Virtualization and Private Cloud Security Training

Virtualization and Private Cloud Security Training

Introduction:

Virtualization and Private Cloud Security Training Course Hands-on

One of today’s most rapidly-evolving and widely-deployed technologies is server virtualization. Many organizations are already realizing the cost savings from implementing virtualized servers, and systems administrators love the ease of deployment and management for virtualized systems. More and more organizations are deploying desktop, application and network virtualization, as well. There are even security benefits of virtualization – easier business continuity and disaster recovery, single points of control over multiple systems, role-based access, and additional auditing and logging capabilities for large infrastructures.
Virtualization Vulnerabilities.

With these benefits comes a dark side, however. Virtualization technology is the focus of many new potential threats and exploits, and presents new vulnerabilities that must be managed. In addition, there are a vast number of configuration options that security and system administrators need to understand, with an added layer of complexity that has to be managed by operations teams. Virtualization technologies also connect to network infrastructure and storage networks, and require careful planning with regard to access controls, user permissions and traditional security controls.

In addition, many organizations are evolving virtualized infrastructure into private and hybrid clouds – shared services running on virtualized infrastructure. Security architecture, policies, and processes will need to be adapted to work within a cloud infrastructure, and there are many changes that security and operations teams will need to accommodate to ensure assets are protected.

Virtualization and Private Cloud Security TrainingRelated Courses:

Duration:5 days

Skills Gained:

• Best practices for configuring and designing virtual security controls and infrastructure
• Vulnerabilities and threats related to virtual infrastructure and cloud environments
• How the network security landscape (products and architecture) is changing with virtualization and private clouds
• New vulnerability assessment and forensic techniques to use within a virtual environment
• How scripting and automation can assist with audits in a virtual environment

Customize It:

With onsite Training, courses can be scheduled on a date that is convenient for you, and because they can be scheduled at your location, you don’t incur travel costs and students won’t be away from home. Onsite classes can also be tailored to meet your needs. You might shorten a 5-day class into a 3-day class, or combine portions of several related courses into a single course, or have the instructor vary the emphasis of topics depending on your staff’s and site’s requirements.

Course Content:

SEC579.1: Virtualization Security Architecture and Design

Virtualization components and architecture designs
Different types of virtualization, ranging from desktops to servers and applications
Hypervisor lockdown controls for VMware, Microsoft Hyper-V, and Citrix Xen
Virtual network design cases, with pros and cons of each
Virtual switches and port groups, with security options available
Available commercial and open-source virtual switches, with configuration options
Segmentation techniques, including VLANs and PVLANs
Virtual machine security configuration options, with a focus on VMware VMX files

Virtualization and Private Cloud Infrastructure Security

Storage security and design considerations
How to lock down management servers and clients for vCenter, XenServer, and Microsoft SCVMM
Security design considerations for Virtual Desktop Infrastructure (VDI)
Security-focused use cases for VDI
Private cloud security architecture
Configuration options for securing private cloud components
Specific private cloud models and how security applies to each of them
Virtual firewalls and network access controls
Commercial and open-source virtual firewalls
Designing intrusion detection for virtual environments and the private cloud
Setting up promiscuous interfaces and traffic capture in a virtual environment
Host-based IDS/IPS for virtualization

Virtualization Offense and Defense (Part I)

Attack models that pertain to virtualization and cloud environments
Penetration testing cycles with a focus on virtualization and cloud attack types
Specific virtualization platform attacks and exploits
How to modify vulnerability management processes and scanning configuration to get the best results in virtualized environments
How to use attack frameworks like VASTO, Virtualization Assessment Toolkit to exploit virtualization systems
How to implement intrusion detection tools and processes in a virtual environment
What kinds of logs and logging are most critical for identifying attacks and live incidents in virtual and cloud environments

Virtualization Offense and Defense (Part II)

How anti-malware tools function in virtual and cloud environments
What kinds of new tools and tactics are available for effective anti-malware operations in the cloud and virtual machines
Pulling Netflow and packet data from virtual environments for analysis
How forensics processes and tools should be used and adapted for virtual systems
What tools are best to get the most accurate results from virtual machine system analysis
How to most effectively capture virtual machines for forensic evidence analysis
What can be done to analyze hypervisor platforms, and what does the future of virtual machine forensics hold?

Virtualization and Cloud Integration: Policy, Operations and Compliance

How security can adapt to accommodate virtualization infrastructure
How virtualization tools and technology can augment and facilitate security
A simple, bulletproof risk assessment strategy for virtualization and private cloud environments
Threats, vulnerabilities and impacts to consider when evaluating virtualization and private cloud technologies
New and updated policies needed for virtualization and cloud environments
Service-level agreements and performance considerations for cloud operations
Governance models for private clouds
Encryption tools and techniques for securing mobile virtual machines
Data lifecycle policies and processes to ensure virtual machines and their data are monitored and updated
Identity and access management fundamentals for private clouds
Scripting for automation with shell scripts, as well as vSphere CLI and PowerCLI
In-depth disaster recovery and business continuity planning processes and capabilities that virtualization and private clouds can augment

Auditing and Compliance for Virtualization and Cloud

Assessment and audit plans for virtualization and private cloud components
Key configuration controls from the leading hardening guides from DISA, CIS, VMware, and Microsoft
Scripting techniques in VI CLI for automating audit and assessment processes
Sample scripts that help implement key audit functions
Compliance mandates and how you can institute controls in both virtualization and cloud infrastructure to satisfy requirements

Whether you are looking for general information or have a specific question, we want to help

Request More Information

Time Frame: 0-3 Months4-12 Months

No Comments Yet.

Leave a comment