together in order to ensure that both the physical and virtual networks are correctly configured and secure.

Understanding defense-in-depth

In addition to risk is the concept of defense-in-depth. The defense-in-depth model uses a layered approach, which not only increases the attacker's risk of detection but also reduces an attacker's chance of success. Defending the organization in depth means the application of a combination of people, processes, and technology to protect against threats at each layer. A good defense-in-depth architecture will build each layer of the security under the assumption that the other layer has been breached. If one layer is missing something, another layer might stop it and thereby stop the attacker.

In brief, the model consists of a series of interconnected components. The fundamental layer of policy and procedure affects every other layer. This layer includes both security policies and security procedures, as shown in the following figure:

Understanding defense-in-depth

The next layer is the Physical Security layer. This layer encompasses the remaining layers and includes secure facilities, mantraps, surveillance, and biometric identification devices.

The traditional host layer is now broken up into the virtual host and the virtual machine. The virtual host, also known as the hypervisor, includes signed drives, a secured kernel layer, and minimal management attack surfaces. The virtual machine layer includes the guest operating system, host hardening, patch management, and strong authentication. The guest operating system might also include a host-based firewall, intrusion detection system, and disk encryption system.

The data layer of the defense-in-depth model includes Access Control Lists (ACLs) and encryption.

The application layer includes hardening practices such as mechanisms to prevent SQL injection, as an example.

The network layer consists of an internal network and perimeter layers. These layers are traditionally separated by a security device such as a firewall. In a virtualized environment, both an internal network and a perimeter network can and often do reside within the same set of virtual host machines. In a complex networking scheme, it's even more critical to ensure that trusted network traffic and untrusted network traffic are properly separated in the virtual environment.

In a traditional physical environment, overall security is often more difficult to achieve, simply because there are more components and the risk of misconfiguration is higher. For example, securing a mission-critical application is more efficient when the majority of components are virtual and can be configured together by a team or an individual. In a physical environment, the same tasks could span numerous individuals around the globe. The virtual environment provides the administrator with an encapsulated landscape, which provides a better structure for tracking critical components.

The remainder of this chapter will highlight the threats and vulnerabilities to core services utilized in a virtualization environment, including storage, networks, hypervisors, virtual machines, and physical security.

Hypervisor threats

Hypervisor threats from attackers are growing in popularity. In fact, the vulnerability that allows a virtual machine to escape to the hypervisor has been documented in a certain number of 64-bit operating systems that have been virtualized. In addition, a limited number of Intel CPUs are vulnerable to a local privilege-escalation attack. The attack essentially allows the virtual machine access to a ring of the kernel on the hypervisor host. While this did affect several hypervisor platforms, it did not affect the VMware ESX platform.

VMware continues to innovate in the area of isolating components of the virtual landscape with various products, including Network Virtualization Platform (NSX). NSX is designed with the Software Designed Data Center (SDDC) approach in mind. Achieving true isolation in a multitenant cloud model is the goal. Increased isolation and controls will help to minimize hypervisor threats.

The following is an example of a guest VM affecting the host at the workstation level, not at the server level. The vulnerability listed in the National Vulnerability Database (http://nvd.nist.gov) is as follows:

Note

National Cyber Awareness System

Vulnerability summary for CVE-2007-4496

Original release date: 09/21/2007

Last revised: 03/08/2011

Source: US-CERT/NIST

Overview

Unspecified vulnerability in EMC VMware workstation before 5.5.5 build 56455 and 6.x before 6.0.1 Build 55017, player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and server before 1.0.4 Build 56528 allows authenticated users with administrative privileges on a guest operating system to corrupt memory and possibly, execute arbitrary code on the host operating system via unspecified vectors.

Impact

CVSS severity (Version 2.0)

CVSS v2 base score: 6.5 (medium) (AV:A/AC:H/Au:S/C:C/I:C/A:C) (legend)

Impact subscore: 10.0

Exploitability subscore: 2.5

CVSS Version 2 metrics:

Access vector: Local network exploitable

Access complexity: High

Authentication: Required to exploit

Impact type: This provides administrator access; allows complete confidentiality, integrity, and availability violation; allows unauthorized disclosure of information; and allows disruption of service

In this case, the user with administrative privileges in the guest operating system was able to execute the code against the host. Keep in mind that this was not just any host; this was a VMware workstation, which is a different type of hypervisor.

