Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
VMware vSphere Security Cookbook
VMware vSphere Security Cookbook

VMware vSphere Security Cookbook: Over 75 practical recipes to help you successfully secure your vSphere environment

eBook
$9.99 $39.99
Paperback
$65.99
Subscription
Free Trial
Renews at $19.99p/m

What do you get with Print?

Product feature icon Instant access to your digital eBook copy whilst your Print order is Shipped
Product feature icon Paperback book shipped to your preferred address
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
OR
Modal Close icon
Payment Processing...
tick Completed

Shipping Address

Billing Address

Shipping Methods
Table of content icon View table of contents Preview book icon Preview Book

VMware vSphere Security Cookbook

Chapter 1. Threat and Vulnerability Overview

In this chapter, we will cover the following topics:

  • Risk overview
  • Hypervisor threats
  • Hypervisor vulnerabilities
  • Guest virtual machine threats
  • Guest virtual machine vulnerabilities
  • Network threats
  • Network vulnerabilities
  • Storage threats
  • Storage vulnerabilities
  • Physical threats
  • Physical vulnerabilities
  • Security Concepts

Introduction

Risk management, while outside the scope of this book, is a key foundation in the creation of a secure system. Proper risk assessment will not only identify what is being protected, the cost, and the criticality of those assets, but also identify the likelihood of the system or systems being breached. With the state of governance, compliance, and the growing requirement to notify customers of the security breach, it's more important than ever to create an auditable system based on well-defined security policies.

Not long ago, type I hypervisor systems, such as VMware ESX and Microsoft Hyper-V, were considered inferior for the task of running highly secure environments. The virtualization market has made substantial progress in the security space in a short span of time.

This chapter provides a brief overview and review of the risk and the associated components of risk pertaining to the virtualization environment. The ultimate goal is to determine the acceptable risk, which is the level of risk that a company is willing to take in order to conduct business.

Risk overview

The risk equation is composed of three components: threat, vulnerability, and cost.

Risk = Threat x Vulnerability x Cost

In brief, Cost is the damage measured in currency, as experienced in the loss of hardware or software. The cost also includes consulting hours or quantifiable staff time spent in remediating the damages caused. While cost is a key factor in the risk formula, it falls outside the scope of this book. Please refer to sites such as http://www.isaca.org for further information on risk and risk management.

The Threat component of the risk equation is measured in frequency or rate. For example, the threat of a user deleting a file will be greatly reduced if a user only has read permission on the file. By the same token, an organization with 10,000 computers has a much higher potential threat of a virus infection than an organization with 1,000 computers.

While there are threats associated specifically with the virtualization environment, a great deal of risk is caused by the misconfiguration of systems and policies. With the added complexity of virtualization comes additional layers that need to be addressed in order to make the environment secure. Without end-to-end security communication in the Storage Area Network (SAN), the storage switch, hypervisor host, and virtual machine are at risk. Likewise, communication between virtual networking components and physical networking components presents many opportunities for misconfiguration, thereby leading to the opportunity for a security breach.

The Vulnerability component, at a broad level, is measured as a percentage, which is similar to the case of a threat. The term vulnerability is most closely tied to a known deficiency or bug that presents a clear vector for compromise, and as such, caries a likelihood of 100 percent if the system is not patched to protect against said exploit.

Considering the risk equation, vulnerability is the component that has the most control. Vulnerabilities in the hypervisor platform will typically be patched by the vendor, in this case, VMware. By utilizing tools such as Update Manager, system administrators are able to keep the host systems patched in a timely and regular manner.

During the software patching cycle, it's important to do proper testing before applying a patch to a production system. This is even more critical for virtualized systems since a single virtualized host can hold a large number of virtual machines and thus will be affected adversely by a patch crippling a host.

Normal network vulnerabilities are still present in a virtualized environment. The mix between virtual networking and physical networking can present a different set of vulnerabilities based on the environment. It is important for the networking team and the server virtualization team to work together in order to ensure that both the physical and virtual networks are correctly configured and secure.

Understanding defense-in-depth

In addition to risk is the concept of defense-in-depth. The defense-in-depth model uses a layered approach, which not only increases the attacker's risk of detection but also reduces an attacker's chance of success. Defending the organization in depth means the application of a combination of people, processes, and technology to protect against threats at each layer. A good defense-in-depth architecture will build each layer of the security under the assumption that the other layer has been breached. If one layer is missing something, another layer might stop it and thereby stop the attacker.

In brief, the model consists of a series of interconnected components. The fundamental layer of policy and procedure affects every other layer. This layer includes both security policies and security procedures, as shown in the following figure:

Understanding defense-in-depth

The next layer is the Physical Security layer. This layer encompasses the remaining layers and includes secure facilities, mantraps, surveillance, and biometric identification devices.

The traditional host layer is now broken up into the virtual host and the virtual machine. The virtual host, also known as the hypervisor, includes signed drives, a secured kernel layer, and minimal management attack surfaces. The virtual machine layer includes the guest operating system, host hardening, patch management, and strong authentication. The guest operating system might also include a host-based firewall, intrusion detection system, and disk encryption system.

The data layer of the defense-in-depth model includes Access Control Lists (ACLs) and encryption.

The application layer includes hardening practices such as mechanisms to prevent SQL injection, as an example.

