What this book covers

Chapter 1, Threat and Vulnerability Overview, provides you with an overview of threats and vulnerabilities specific to the virtualization infrastructure. This chapter covers a high-level review of hypervisor, virtual machine, network, storage, and physical threats and vulnerabilities.

Chapter 2, ESXi Host Security, introduces you to hardening the ESXi host from both the console and the vSphere client. This chapter covers the host firewall and configuration of services.

Chapter 3, Configuring Virtual Machine Security, focuses on security of the guest virtual machine, covering both management of the virtual machine and configuration of the virtual machine. Configuration of guest operating system security and virtual machine isolation controls are covered in this chapter.

Chapter 4, Configuring User Management, guides you through the secure user administration of a virtualization environment using vCenter. Topics include configuring Active Directory integration, configuring Single Sign-On, assigning permissions, and administrative roles.

Chapter 5, Configuring Network Security, introduces you to security options in the configuration of virtual network switches and port groups.

Chapter 6, Configuring Storage Security, introduces you to the configuration of storage security from a vSphere perspective. The majority of this chapter covers iSCSI authentication between source and target systems. On completion of this chapter, you will be able to configure iSCSI authentication on a vSphere 5.5 host.

Chapter 7, Configuring vShield Manager, introduces you to the installation and configuration of vShield Manager, from downloading and installing the virtual appliance to configuration of user and group access—including SSL certificate configuration.

Chapter 8, Configuring vShield App, introduces you to vShield App configuration and setup on the ESXi host. The common application firewall settings are also covered.

Chapter 9, Configuring vShield Edge, introduces you to the setup and configuration of vShield Edge. In addition, adding and managing appliances and interfaces is covered, along with VPN, firewall, and gateway configurations.

Chapter 10, Configuring vShield Endpoint, introduces you to vShield Endpoint protection, installation, and configuration, and the importance of endpoint protection in securing the virtual infrastructure.

Chapter 11, Configuring vShield Data Security, introduces you to the configuration of vShield Data Security options and policies. Customizing data polices and reports are also covered.

Chapter 12, Configuring vSphere Certificates, guides you through the tasks involved in assigning issued X.509 certificates to vSphere component services. The SSL tool is used to assign certificates to vCenter, Update Manager, Web Client, Log Manager, Inventory Manager, and Single Sign-On services.

Chapter 13, Configuring vShield VXLAN Virtual Wires, introduces the prerequisites for implementing VXLAN virtual wires, configuring virtual wires and configuring firewall rules for virtual wires.