Hypervisor vulnerabilities

Hypervisor vulnerabilities affect the ability to provide and manage core elements, including CPI, I/O, disk, and memory, to virtual machines hosted on the hypervisor. As with any other software system, vulnerabilities are identified and vendors work toward patching them as quickly as possible before an exploit is found.

Several key vulnerabilities exist at this time, specific to VMware ESXi, including buffer overflow and directory traversal vulnerabilities. The following information is taken from the National Vulnerability Database (http://nvd.nist.gov):

Note

National Cyber Awareness System

Vulnerability summary for CVE-2013-3658

Original release date: 09/10/2013

Last revised: 09/12/2013

Source: US-CERT/NIST

Overview

Directory traversal vulnerability in VMware ESXi 4.0 through 5.0 as well as ESX 4.0 and 4.1 allows remote attackers to delete arbitrary host OS files via unspecified vectors.

Impact

CVSS severity (Version 2.0):

CVSS v2 base score: 9.4 (high) (AV:N/AC:L/Au:N/C:N/I:C/A:C) (legend)

Impact subscore: 9.2

Exploitability subscore: 10.0

CVSS Version 2 metrics:

Access vector: Network exploitable

Access complexity: Low

Authentication: Not required to exploit

Impact type: This allows unauthorized modification and the disruption of service

Note that the access vector for both of these vulnerabilities is termed network exploitable, meaning that the vulnerability is remotely exploitable with only network access. The attacker does not need local access to exploit this type of vulnerability. The vulnerability listed in the National Vulnerability Database (http://nvd.nist.gov) is as follows:

Note

National Cyber Awareness System

Vulnerability summary for CVE-2013-3657

Original release date: 09/10/2013

Last revised: 09/13/2013

Source: US-CERT/NIST

Overview

Buffer overflow in VMware ESXi 4.0 through 5.0 as well as ESX 4.0 and 4.1 allows remote attackers to execute the arbitrary code or cause a denial of service via unspecified vectors.

Impact

CVSS severity (Version 2.0):

CVSS v2 base score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P) (legend)

Impact subscore: 6.4

Exploitability subscore: 10.0

CVSS Version 2 metrics:

Access vector: Network exploitable

Access complexity: Low

Authentication: Not required to exploit

Impact type: This allows unauthorized disclosure of information, unauthorized modification, and the disruption of service

When attackers find a vulnerability such as this and see that no authentication is required to exploit and the access vector is network exploitable, they move this up the list as a potential low-risk, high-value target.

It should be noted that at the time of writing this book, these vulnerabilities were active; however, VMware releases patches on a regular basis and some or all of the example vulnerabilities might have already been remediated.

Guest virtual machine threats

Virtual machine (VM) threats vary by the guest operating system (OS) that is loaded into the VM. Each operating system has its own list of threats, with the Microsoft Windows OS at the top of the list. Given its popularity, the Windows operating system has been a prime target for years as attackers find different ways to compromise the OS itself or the popular Internet Explorer browser within Windows.

Over the past few years, Adobe and its Adobe Reader product have become a target for attackers. Since Adobe Reader is installed on the majority of Windows and Apple operating systems, compromising Adobe can potentially allow an attacker to access a very large number of computers.

Although the guest operating system is contained within each virtual machine, it interacts with the hypervisor by way of the virtual hardware that supports the VM as well as by the specific tools that allow the VM to interact with the hypervisor, through which the hypervisor provides specialized services to the VM.

There is evidence reported by Symantec that certain malware attempts to determine whether the operating system is running in a virtual machine. This detection can be done in a number of ways, including checking whether VMware tools are running. For more details, check the Symantec link in the References section.

Guest virtual machine vulnerabilities

The vulnerabilities listed here are likely to be out of date as they have been remediated by the respective vendors. The following are a few guest operating system vulnerabilities at the time of writing this book.

The following vulnerability is one of an ever increasing number of vulnerabilities from Adobe, Adobe Reader, and Acrobat listed in the National Vulnerability Database (http://nvd.nist.gov):

Note

National Cyber Awareness System

Vulnerability summary for CVE-2013-5325

Original release date: 10/09/2013

Last revised: 11/03/2013

Source: US-CERT/NIST

Overview

Adobe Reader and Acrobat 11.x before 11.0.05 on Windows allow remote attackers to execute an arbitrary JavaScript code in a JavaScript: URL via a crafted PDF document.