The network layer consists of an internal network and perimeter layers. These layers are traditionally separated by a security device such as a firewall. In a virtualized environment, both an internal network and a perimeter network can and often do reside within the same set of virtual host machines. In a complex networking scheme, it's even more critical to ensure that trusted network traffic and untrusted network traffic are properly separated in the virtual environment.

In a traditional physical environment, overall security is often more difficult to achieve, simply because there are more components and the risk of misconfiguration is higher. For example, securing a mission-critical application is more efficient when the majority of components are virtual and can be configured together by a team or an individual. In a physical environment, the same tasks could span numerous individuals around the globe. The virtual environment provides the administrator with an encapsulated landscape, which provides a better structure for tracking critical components.

The remainder of this chapter will highlight the threats and vulnerabilities to core services utilized in a virtualization environment, including storage, networks, hypervisors, virtual machines, and physical security.

Hypervisor threats

Hypervisor threats from attackers are growing in popularity. In fact, the vulnerability that allows a virtual machine to escape to the hypervisor has been documented in a certain number of 64-bit operating systems that have been virtualized. In addition, a limited number of Intel CPUs are vulnerable to a local privilege-escalation attack. The attack essentially allows the virtual machine access to a ring of the kernel on the hypervisor host. While this did affect several hypervisor platforms, it did not affect the VMware ESX platform.

VMware continues to innovate in the area of isolating components of the virtual landscape with various products, including Network Virtualization Platform (NSX). NSX is designed with the Software Designed Data Center (SDDC) approach in mind. Achieving true isolation in a multitenant cloud model is the goal. Increased isolation and controls will help to minimize hypervisor threats.

The following is an example of a guest VM affecting the host at the workstation level, not at the server level. The vulnerability listed in the National Vulnerability Database (http://nvd.nist.gov) is as follows:

Note

National Cyber Awareness System

Vulnerability summary for CVE-2007-4496

Original release date: 09/21/2007

Last revised: 03/08/2011

Source: US-CERT/NIST

Overview

Unspecified vulnerability in EMC VMware workstation before 5.5.5 build 56455 and 6.x before 6.0.1 Build 55017, player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and server before 1.0.4 Build 56528 allows authenticated users with administrative privileges on a guest operating system to corrupt memory and possibly, execute arbitrary code on the host operating system via unspecified vectors.

Impact

CVSS severity (Version 2.0)

CVSS v2 base score: 6.5 (medium) (AV:A/AC:H/Au:S/C:C/I:C/A:C) (legend)

Impact subscore: 10.0

Exploitability subscore: 2.5

CVSS Version 2 metrics:

Access vector: Local network exploitable

Access complexity: High

Authentication: Required to exploit

Impact type: This provides administrator access; allows complete confidentiality, integrity, and availability violation; allows unauthorized disclosure of information; and allows disruption of service

In this case, the user with administrative privileges in the guest operating system was able to execute the code against the host. Keep in mind that this was not just any host; this was a VMware workstation, which is a different type of hypervisor.

Hypervisor vulnerabilities

Hypervisor vulnerabilities affect the ability to provide and manage core elements, including CPI, I/O, disk, and memory, to virtual machines hosted on the hypervisor. As with any other software system, vulnerabilities are identified and vendors work toward patching them as quickly as possible before an exploit is found.

Several key vulnerabilities exist at this time, specific to VMware ESXi, including buffer overflow and directory traversal vulnerabilities. The following information is taken from the National Vulnerability Database (http://nvd.nist.gov):

Note

National Cyber Awareness System

Vulnerability summary for CVE-2013-3658

Original release date: 09/10/2013

Last revised: 09/12/2013

Source: US-CERT/NIST

Overview

Directory traversal vulnerability in VMware ESXi 4.0 through 5.0 as well as ESX 4.0 and 4.1 allows remote attackers to delete arbitrary host OS files via unspecified vectors.

Impact

CVSS severity (Version 2.0):

CVSS v2 base score: 9.4 (high) (AV:N/AC:L/Au:N/C:N/I:C/A:C) (legend)

Impact subscore: 9.2

Exploitability subscore: 10.0

CVSS Version 2 metrics:

Access vector: Network exploitable

Access complexity: Low

Authentication: Not required to exploit

Impact type: This allows unauthorized modification and the disruption of service

Note that the access vector for both of these vulnerabilities is termed network exploitable, meaning that the vulnerability is remotely exploitable with only network access. The attacker does not need local access to exploit this type of vulnerability. The vulnerability listed in the National Vulnerability Database (http://nvd.nist.gov) is as follows:

Note

National Cyber Awareness System

Vulnerability summary for CVE-2013-3657

Original release date: 09/10/2013

Last revised: 09/13/2013

Source: US-CERT/NIST

Overview

Buffer overflow in VMware ESXi 4.0 through 5.0 as well as ESX 4.0 and 4.1 allows remote attackers to execute the arbitrary code or cause a denial of service via unspecified vectors.

Impact

CVSS severity (Version 2.0):

CVSS v2 base score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P) (legend)

Impact subscore: 6.4

Exploitability subscore: 10.0

CVSS Version 2 metrics:

Access vector: Network exploitable

Access complexity: Low

Authentication: Not required to exploit

Impact type: This allows unauthorized disclosure of information, unauthorized modification, and the disruption of service

When attackers find a vulnerability such as this and see that no authentication is required to exploit and the access vector is network exploitable, they move this up the list as a potential low-risk, high-value target.

