Top 10 things you must read about VMware Security

By Eric Siebert
published: Wednesday, May 28 2008

Security is a very important area of virtualization that must not be over-looked when deploying your virtual infrastructure. Too often proper security is not implemented when planning and configuring virtual environments which can leave your host servers and virtual machines vulnerable. The default security settings for VMware VI3 provide a decent level of security but can definitely be improved upon to make it even better. By not understanding security properly you also risk making your environment less secure by making configuration changes that can weaken security. The top 10 list for security includes information on the security model and design of VMware VI3, tips and guidelines for hardening and protecting your servers and articles that cover the security challenges that are associated with virtual environments. Included in the list is selected material from VMworld presentations, white papers, security templates and articles. There are many ways of implementing security and after you read through the documents in this list you should have a better understanding on how to implement security correctly to protect your virtual machines, host servers and more importantly your data.

VMware Infrastructure 3 Security Hardening

A white paper from VMware with tips on securing ESX servers, VirtualCenter and Virtual Machines.

 
Security Design of the VMware Infrastructure 3 Architecture

A white paper from VMware describing the security architecture of VI3 including networking, storage, service console and the hypervisor.

http://www.vmware.com/pdf/vi3_security_architecture_wp.pdf

Security Hardening and Monitoring of VMware Infrastructure 3

A VMworld 2007 lab manual that covers real-world examples of securing VI3.

http://www.vmworld.com/vmworld/static/sessions/2007/LAB05.html

Vmware ESX Server – Providing LUN Security

A white paper from VMware written in response to LUN security concerns that have been raised.

 
CIS ESX Server 3.x Security Benchmark

Center for Internet Security (CIS) recommended guidelines for securing ESX servers.

http://www.cisecurity.org/tools2/vm/CIS_VMware_ESX_Server_Benchmark_v1.0.pdf

 
CIS Virtual Machine Security Benchmark

Center for Internet Security (CIS) recommended guidelines for securing Virtual Machines.

Security Architecture Design and Hardening VI3

A VMworld 2007 presentation on the security design of VI3 and recommended hardening steps VI3 Security Risk Assessment Template.

http://www.vmworld.com/vmworld/mylearn?classID=11047

VI3 Security Risk Assessment Template

A great document from Xtravirt to help assess and mitigate security risks with VI3.

http://www.xtravirt.com/index.php?option=com_remository&Itemid=75&func=startdown&id=15

Security in a Virtualized Environment

A VMworld 2007 presentation comparing physical to virtual security

A compilation of 8 good virtual security articles.

http://www.bluelane.com/lib/pdfs/Secure_Virtualization_Playbook.pdf

Coming Next Week: Top 10 Things you must read about VMware Troubleshooting  

Complete 'Top 10' Collection , VMware , VirtualCenter , Top 10 things you must read about VirtualCenter, VMworld 2007, Xtravirt