Impact

CVSS severity (Version 2.0):

CVSS v2 base score: 9.3 (high) (AV:N/AC:M/Au:N/C:C/I:C/A:C) (legend)

Impact subscore: 10.0

Exploitability subscore: 8.6

CVSS Version 2 metrics:

Access vector: Network exploitable; Victim must voluntarily interact with the attack mechanism

Access complexity: Medium

Authentication: Not required to exploit

Impact type: This allows the unauthorized disclosure of information, unauthorized modification, and the disruption of service

The following vulnerability is for a kernel-mode driver in Windows 7, listed in the National Vulnerability Database (http://nvd.nist.gov):

Note

National Cyber Awareness System

Vulnerability summary for CVE-2013-3881

Original release date: 10/09/2013

Last revised: 11/03/2013

Source: US-CERT/NIST

Overview

win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allow local users to gain privileges via a crafted application, also known as "Win32k NULL Page Vulnerability."

Impact

CVSS severity (Version 2.0):

CVSS v2 base score: 7.2 (HIGH) (AV:L/AC:L/Au:N/C:C/I:C/A:C) (legend)

Impact subscore: 10.0

Exploitability subscore: 3.9

CVSS Version 2 metrics:

Access vector: Locally exploitable

Access complexity: Low

Authentication: Not required to exploit

Impact type: This allows the unauthorized disclosure of information, unauthorized modification, and the disruption of service

Any vulnerability found in a standalone desktop machine might have applicability in a virtualized environment. In fact, an infected Windows desktop, for example, has the opportunity to do more damage in a virtualized environment than if it were a standalone machine. If a virtualized environment was not configured correctly, a runaway desktop machine could take resources away from other virtual machines on the same host, impacting the performance of many as opposed to a single machine.

Network threats

Network threats are the largest in number due to the nature of the Internet and enterprise data connectivity. Since virtual switches function similar to physical switches, most, if not all, threats that have faced the traditional networking environment continue to face the virtualization environment. Even threats to specific Cisco IOS versions, for example, can affect the virtual network environment since there is a Cisco Nexus 1000 virtual switch available for VMware. There are several types of network attacks that generally fall into the following categories:

  • Denial of service attack: This attack is usually focused on large commercial websites with the intent of making the website unavailable. A denial of service takes place when the web server or network device is overloaded by legitimate requests. In the case of an e-commerce website, a denial of service attack can cost the company millions of dollars. In another example, a recent attack used Network Time Protocol (NTP) to take down popular gaming services including League of Legends and www.ea.com.
  • Hijacking or man-in-the-middle attack: This attack takes advantage of the TCP/IP protocol stack between endpoints. Hijacking is an attack where the attacker takes control over a legitimate user session that has already been connected and authenticated. In a man-in-the-middle attack, the attacker is able to observe, intercept, read, and modify messages between two systems. As an example, an attacker might set up a fake Wi-Fi hotspot at a coffee shop and observe traffic that passes from the users to the Internet.
  • Sniffing: This is the process of capturing and collecting network packets regardless of their destination. A sniffer is either hardware or software that can listen on a wired or wireless network interface. Common sniffer software includes Wireshark, TCPdump, and Network Monitor. A full view of the data within each collected packet is provided by a sniffer if the packets are not encrypted.
  • Trojans: This is also known as malware or spyware. Once installed by the unwitting user, the code can collect certain information from the user's system and send it back to the attacker.
  • Spoofing: IP spoofing is when an attacker sends IP packets from a false source address. This technique is used to trick the destination address into allowing the traffic since the source address is seen as valid. IP spoofing is often used in distributed denial of service attacks. In this example, the attacker sends a flood of packets that appear to have originated from multiple valid source addresses to a specified target address in an attempt to overload the network device.

Other types of network threats do exist, but for the purposes of this overview, the general types explained give you the background required for configurations in the virtual environment.

Network vulnerabilities

Network vulnerabilities are the most exploited type of vulnerability due to the large population of devices connected to the Internet. Network vulnerabilities affect endpoint devices, such as web servers, and core devices, such as routers and switches.