It should be noted that at the time of writing this book, these vulnerabilities were active; however, VMware releases patches on a regular basis and some or all of the example vulnerabilities might have already been remediated.

Guest virtual machine threats

Virtual machine (VM) threats vary by the guest operating system (OS) that is loaded into the VM. Each operating system has its own list of threats, with the Microsoft Windows OS at the top of the list. Given its popularity, the Windows operating system has been a prime target for years as attackers find different ways to compromise the OS itself or the popular Internet Explorer browser within Windows.

Over the past few years, Adobe and its Adobe Reader product have become a target for attackers. Since Adobe Reader is installed on the majority of Windows and Apple operating systems, compromising Adobe can potentially allow an attacker to access a very large number of computers.

Although the guest operating system is contained within each virtual machine, it interacts with the hypervisor by way of the virtual hardware that supports the VM as well as by the specific tools that allow the VM to interact with the hypervisor, through which the hypervisor provides specialized services to the VM.

There is evidence reported by Symantec that certain malware attempts to determine whether the operating system is running in a virtual machine. This detection can be done in a number of ways, including checking whether VMware tools are running. For more details, check the Symantec link in the References section.

Guest virtual machine vulnerabilities

The vulnerabilities listed here are likely to be out of date as they have been remediated by the respective vendors. The following are a few guest operating system vulnerabilities at the time of writing this book.

The following vulnerability is one of an ever increasing number of vulnerabilities from Adobe, Adobe Reader, and Acrobat listed in the National Vulnerability Database (http://nvd.nist.gov):

Note

National Cyber Awareness System

Vulnerability summary for CVE-2013-5325

Original release date: 10/09/2013

Last revised: 11/03/2013

Source: US-CERT/NIST

Overview

Adobe Reader and Acrobat 11.x before 11.0.05 on Windows allow remote attackers to execute an arbitrary JavaScript code in a JavaScript: URL via a crafted PDF document.

Impact

CVSS severity (Version 2.0):

CVSS v2 base score: 9.3 (high) (AV:N/AC:M/Au:N/C:C/I:C/A:C) (legend)

Impact subscore: 10.0

Exploitability subscore: 8.6

CVSS Version 2 metrics:

Access vector: Network exploitable; Victim must voluntarily interact with the attack mechanism

Access complexity: Medium

Authentication: Not required to exploit

Impact type: This allows the unauthorized disclosure of information, unauthorized modification, and the disruption of service

The following vulnerability is for a kernel-mode driver in Windows 7, listed in the National Vulnerability Database (http://nvd.nist.gov):

Note

National Cyber Awareness System

Vulnerability summary for CVE-2013-3881

Original release date: 10/09/2013

Last revised: 11/03/2013

Source: US-CERT/NIST

Overview

win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allow local users to gain privileges via a crafted application, also known as "Win32k NULL Page Vulnerability."

Impact

CVSS severity (Version 2.0):

CVSS v2 base score: 7.2 (HIGH) (AV:L/AC:L/Au:N/C:C/I:C/A:C) (legend)

Impact subscore: 10.0

Exploitability subscore: 3.9

CVSS Version 2 metrics:

Access vector: Locally exploitable

Access complexity: Low

Authentication: Not required to exploit

Impact type: This allows the unauthorized disclosure of information, unauthorized modification, and the disruption of service

Any vulnerability found in a standalone desktop machine might have applicability in a virtualized environment. In fact, an infected Windows desktop, for example, has the opportunity to do more damage in a virtualized environment than if it were a standalone machine. If a virtualized environment was not configured correctly, a runaway desktop machine could take resources away from other virtual machines on the same host, impacting the performance of many as opposed to a single machine.

Network threats

Network threats are the largest in number due to the nature of the Internet and enterprise data connectivity. Since virtual switches function similar to physical switches, most, if not all, threats that have faced the traditional networking environment continue to face the virtualization environment. Even threats to specific Cisco IOS versions, for example, can affect the virtual network environment since there is a Cisco Nexus 1000 virtual switch available for VMware. There are several types of network attacks that generally fall into the following categories:

  • Denial of service attack: This attack is usually focused on large commercial websites with the intent of making the website unavailable. A denial of service takes place when the web server or network device is overloaded by legitimate requests. In the case of an e-commerce website, a denial of service attack can cost the company millions of dollars. In another example, a recent attack used Network Time Protocol (NTP) to take down popular gaming services including League of Legends and www.ea.com.
  • Hijacking or man-in-the-middle attack: This attack takes advantage of the TCP/IP protocol stack between endpoints. Hijacking is an attack where the attacker takes control over a legitimate user session that has already been connected and authenticated. In a man-in-the-middle attack, the attacker is able to observe, intercept, read, and modify messages between two systems. As an example, an attacker might set up a fake Wi-Fi hotspot at a coffee shop and observe traffic that passes from the users to the Internet.
  • Sniffing: This is the process of capturing and collecting network packets regardless of their destination. A sniffer is either hardware or software that can listen on a wired or wireless network interface. Common sniffer software includes Wireshark, TCPdump, and Network Monitor. A full view of the data within each collected packet is provided by a sniffer if the packets are not encrypted.
  • Trojans: This is also known as malware or spyware. Once installed by the unwitting user, the code can collect certain information from the user's system and send it back to the attacker.
  • Spoofing: IP spoofing is when an attacker sends IP packets from a false source address. This technique is used to trick the destination address into allowing the traffic since the source address is seen as valid. IP spoofing is often used in distributed denial of service attacks. In this example, the attacker sends a flood of packets that appear to have originated from multiple valid source addresses to a specified target address in an attempt to overload the network device.

