Top 10 things you must read about VMware Security By Eric Siebert published: Wednesday, May 28 2008
Security is a very important area of virtualization that must not be over-looked when deploying your virtual infrastructure. Too often proper security is not implemented when planning and configuring virtual environments which can leave your host servers and virtual machines vulnerable. The default security settings for VMware VI3 provide a decent level of security but can definitely be improved upon to make it even better. By not understanding security properly you also risk making your environment less secure by making configuration changes that can weaken security. The top 10 list for security includes information on the security model and design of VMware VI3, tips and guidelines for hardening and protecting your servers and articles that cover the security challenges that are associated with virtual environments. Included in the list is selected material from VMworld presentations, white papers, security templates and articles. There are many ways of implementing security and after you read through the documents in this list you should have a better understanding on how to implement security correctly to protect your virtual machines, host servers and more importantly your data.
VMware Infrastructure 3 Security Hardening
A white paper from VMware with tips on securing ESX servers, VirtualCenter and Virtual Machines.
http://www.vmware.com/pdf/vi3_security_hardening_wp.pdf
Security Design of the VMware Infrastructure 3 Architecture
A white paper from VMware describing the security architecture of VI3 including networking, storage, service console and the hypervisor.
http://www.vmware.com/pdf/vi3_security_architecture_wp.pdf
Security Hardening and Monitoring of VMware Infrastructure 3
A VMworld 2007 lab manual that covers real-world examples of securing VI3.
http://www.vmworld.com/vmworld/static/sessions/2007/LAB05.html
Vmware ESX Server – Providing LUN Security
A white paper from VMware written in response to LUN security concerns that have been raised.
http://www.vmware.com/pdf/esx_lun_security.pdf
CIS ESX Server 3.x Security Benchmark
Center for Internet Security (CIS) recommended guidelines for securing ESX servers.
http://www.cisecurity.org/tools2/vm/CIS_VMware_ESX_Server_Benchmark_v1.0.pdf
CIS Virtual Machine Security Benchmark
Center for Internet Security (CIS) recommended guidelines for securing Virtual Machines.
http://www.cisecurity.org/tools2/vm/CIS_VM_Benchmark_v1.0.pdf
Security Architecture Design and Hardening VI3
A VMworld 2007 presentation on the security design of VI3 and recommended hardening steps VI3 Security Risk Assessment Template.
http://www.vmworld.com/vmworld/mylearn?classID=11047
VI3 Security Risk Assessment Template
A great document from Xtravirt to help assess and mitigate security risks with VI3.
http://www.xtravirt.com/index.php?option=com_remository&Itemid=75&func=startdown&id=15
Security in a Virtualized Environment
A VMworld 2007 presentation comparing physical to virtual security.
http://www.vmworld.com/vmworld/mylearn?classID=11276
A VMworld 2007 presentation comparing physical to virtual security A compilation of 8 good virtual security articles.
http://www.bluelane.com/lib/pdfs/Secure_Virtualization_Playbook.pdf
Coming Next Week: Top 10 Things you must read about VMware Troubleshooting
Related Links:
Complete 'Top 10' Collection , VMware , VirtualCenter , Top 10 things you must read about VirtualCenter, VMworld 2007, Xtravirt
Eric Siebert is a 25-year IT veteran with experience in programming, networking, telecom and systems administration. He is a guru-status moderator on the VMware community VMTN forum and maintains VMware-land.com, a VI3 information site.
|