Network vulnerabilities across many vendors currently exist. Here are two example vulnerabilities from Cisco. Both represent bugs in the switch-level OS. This vulnerability is listed in the National Vulnerability Database (http://nvd.nist.gov) as follows:

Note

National Cyber Awareness System

Vulnerability summary for CVE-2013-5566

Original release date: 11/08/2013

Last revised: 11/08/2013

Source: US-CERT/NIST

Overview

Cisco NX-OS 5.0 and earlier-on MDS 9000 devices allows remote attackers to cause a denial of service (supervisor CPU consumption) via the Authentication Header (AH) authentication in a Virtual Router Redundancy Protocol (VRRP) frame, also know as Bug ID CSCte27874.

Impact

CVSS severity (Version 2.0):

CVSS v2 sase score: 5.0 (MEDIUM) (AV:N/AC:L/Au:N/C:N/I:N/A:P) (legend)

Impact subscore: 2.9

Exploitability subscore: 10.0

CVSS Version 2 metrics:

Access vector: Network exploitable

Access complexity: Low

Authentication: Not required to exploit

Impact type: This allows the disruption of serviceUnknown

The next vulnerability allows an attacker to cause a denial of service using a modified packet sent to the device. This example is listed in the National Vulnerability Database (http://nvd.nist.gov) as follows:

Note

National Cyber Awareness System

Vulnerability summary for CVE-2013-5565

Original release date: 11/08/2013

Last revised: 11/08/2013

Source: US-CERT/NIST

Overview

The OSPFv3 functionality in Cisco IOS XR 5.1 allows remote attackers to cause a denial of service (a process crash) via a malformed LSA Type-1 packet, also known as Bug ID CSCuj82176.

Impact

CVSS severity (Version 2.0):

CVSS v2 base score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:N/A:P) (legend)

Impact subscore: 2.9

Exploitability subscore: 8.6

CVSS Version 2 metrics:

Access vector: Network exploitable

Access complexity: Medium

Authentication: Not required to exploit

Impact type: This allows the disruption of serviceUnknown

The two examples are very specific, but both reinforce the common threat of denial of service and why frameworks such as defense-in-depth are important. If an attacker is able to cause a denial of service in the network device, a sensor somewhere on the network should be in place to send the proper alert.

Storage threats

There are many different types of storage that can be used by VMware vSphere; however, for the purposes of this brief explanation of storage threats, we will focus on storage area networks (SAN) and network-attached storage (NAS). From a protocol perspective, Fibre Channel and Internet Small Computer System Interface (iSCSI) will be briefly reviewed in the context of which threats and potential vulnerabilities they bring to the risk equation.

In the past, there was a clear delineation between SAN storage and NAS, but in recent years, high-performing devices have become much more popular for small- and medium-sized businesses. Likewise, most enterprises that historically used Fiber Channel exclusively now tend to have some iSCSI in their storage environment. Both protocols are inherently insecure on their own. In the case of Fiber Channel, sending information in clear text would seem to be the major risk; however, this is mitigated largely due to the physical characteristics of the fiber that the data passes over. That's not to say that Fiber Channel can't be exploited, but the nature of its closed-loop system makes it a lower risk.

iSCSI, on the other hand, uses the same RJ-45 network cables and physical switches that the normal IP traffic utilizes within the network. Without a proper process for securing iSCSI, traffic is very vulnerable to attack and exploit. It's crucial to isolate iSCSI traffic in order to separate switches or by VLAN. Additionally, the use of Challenge Handshake Authentication Protocol (CHAP) authentication will ensure that only approved iSCSI endpoints can communicate with the storage system.

Storage vulnerabilities

At the time of writing this book, there were no publicized vulnerabilities for any of the major SAN or NAS vendors specific to the access protocols' Fiber Channel or iSCSI. The following two vulnerabilities are for storage vendor management, listed in the National Vulnerability Database (http://nvd.nist.gov).

A number of the vulnerabilities listed specific to storage center around some form of management and authentication information being sent or stored in clear text:

Note

National Cyber Awareness System

Vulnerability summary for CVE-2013-3278

Original release date: 10/01/2013

Last revised: 10/02/2013

Source: US-CERT/NIST

Overview

EMC VPLEX before VPLEX GeoSynchrony 5.2 SP1 uses cleartext for storage of the LDAP/AD bind password, which allows local users to obtain sensitive information by reading the management-server configuration file.