Other types of network threats do exist, but for the purposes of this overview, the general types explained give you the background required for configurations in the virtual environment.

Network vulnerabilities

Network vulnerabilities are the most exploited type of vulnerability due to the large population of devices connected to the Internet. Network vulnerabilities affect endpoint devices, such as web servers, and core devices, such as routers and switches.

Network vulnerabilities across many vendors currently exist. Here are two example vulnerabilities from Cisco. Both represent bugs in the switch-level OS. This vulnerability is listed in the National Vulnerability Database (http://nvd.nist.gov) as follows:

Note

National Cyber Awareness System

Vulnerability summary for CVE-2013-5566

Original release date: 11/08/2013

Last revised: 11/08/2013

Source: US-CERT/NIST

Overview

Cisco NX-OS 5.0 and earlier-on MDS 9000 devices allows remote attackers to cause a denial of service (supervisor CPU consumption) via the Authentication Header (AH) authentication in a Virtual Router Redundancy Protocol (VRRP) frame, also know as Bug ID CSCte27874.

Impact

CVSS severity (Version 2.0):

CVSS v2 sase score: 5.0 (MEDIUM) (AV:N/AC:L/Au:N/C:N/I:N/A:P) (legend)

Impact subscore: 2.9

Exploitability subscore: 10.0

CVSS Version 2 metrics:

Access vector: Network exploitable

Access complexity: Low

Authentication: Not required to exploit

Impact type: This allows the disruption of serviceUnknown

The next vulnerability allows an attacker to cause a denial of service using a modified packet sent to the device. This example is listed in the National Vulnerability Database (http://nvd.nist.gov) as follows:

Note

National Cyber Awareness System

Vulnerability summary for CVE-2013-5565

Original release date: 11/08/2013

Last revised: 11/08/2013

Source: US-CERT/NIST

Overview

The OSPFv3 functionality in Cisco IOS XR 5.1 allows remote attackers to cause a denial of service (a process crash) via a malformed LSA Type-1 packet, also known as Bug ID CSCuj82176.

Impact

CVSS severity (Version 2.0):

CVSS v2 base score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:N/A:P) (legend)

Impact subscore: 2.9

Exploitability subscore: 8.6

CVSS Version 2 metrics:

Access vector: Network exploitable

Access complexity: Medium

Authentication: Not required to exploit

Impact type: This allows the disruption of serviceUnknown

The two examples are very specific, but both reinforce the common threat of denial of service and why frameworks such as defense-in-depth are important. If an attacker is able to cause a denial of service in the network device, a sensor somewhere on the network should be in place to send the proper alert.

Storage threats

There are many different types of storage that can be used by VMware vSphere; however, for the purposes of this brief explanation of storage threats, we will focus on storage area networks (SAN) and network-attached storage (NAS). From a protocol perspective, Fibre Channel and Internet Small Computer System Interface (iSCSI) will be briefly reviewed in the context of which threats and potential vulnerabilities they bring to the risk equation.

In the past, there was a clear delineation between SAN storage and NAS, but in recent years, high-performing devices have become much more popular for small- and medium-sized businesses. Likewise, most enterprises that historically used Fiber Channel exclusively now tend to have some iSCSI in their storage environment. Both protocols are inherently insecure on their own. In the case of Fiber Channel, sending information in clear text would seem to be the major risk; however, this is mitigated largely due to the physical characteristics of the fiber that the data passes over. That's not to say that Fiber Channel can't be exploited, but the nature of its closed-loop system makes it a lower risk.

iSCSI, on the other hand, uses the same RJ-45 network cables and physical switches that the normal IP traffic utilizes within the network. Without a proper process for securing iSCSI, traffic is very vulnerable to attack and exploit. It's crucial to isolate iSCSI traffic in order to separate switches or by VLAN. Additionally, the use of Challenge Handshake Authentication Protocol (CHAP) authentication will ensure that only approved iSCSI endpoints can communicate with the storage system.

Storage vulnerabilities

At the time of writing this book, there were no publicized vulnerabilities for any of the major SAN or NAS vendors specific to the access protocols' Fiber Channel or iSCSI. The following two vulnerabilities are for storage vendor management, listed in the National Vulnerability Database (http://nvd.nist.gov).

A number of the vulnerabilities listed specific to storage center around some form of management and authentication information being sent or stored in clear text:

Note

National Cyber Awareness System

Vulnerability summary for CVE-2013-3278

Original release date: 10/01/2013

Last revised: 10/02/2013

Source: US-CERT/NIST

Overview

EMC VPLEX before VPLEX GeoSynchrony 5.2 SP1 uses cleartext for storage of the LDAP/AD bind password, which allows local users to obtain sensitive information by reading the management-server configuration file.