Impact

CVSS severity (Version 2.0):

CVSS v2 base score: 4.9 (MEDIUM) (AV:L/AC:L/Au:N/C:C/I:N/A:N) (legend)

Impact subscore: 6.9

Exploitability subscore: 3.9

CVSS Version 2 metrics:

Access vector: Locally exploitable

Access complexity: Low

Authentication: Not required to exploit

Impact type: This allows the unauthorized disclosure of information

Another example from Hitachi shows vulnerability in the Network Node Manager that allows remote attacks:

Note

National Cyber Awareness System

Vulnerability summary for CVE-2012-5001

Original release date: 09/19/2012

Last revised: 09/20/2012

Source: US-CERT/NIST

Overview

Multiple unspecified vulnerabilities in Hitachi JP1/Cm2/Network Node Manager i before 09-50-03 allow remote attackers to cause a denial of service and possibly execute the arbitrary code via unspecified vectors.

Impact

CVSS severity (Version 2.0):

CVSS v2 base score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P) (legend)

Impact subscore: 6.4

Exploitability subscore: 10.0

CVSS Version 2 metrics:

Access vector: Network exploitable

Access complexity: Low

**NOTE: Access complexity is scored low due to insufficient information

Authentication: Not required to exploit

Impact type: This allows unauthorized disclosure of information, unauthorized modification, and the disruption of service

Both of these example vulnerabilities are in the management layer of the storage device, not within the data stream specific to the protocol transferring information between the SAN or NAS drivers and the hypervisor.

Physical threats

The topic of physical security might seem out of place in a book on virtual security; however, it plays a key role. As referenced in the defense-in-depth model, the most thorough design and implementation can be breached if physical security fails. For example, if one can physically access a console logged in with administrative credentials, security controls are effectively neutralized.

Physical threats by nature are threats that require physical access to the hardware in order to exploit the systems. In the case of virtualization hardware, the threat vector is somewhat lessened if you assume that the hardware will reside in some form of secure datacenter structure, be it a secure facility or room. In addition, carrying out administrative tasks on management desktops situated in secure locations without access to any public networks will also reduce risk.

Even with equipment residing in a secure facility, there are a number of threats that remain, including nonmalicious factors such as extreme weather and power outages. Other threat vectors include security and authentication mechanisms to the facility and within the facility to the server location. Typically, in a highly secure facility, a cage within the datacenter is used to secure the server hardware. Entry into the cage is limited to certain personnel and controlled by biometric or card reader devices.

Another potential threat is the personnel that staff the facility. A dishonest employee, even one who has been fully vetted and background-checked can gain access to sensitive equipment and potentially the data residing on that equipment. Alternatively, a dishonest employee can grant access to an outsider who is intending to attack a particular company's server or virtualization environment contained in the facility.

Physical vulnerabilities

Physical vulnerabilities include any weak links between the outside and the server equipment within the facility belonging to the customer. Vulnerabilities can mean the existence of the threats mentioned in the previous section, most notably weak authentication and questionable personnel.

Vulnerability such as a poor location or inadequate power grid should be immediately remediated by moving equipment to another facility without said vulnerabilities. Additional vulnerabilities that need to be considered include any aspect of the facility that will lend itself to a single point of failure, including the lack of redundant power or redundant Internet connections. Commercial datacenters are usually happy to showcase their redundancy.

As with all the threats and vulnerabilities mentioned in the previous sections, a detailed plan and checklist should be used when evaluating the design and implementation of each of these parts that make up a secure infrastructure. Adequate disaster recovery planning is also key as well as ensuring data security during a disaster. Confirm that should a disaster occur, the data will be secure at the disaster recovery website or websites.

Security concepts

This book contains a number of security, compliance and encryption topics that might not be second nature to the reader. This section will provide an overview of concepts and methods discussed in the book along with references for further information.

Data classifications

Data classifications are used to assign data at the right level of protection and security based on the content type and sensitivity required. Personally Identifiable Information (PII) and Protected Health Information (PHI) are two of the classifications referenced.

  • PII: Information that can uniquely identify an entity is considered PII. An example includes Social Security Number (SSN), home address, birthdate, e-mail address, and application login information.
  • PHI: Information created or derived from a hospital, physician, and healthcare providers specific to an individual's past, present and future medical condition. There is also a growing concern over the activity information recorded by wearable devices by privacy experts.