Impact

CVSS severity (Version 2.0):

CVSS v2 base score: 4.9 (MEDIUM) (AV:L/AC:L/Au:N/C:C/I:N/A:N) (legend)

Impact subscore: 6.9

Exploitability subscore: 3.9

CVSS Version 2 metrics:

Access vector: Locally exploitable

Access complexity: Low

Authentication: Not required to exploit

Impact type: This allows the unauthorized disclosure of information

Another example from Hitachi shows vulnerability in the Network Node Manager that allows remote attacks:

Note

National Cyber Awareness System

Vulnerability summary for CVE-2012-5001

Original release date: 09/19/2012

Last revised: 09/20/2012

Source: US-CERT/NIST

Overview

Multiple unspecified vulnerabilities in Hitachi JP1/Cm2/Network Node Manager i before 09-50-03 allow remote attackers to cause a denial of service and possibly execute the arbitrary code via unspecified vectors.

Impact

CVSS severity (Version 2.0):

CVSS v2 base score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P) (legend)

Impact subscore: 6.4

Exploitability subscore: 10.0

CVSS Version 2 metrics:

Access vector: Network exploitable

Access complexity: Low

**NOTE: Access complexity is scored low due to insufficient information

Authentication: Not required to exploit

Impact type: This allows unauthorized disclosure of information, unauthorized modification, and the disruption of service

Both of these example vulnerabilities are in the management layer of the storage device, not within the data stream specific to the protocol transferring information between the SAN or NAS drivers and the hypervisor.

Physical threats

The topic of physical security might seem out of place in a book on virtual security; however, it plays a key role. As referenced in the defense-in-depth model, the most thorough design and implementation can be breached if physical security fails. For example, if one can physically access a console logged in with administrative credentials, security controls are effectively neutralized.

Physical threats by nature are threats that require physical access to the hardware in order to exploit the systems. In the case of virtualization hardware, the threat vector is somewhat lessened if you assume that the hardware will reside in some form of secure datacenter structure, be it a secure facility or room. In addition, carrying out administrative tasks on management desktops situated in secure locations without access to any public networks will also reduce risk.

Even with equipment residing in a secure facility, there are a number of threats that remain, including nonmalicious factors such as extreme weather and power outages. Other threat vectors include security and authentication mechanisms to the facility and within the facility to the server location. Typically, in a highly secure facility, a cage within the datacenter is used to secure the server hardware. Entry into the cage is limited to certain personnel and controlled by biometric or card reader devices.

Another potential threat is the personnel that staff the facility. A dishonest employee, even one who has been fully vetted and background-checked can gain access to sensitive equipment and potentially the data residing on that equipment. Alternatively, a dishonest employee can grant access to an outsider who is intending to attack a particular company's server or virtualization environment contained in the facility.

Physical vulnerabilities

Physical vulnerabilities include any weak links between the outside and the server equipment within the facility belonging to the customer. Vulnerabilities can mean the existence of the threats mentioned in the previous section, most notably weak authentication and questionable personnel.

Vulnerability such as a poor location or inadequate power grid should be immediately remediated by moving equipment to another facility without said vulnerabilities. Additional vulnerabilities that need to be considered include any aspect of the facility that will lend itself to a single point of failure, including the lack of redundant power or redundant Internet connections. Commercial datacenters are usually happy to showcase their redundancy.

As with all the threats and vulnerabilities mentioned in the previous sections, a detailed plan and checklist should be used when evaluating the design and implementation of each of these parts that make up a secure infrastructure. Adequate disaster recovery planning is also key as well as ensuring data security during a disaster. Confirm that should a disaster occur, the data will be secure at the disaster recovery website or websites.

Security concepts

This book contains a number of security, compliance and encryption topics that might not be second nature to the reader. This section will provide an overview of concepts and methods discussed in the book along with references for further information.

Data classifications

Data classifications are used to assign data at the right level of protection and security based on the content type and sensitivity required. Personally Identifiable Information (PII) and Protected Health Information (PHI) are two of the classifications referenced.

  • PII: Information that can uniquely identify an entity is considered PII. An example includes Social Security Number (SSN), home address, birthdate, e-mail address, and application login information.
  • PHI: Information created or derived from a hospital, physician, and healthcare providers specific to an individual's past, present and future medical condition. There is also a growing concern over the activity information recorded by wearable devices by privacy experts.

Cryptography

Symmetric Encryption: This utilizes a shared secret key to encrypt and decrypt messages. Both the sender and recipient utilized the same key to encrypt and decrypt information passed between them. The key can take the form of a complex string, for example. The encryption algorithm along with its key length determine the relative strength of the key. The strongest current block cipher is Advanced Encryption Standard (AES).

Asymmetric Encryption: This utilizes a public key and a private key. A message encrypted by the private key can only be decrypted by the public key and vice versa. The public key is available to anyone, while the private key is kept secret. Public key certificates utilize asymmetric encryption and provide information about the organization to which the certificate was issued.

Certificates

Certificates provide digital identification and a mechanism to establish trust. We can think of a certificate as a driver's license or government issued ID card. The trusted root authority can be thought of as the government in this example. The license or ID can be thought of as the certificate. When someone checks our ID to verify our identity, they trust the authority that issued that ID. Likewise, when a certificate is issued from a trusted authority, we can be assured the identity represented by the certificate is genuine.

Also known as digital certificates or X.509 certificates, these certificates are widely used by websites to prove their identity to the web browser. Certificates can also be used for mutual authentication where not only does the web browser trust the website, but also the web site trusts the web browser.

Public Key Infrastructure (PKI) generates certificates in both public and private scenarios. A Certificate Authority (CA) is the mechanism that responds to proper certificate requests and returns certificates to the requesting party. Verisign, Thawte, and Digicert are examples of public CAs, meaning a certificate issued by them is trusted by the majority of commercial web browsers by default. A private CA is usually set up within a corporate network, and the certificates issued are only trusted by machines on the corporate network.

Virtual Private Networks

Virtual Private Networks (VPN) provide a network tunnel between two endpoints through which information is encrypted (protected) from the network traffic outside the VPN tunnel. There are two main types of VPN tunnels in use today: IPSEC and SSL. IPSEC stands for Internet Protocol security, while SSL stands for Secure Sockets Layer.

Summary

The goal of this introductory chapter was to provide an overview of the threats and vulnerabilities that apply to a virtual infrastructure. From a security and compliance standpoint, every system should undergo a proper risk assessment. The risk equation has been presented along with a high-level introduction to the defense-in-depth philosophy.

Example threats and vulnerabilities have been highlighted for the hypervisor, guest virtual machine, network, storage, and physical categories. As threats continue to evolve and vulnerabilities are identified, vendors such as VMware provide patches and updates to keep their products secure and ensure system integrity. It is always a good idea to check new software versions for vulnerabilities before performing an upgrade.

While this chapter provided an overview and baseline information, the remainder of the book will be presented in the typical cookbook format. Each chapter will provide specific recipes for securing your vSphere infrastructure.

Left arrow icon Right arrow icon

Description

This book is intended for virtualization professionals who are experienced with the setup and configuration of VMware vSphere, but didn't get the opportunity to learn how to secure the environment properly.

What you will learn

  • Harden your ESXi host and guest virtual machines to reduce the vulnerabilities in your system
  • Configure vCenter networks and storage security to establish secure virtual networks between environments
  • Install and configure vShield Manager and Data Security to manage antimalware and anitvirus policies for your virtual environments
  • Set up vShield App and Edge, including firewall and VPN configurations to help secure your networks in your environment
  • Use Sophos Antivirus to establish a vShield Endpoint to secure your environment
Estimated delivery fee Deliver to United States

Economy delivery 10 - 13 business days

Free $6.95

Premium delivery 6 - 9 business days

$21.95
(Includes tracking information)

Product Details

Country selected
Publication date, Length, Edition, Language, ISBN-13
Publication date : Nov 25, 2014
Length: 334 pages
Edition : 1st
Language : English
ISBN-13 : 9781782170341

What do you get with Print?

Product feature icon Instant access to your digital eBook copy whilst your Print order is Shipped
Product feature icon Paperback book shipped to your preferred address
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
OR
Modal Close icon
Payment Processing...
tick Completed

Shipping Address

Billing Address

Shipping Methods
Estimated delivery fee Deliver to United States

Economy delivery 10 - 13 business days

Free $6.95

Premium delivery 6 - 9 business days

$21.95
(Includes tracking information)

Product Details

Publication date : Nov 25, 2014
Length: 334 pages
Edition : 1st
Language : English
ISBN-13 : 9781782170341

Packt Subscriptions

See our plans and pricing
Modal Close icon
$19.99 billed monthly
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Simple pricing, no contract
$199.99 billed annually
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just $5 each
Feature tick icon Exclusive print discounts
$279.99 billed in 18 months
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just $5 each
Feature tick icon Exclusive print discounts

Frequently bought together


Stars icon
Total $ 114.98
VMware vRealize Operations Performance and Capacity Management
$48.99
VMware vSphere Security Cookbook
$65.99
Total $ 114.98 Stars icon
Banner background image

Table of Contents

14 Chapters
1. Threat and Vulnerability Overview Chevron down icon Chevron up icon
2. ESXi Host Security Chevron down icon Chevron up icon
3. Configuring Virtual Machine Security Chevron down icon Chevron up icon
4. Configuring User Management Chevron down icon Chevron up icon
5. Configuring Network Security Chevron down icon Chevron up icon
6. Configuring Storage Security Chevron down icon Chevron up icon
7. Configuring vShield Manager Chevron down icon Chevron up icon
8. Configuring vShield App Chevron down icon Chevron up icon
9. Configuring vShield Edge Chevron down icon Chevron up icon
10. Configuring vShield Endpoint Chevron down icon Chevron up icon
11. Configuring vShield Data Security Chevron down icon Chevron up icon
12. Configuring vSphere Certificates Chevron down icon Chevron up icon
13. Configuring vShield VXLAN Virtual Wires Chevron down icon Chevron up icon
Index Chevron down icon Chevron up icon

Customer reviews

Top Reviews
Rating distribution
Full star icon Full star icon Full star icon Full star icon Half star icon 4.5
(10 Ratings)
5 star 50%
4 star 50%
3 star 0%
2 star 0%
1 star 0%
Filter icon Filter
Top Reviews