Cryptography

Symmetric Encryption: This utilizes a shared secret key to encrypt and decrypt messages. Both the sender and recipient utilized the same key to encrypt and decrypt information passed between them. The key can take the form of a complex string, for example. The encryption algorithm along with its key length determine the relative strength of the key. The strongest current block cipher is Advanced Encryption Standard (AES).

Asymmetric Encryption: This utilizes a public key and a private key. A message encrypted by the private key can only be decrypted by the public key and vice versa. The public key is available to anyone, while the private key is kept secret. Public key certificates utilize asymmetric encryption and provide information about the organization to which the certificate was issued.

Certificates

Certificates provide digital identification and a mechanism to establish trust. We can think of a certificate as a driver's license or government issued ID card. The trusted root authority can be thought of as the government in this example. The license or ID can be thought of as the certificate. When someone checks our ID to verify our identity, they trust the authority that issued that ID. Likewise, when a certificate is issued from a trusted authority, we can be assured the identity represented by the certificate is genuine.

Also known as digital certificates or X.509 certificates, these certificates are widely used by websites to prove their identity to the web browser. Certificates can also be used for mutual authentication where not only does the web browser trust the website, but also the web site trusts the web browser.

Public Key Infrastructure (PKI) generates certificates in both public and private scenarios. A Certificate Authority (CA) is the mechanism that responds to proper certificate requests and returns certificates to the requesting party. Verisign, Thawte, and Digicert are examples of public CAs, meaning a certificate issued by them is trusted by the majority of commercial web browsers by default. A private CA is usually set up within a corporate network, and the certificates issued are only trusted by machines on the corporate network.

Virtual Private Networks

Virtual Private Networks (VPN) provide a network tunnel between two endpoints through which information is encrypted (protected) from the network traffic outside the VPN tunnel. There are two main types of VPN tunnels in use today: IPSEC and SSL. IPSEC stands for Internet Protocol security, while SSL stands for Secure Sockets Layer.

Summary

The goal of this introductory chapter was to provide an overview of the threats and vulnerabilities that apply to a virtual infrastructure. From a security and compliance standpoint, every system should undergo a proper risk assessment. The risk equation has been presented along with a high-level introduction to the defense-in-depth philosophy.

Example threats and vulnerabilities have been highlighted for the hypervisor, guest virtual machine, network, storage, and physical categories. As threats continue to evolve and vulnerabilities are identified, vendors such as VMware provide patches and updates to keep their products secure and ensure system integrity. It is always a good idea to check new software versions for vulnerabilities before performing an upgrade.

While this chapter provided an overview and baseline information, the remainder of the book will be presented in the typical cookbook format. Each chapter will provide specific recipes for securing your vSphere infrastructure.

Left arrow icon Right arrow icon

Description

This book is intended for virtualization professionals who are experienced with the setup and configuration of VMware vSphere, but didn't get the opportunity to learn how to secure the environment properly.

What you will learn

  • Harden your ESXi host and guest virtual machines to reduce the vulnerabilities in your system
  • Configure vCenter networks and storage security to establish secure virtual networks between environments
  • Install and configure vShield Manager and Data Security to manage antimalware and anitvirus policies for your virtual environments
  • Set up vShield App and Edge, including firewall and VPN configurations to help secure your networks in your environment
  • Use Sophos Antivirus to establish a vShield Endpoint to secure your environment

Product Details

Country selected
Publication date, Length, Edition, Language, ISBN-13
Publication date : Nov 25, 2014
Length: 334 pages
Edition : 1st
Language : English
ISBN-13 : 9781782170341

What do you get with a Packt Subscription?

Free for first 7 days. £16.99 p/m after that. Cancel any time!
Product feature icon Unlimited ad-free access to the largest independent learning library in tech. Access this title and thousands more!
Product feature icon 50+ new titles added per month, including many first-to-market concepts and exclusive early access to books as they are being written.
Product feature icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Product feature icon Thousands of reference materials covering every tech concept you need to stay up to date.
Subscribe now
View plans & pricing

Product Details

Publication date : Nov 25, 2014
Length: 334 pages
Edition : 1st
Language : English
ISBN-13 : 9781782170341