Filter reviews by




Matteo Jan 21, 2015
Full star icon Full star icon Full star icon Full star icon Full star icon 5
This book will let you walk through most of the basic vSphere security guidelines without going insane. Everything is explained very thoroughly both on how and why you set all the settings, along with explanation links to the interested parties(VMware, NIST, etc.). VMware knowledge is required but the book is written without throwing you code or dropping you into a problem and just providing the answer. The book is based on 5.5 so you need to have a relatively recent compute farm(which you should do anyway if you plan on being secure) to execute on the books suggestions as most of the steps are explained with the new vSphere Web Client(most of it can be done with vSphere client on older versions but the steps may be different).
Amazon Verified review Amazon
L R E Mar 21, 2015
Full star icon Full star icon Full star icon Full star icon Full star icon 5
This book is comprehensive and in-depth and really helped me to better understand cyber threats and how vSphere has capabilities in place that allow it to be more secure and less prone to attack. I particularly liked the vShield installation and configuration instructions. The book was well written and easy to comprehend, the author is cognizant of the intended audience and provides enough explanation that aided in readability by providing clear and concise instructions with screenshots and practical considerations for implementation. This book didn't just cover securing ESXi hosts, but also delved into securing virtual machine, storage and network resources. This book would be an excellent book for people who are interested in properly securing their ESXi environment.
Amazon Verified review Amazon
Michael J. Mcshane Mar 12, 2015
Full star icon Full star icon Full star icon Full star icon Full star icon 5
This is a well written guide on administration and security for vSphere. The book starts with an overview of threats and vulnerabilities. The book then gets right into Hardening security for esx hosts and vSphere clients. The book is geared to "virtualization professionals who are experienced with VMware vSphere setup and configuration” but I found the chapters to be packed with plenty of screenshots and code samples. I particularly got a lot out of the chapters on configuring vSphere certificates.All and all the book is a solid guide and well worth the read and adding to your admin library.
Amazon Verified review Amazon
Paul Moore Mar 12, 2015
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Unlike many other Technical Manuals, this book does not make the assumption that the reader is a VMware veteran, nor does it treat the reader like they have never seen a computer. The information provided in the book is more that adequate for someone starting out, and still provides the details and explanations required by a more experienced reader. I do not fully agree with other reviewers that have stated that the book was written for Beginners to Intermediates. While this book is not written for VMware VCPs with years of Security experience, I do think that this book would be a great resource and reference point for anyone, at any level. Even experts need to be reminded of some of the more standard security practices!
Amazon Verified review Amazon
Fouad Kazma Mar 13, 2015
Full star icon Full star icon Full star icon Full star icon Full star icon 5
This book is an excellent resource for securing VMware hosts and guests.It is very concise and I learned quite a bid from it. What I liked particularly is the vShield chapters since I recently started to work with it. Overall it is a great reference book.
Amazon Verified review Amazon
Get free access to Packt library with over 7500+ books and video courses for 7 days!
Start Free Trial

FAQs

What is the delivery time and cost of print book? Chevron down icon Chevron up icon

Shipping Details

USA:

'

Economy: Delivery to most addresses in the US within 10-15 business days

Premium: Trackable Delivery to most addresses in the US within 3-8 business days

UK:

Economy: Delivery to most addresses in the U.K. within 7-9 business days.
Shipments are not trackable

Premium: Trackable delivery to most addresses in the U.K. within 3-4 business days!
Add one extra business day for deliveries to Northern Ireland and Scottish Highlands and islands

EU:

Premium: Trackable delivery to most EU destinations within 4-9 business days.

Australia:

Economy: Can deliver to P. O. Boxes and private residences.
Trackable service with delivery to addresses in Australia only.
Delivery time ranges from 7-9 business days for VIC and 8-10 business days for Interstate metro
Delivery time is up to 15 business days for remote areas of WA, NT & QLD.

Premium: Delivery to addresses in Australia only
Trackable delivery to most P. O. Boxes and private residences in Australia within 4-5 days based on the distance to a destination following dispatch.

India:

Premium: Delivery to most Indian addresses within 5-6 business days

Rest of the World:

Premium: Countries in the American continent: Trackable delivery to most countries within 4-7 business days

Asia:

Premium: Delivery to most Asian addresses within 5-9 business days

Disclaimer:
All orders received before 5 PM U.K time would start printing from the next business day. So the estimated delivery times start from the next day as well. Orders received after 5 PM U.K time (in our internal systems) on a business day or anytime on the weekend will begin printing the second to next business day. For example, an order placed at 11 AM today will begin printing tomorrow, whereas an order placed at 9 PM tonight will begin printing the day after tomorrow.


Unfortunately, due to several restrictions, we are unable to ship to the following countries:

  1. Afghanistan
  2. American Samoa
  3. Belarus
  4. Brunei Darussalam
  5. Central African Republic
  6. The Democratic Republic of Congo
  7. Eritrea
  8. Guinea-bissau
  9. Iran
  10. Lebanon
  11. Libiya Arab Jamahriya
  12. Somalia
  13. Sudan
  14. Russian Federation
  15. Syrian Arab Republic
  16. Ukraine
  17. Venezuela
What is custom duty/charge? Chevron down icon Chevron up icon

Customs duty are charges levied on goods when they cross international borders. It is a tax that is imposed on imported goods. These duties are charged by special authorities and bodies created by local governments and are meant to protect local industries, economies, and businesses.

Do I have to pay customs charges for the print book order? Chevron down icon Chevron up icon

The orders shipped to the countries that are listed under EU27 will not bear custom charges. They are paid by Packt as part of the order.

List of EU27 countries: www.gov.uk/eu-eea:

A custom duty or localized taxes may be applicable on the shipment and would be charged by the recipient country outside of the EU27 which should be paid by the customer and these duties are not included in the shipping charges been charged on the order.