Packt Subscriptions

See our plans and pricing
Modal Close icon
£16.99 billed monthly
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Simple pricing, no contract
£169.99 billed annually
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just £5 each
Feature tick icon Exclusive print discounts
£234.99 billed in 18 months
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just £5 each
Feature tick icon Exclusive print discounts

Frequently bought together


Stars icon
Total £ 86.98
VMware vRealize Operations Performance and Capacity Management
£36.99
VMware vSphere Security Cookbook
£49.99
Total £ 86.98 Stars icon
Banner background image

Table of Contents

14 Chapters
1. Threat and Vulnerability Overview Chevron down icon Chevron up icon
2. ESXi Host Security Chevron down icon Chevron up icon
3. Configuring Virtual Machine Security Chevron down icon Chevron up icon
4. Configuring User Management Chevron down icon Chevron up icon
5. Configuring Network Security Chevron down icon Chevron up icon
6. Configuring Storage Security Chevron down icon Chevron up icon
7. Configuring vShield Manager Chevron down icon Chevron up icon
8. Configuring vShield App Chevron down icon Chevron up icon
9. Configuring vShield Edge Chevron down icon Chevron up icon
10. Configuring vShield Endpoint Chevron down icon Chevron up icon
11. Configuring vShield Data Security Chevron down icon Chevron up icon
12. Configuring vSphere Certificates Chevron down icon Chevron up icon
13. Configuring vShield VXLAN Virtual Wires Chevron down icon Chevron up icon
Index Chevron down icon Chevron up icon

Customer reviews

Top Reviews
Rating distribution
Full star icon Full star icon Full star icon Full star icon Half star icon 4.5
(10 Ratings)
5 star 50%
4 star 50%
3 star 0%
2 star 0%
1 star 0%
Filter icon Filter
Top Reviews

Filter reviews by




Matteo Jan 21, 2015
Full star icon Full star icon Full star icon Full star icon Full star icon 5
This book will let you walk through most of the basic vSphere security guidelines without going insane. Everything is explained very thoroughly both on how and why you set all the settings, along with explanation links to the interested parties(VMware, NIST, etc.). VMware knowledge is required but the book is written without throwing you code or dropping you into a problem and just providing the answer. The book is based on 5.5 so you need to have a relatively recent compute farm(which you should do anyway if you plan on being secure) to execute on the books suggestions as most of the steps are explained with the new vSphere Web Client(most of it can be done with vSphere client on older versions but the steps may be different).
Amazon Verified review Amazon
L R E Mar 21, 2015
Full star icon Full star icon Full star icon Full star icon Full star icon 5
This book is comprehensive and in-depth and really helped me to better understand cyber threats and how vSphere has capabilities in place that allow it to be more secure and less prone to attack. I particularly liked the vShield installation and configuration instructions. The book was well written and easy to comprehend, the author is cognizant of the intended audience and provides enough explanation that aided in readability by providing clear and concise instructions with screenshots and practical considerations for implementation. This book didn't just cover securing ESXi hosts, but also delved into securing virtual machine, storage and network resources. This book would be an excellent book for people who are interested in properly securing their ESXi environment.
Amazon Verified review Amazon
Michael J. Mcshane Mar 12, 2015
Full star icon Full star icon Full star icon Full star icon Full star icon 5
This is a well written guide on administration and security for vSphere. The book starts with an overview of threats and vulnerabilities. The book then gets right into Hardening security for esx hosts and vSphere clients. The book is geared to "virtualization professionals who are experienced with VMware vSphere setup and configuration” but I found the chapters to be packed with plenty of screenshots and code samples. I particularly got a lot out of the chapters on configuring vSphere certificates.All and all the book is a solid guide and well worth the read and adding to your admin library.
Amazon Verified review Amazon
Paul Moore Mar 12, 2015
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Unlike many other Technical Manuals, this book does not make the assumption that the reader is a VMware veteran, nor does it treat the reader like they have never seen a computer. The information provided in the book is more that adequate for someone starting out, and still provides the details and explanations required by a more experienced reader. I do not fully agree with other reviewers that have stated that the book was written for Beginners to Intermediates. While this book is not written for VMware VCPs with years of Security experience, I do think that this book would be a great resource and reference point for anyone, at any level. Even experts need to be reminded of some of the more standard security practices!
Amazon Verified review Amazon
Fouad Kazma Mar 13, 2015
Full star icon Full star icon Full star icon Full star icon Full star icon 5
This book is an excellent resource for securing VMware hosts and guests.It is very concise and I learned quite a bid from it. What I liked particularly is the vShield chapters since I recently started to work with it. Overall it is a great reference book.
Amazon Verified review Amazon
Get free access to Packt library with over 7500+ books and video courses for 7 days!
Start Free Trial

FAQs

What is included in a Packt subscription? Chevron down icon Chevron up icon

A subscription provides you with full access to view all Packt and licnesed content online, this includes exclusive access to Early Access titles. Depending on the tier chosen you can also earn credits and discounts to use for owning content

How can I cancel my subscription? Chevron down icon Chevron up icon

To cancel your subscription with us simply go to the account page - found in the top right of the page or at https://subscription.packtpub.com/my-account/subscription - From here you will see the ‘cancel subscription’ button in the grey box with your subscription information in.

What are credits? Chevron down icon Chevron up icon

Credits can be earned from reading 40 section of any title within the payment cycle - a month starting from the day of subscription payment. You also earn a Credit every month if you subscribe to our annual or 18 month plans. Credits can be used to buy books DRM free, the same way that you would pay for a book. Your credits can be found in the subscription homepage - subscription.packtpub.com - clicking on ‘the my’ library dropdown and selecting ‘credits’.

What happens if an Early Access Course is cancelled? Chevron down icon Chevron up icon

Projects are rarely cancelled, but sometimes it's unavoidable. If an Early Access course is cancelled or excessively delayed, you can exchange your purchase for another course. For further details, please contact us here.

Where can I send feedback about an Early Access title? Chevron down icon Chevron up icon

If you have any feedback about the product you're reading, or Early Access in general, then please fill out a contact form here and we'll make sure the feedback gets to the right team. 

Can I download the code files for Early Access titles? Chevron down icon Chevron up icon

We try to ensure that all books in Early Access have code available to use, download, and fork on GitHub. This helps us be more agile in the development of the book, and helps keep the often changing code base of new versions and new technologies as up to date as possible. Unfortunately, however, there will be rare cases when it is not possible for us to have downloadable code samples available until publication.

When we publish the book, the code files will also be available to download from the Packt website.

How accurate is the publication date? Chevron down icon Chevron up icon

The publication date is as accurate as we can be at any point in the project. Unfortunately, delays can happen. Often those delays are out of our control, such as changes to the technology code base or delays in the tech release. We do our best to give you an accurate estimate of the publication date at any given time, and as more chapters are delivered, the more accurate the delivery date will become.

How will I know when new chapters are ready? Chevron down icon Chevron up icon

We'll let you know every time there has been an update to a course that you've bought in Early Access. You'll get an email to let you know there has been a new chapter, or a change to a previous chapter. The new chapters are automatically added to your account, so you can also check back there any time you're ready and download or read them online.

I am a Packt subscriber, do I get Early Access? Chevron down icon Chevron up icon

Yes, all Early Access content is fully available through your subscription. You will need to have a paid for or active trial subscription in order to access all titles.

How is Early Access delivered? Chevron down icon Chevron up icon

Early Access is currently only available as a PDF or through our online reader. As we make changes or add new chapters, the files in your Packt account will be updated so you can download them again or view them online immediately.

How do I buy Early Access content? Chevron down icon Chevron up icon

Early Access is a way of us getting our content to you quicker, but the method of buying the Early Access course is still the same. Just find the course you want to buy, go through the check-out steps, and you’ll get a confirmation email from us with information and a link to the relevant Early Access courses.

What is Early Access? Chevron down icon Chevron up icon

Keeping up to date with the latest technology is difficult; new versions, new frameworks, new techniques. This feature gives you a head-start to our content, as it's being created. With Early Access you'll receive each chapter as it's written, and get regular updates throughout the product's development, as well as the final course as soon as it's ready.We created Early Access as a means of giving you the information you need, as soon as it's available. As we go through the process of developing a course, 99% of it can be ready but we can't publish until that last 1% falls in to place. Early Access helps to unlock the potential of our content early, to help you start your learning when you need it most. You not only get access to every chapter as it's delivered, edited, and updated, but you'll also get the finalized, DRM-free product to download in any format you want when it's published. As a member of Packt, you'll also be eligible for our exclusive offers, including a free course every day, and discounts on new and popular titles.