How do I know my custom duty charges? Chevron down icon Chevron up icon

The amount of duty payable varies greatly depending on the imported goods, the country of origin and several other factors like the total invoice amount or dimensions like weight, and other such criteria applicable in your country.

For example:

  • If you live in Mexico, and the declared value of your ordered items is over $ 50, for you to receive a package, you will have to pay additional import tax of 19% which will be $ 9.50 to the courier service.
  • Whereas if you live in Turkey, and the declared value of your ordered items is over € 22, for you to receive a package, you will have to pay additional import tax of 18% which will be € 3.96 to the courier service.
How can I cancel my order? Chevron down icon Chevron up icon

Cancellation Policy for Published Printed Books:

You can cancel any order within 1 hour of placing the order. Simply contact customercare@packt.com with your order details or payment transaction id. If your order has already started the shipment process, we will do our best to stop it. However, if it is already on the way to you then when you receive it, you can contact us at customercare@packt.com using the returns and refund process.

Please understand that Packt Publishing cannot provide refunds or cancel any order except for the cases described in our Return Policy (i.e. Packt Publishing agrees to replace your printed book because it arrives damaged or material defect in book), Packt Publishing will not accept returns.

What is your returns and refunds policy? Chevron down icon Chevron up icon

Return Policy:

We want you to be happy with your purchase from Packtpub.com. We will not hassle you with returning print books to us. If the print book you receive from us is incorrect, damaged, doesn't work or is unacceptably late, please contact Customer Relations Team on customercare@packt.com with the order number and issue details as explained below:

  1. If you ordered (eBook, Video or Print Book) incorrectly or accidentally, please contact Customer Relations Team on customercare@packt.com within one hour of placing the order and we will replace/refund you the item cost.
  2. Sadly, if your eBook or Video file is faulty or a fault occurs during the eBook or Video being made available to you, i.e. during download then you should contact Customer Relations Team within 14 days of purchase on customercare@packt.com who will be able to resolve this issue for you.
  3. You will have a choice of replacement or refund of the problem items.(damaged, defective or incorrect)
  4. Once Customer Care Team confirms that you will be refunded, you should receive the refund within 10 to 12 working days.
  5. If you are only requesting a refund of one book from a multiple order, then we will refund you the appropriate single item.
  6. Where the items were shipped under a free shipping offer, there will be no shipping costs to refund.

On the off chance your printed book arrives damaged, with book material defect, contact our Customer Relation Team on customercare@packt.com within 14 days of receipt of the book with appropriate evidence of damage and we will work with you to secure a replacement copy, if necessary. Please note that each printed book you order from us is individually made by Packt's professional book-printing partner which is on a print-on-demand basis.

What tax is charged? Chevron down icon Chevron up icon

Currently, no tax is charged on the purchase of any print book (subject to change based on the laws and regulations). A localized VAT fee is charged only to our European and UK customers on eBooks, Video and subscriptions that they buy. GST is charged to Indian customers for eBooks and video purchases.

What payment methods can I use? Chevron down icon Chevron up icon

You can pay with the following card types:

  1. Visa Debit
  2. Visa Credit
  3. MasterCard
  4. PayPal
What is the delivery time and cost of print books? Chevron down icon Chevron up icon

Shipping Details

USA:

'

Economy: Delivery to most addresses in the US within 10-15 business days

Premium: Trackable Delivery to most addresses in the US within 3-8 business days

UK:

Economy: Delivery to most addresses in the U.K. within 7-9 business days.
Shipments are not trackable

Premium: Trackable delivery to most addresses in the U.K. within 3-4 business days!
Add one extra business day for deliveries to Northern Ireland and Scottish Highlands and islands

EU:

Premium: Trackable delivery to most EU destinations within 4-9 business days.

Australia:

Economy: Can deliver to P. O. Boxes and private residences.
Trackable service with delivery to addresses in Australia only.
Delivery time ranges from 7-9 business days for VIC and 8-10 business days for Interstate metro
Delivery time is up to 15 business days for remote areas of WA, NT & QLD.

Premium: Delivery to addresses in Australia only
Trackable delivery to most P. O. Boxes and private residences in Australia within 4-5 days based on the distance to a destination following dispatch.

India:

Premium: Delivery to most Indian addresses within 5-6 business days

Rest of the World:

Premium: Countries in the American continent: Trackable delivery to most countries within 4-7 business days

Asia:

Premium: Delivery to most Asian addresses within 5-9 business days

Disclaimer:
All orders received before 5 PM U.K time would start printing from the next business day. So the estimated delivery times start from the next day as well. Orders received after 5 PM U.K time (in our internal systems) on a business day or anytime on the weekend will begin printing the second to next business day. For example, an order placed at 11 AM today will begin printing tomorrow, whereas an order placed at 9 PM tonight will begin printing the day after tomorrow.


Unfortunately, due to several restrictions, we are unable to ship to the following countries:

  1. Afghanistan
  2. American Samoa
  3. Belarus
  4. Brunei Darussalam
  5. Central African Republic
  6. The Democratic Republic of Congo
  7. Eritrea
  8. Guinea-bissau
  9. Iran
  10. Lebanon
  11. Libiya Arab Jamahriya
  12. Somalia
  13. Sudan
  14. Russian Federation
  15. Syrian Arab Republic
  16. Ukraine
  17. Venezuela