VMware Hacking Uncovered

VM-HACK : 5 Day Hands-On Bootcamp

5 Day, Hands-On Bootcamp covers VMware’s VI 3 and vSphere 4 Products

“After taking VMware’s Install and Congure and the DSA class, I thought I knew how to secure our virtual environment. I realized after this class how vulnerable our infrastructure is.” - Alex W, Sr. Network Administrator

Virtualization technologies are not secure “out of the box”

A critical and often overlooked aspect of migrating to a virtualized environment is setting up security properly. Virtualization technologies are not secure “out of the box” and VMware is no exception. The VMware Hacking Uncovered (VM-HACK) course focuses on where the vulnerabilities lie and how to reduce the attack surfaces in a virtualized environment.

This course goes beyond the typical security protocols administrators use to secure their current environments and dives much deeper into the actual workings and shortcomings of the VMware environment.

This course was designed and developed from the perspective of how a hacker will get into your VMware Environment by a Licensed Penetration Tester and hacking Guru with a long history of vulnerability audits with: US Dept. of Homeland Security, US Government Agencies (NSA, DOD, DOT, TSA, SEC, CIA, and many others), nuclear power plants, law enforcement agencies, fortune 500 companies, universities, and many foreign governments.

“These guys are like the Darth Vaders of thenetwork world. I'm glad they are on our side since this was a security course. Our instructor was amazing and by far the best guy we've seen here. This guy is world class.” – Jim B., CIO

 

  • If you are using any remote storage (iSCSI, NFS, Fibre Channel),this class will show how an attacker can redirect,then copy or even change information before it arrives at the destination!
  • Detect potential threats, how to defend and defeat them, and how to establish a solid foundation to build secure virtual data centers from the ground up.
  • Any regular user inside your network can take full control of your ESX hosts if they know the right exploits.
  • By taking control of your virtual environment a hacker could disable ALL your VMs at one time.
  • Prevent theft of confidential records, proprietary files, or sensitive information and ensure compliance with HIPPA, SOX, or STIG standards and regulations.

 

Who Should Attend

System Administrators and Security Administrators using virtualization software.

Prerequisites

Virtual Infrastructure 3.5 Ultimate Bootcamp® or equivalent. In lieu of hands-on classroom training, an in-depth knowledge of VMware’s ESX virtualization environment is required.

Course Outline

Section A - Primer and reaffirming our knowledge

 

  • Virtual Networking Concepts for ESX Administrators
  • ESX Networking Components
  • How Virtual Ethernet Adapters actually work.
  • How Virtual Switches work
    • Similiarities & Differences of VSwitches & Physical Switches
    • Spanning Tree Protocol -- Not Needed?
    • VSwitch Isolation
    • Virtual Ports, Uplink Ports, PortGroups
    • Virtual Switch Correctness

VLANs in VMware Infrastructure

NIC Teaming

  • Load Balancing & Fail Over Configurations

Layer 2 Security Features

Managing the Virtual Network

Section B - Roll up your sleeves to more in-depth knowledge of how VMware Operates and How to secure it

How Traffic Routes between VM's on an ESX Host

  • Different vSwitches, same port group and VLAN
  • Same vSwitch, different port group and VLAN
  • Same vSwitch, same port group and VLAN - (HOL)

Security Design of VMWare Architecture

  • VMware Infrastructure Architecture & Security
  • Virtualization Layer (CPU & Memory Virtualization)
  • Virtual Machines - (HOL)
  • Service Console
    • Physical Console
      • Remote Access Devices - DRAC
      • SSH Security, sudo - (HOL)
  • Virtual Networking Layer, Switches, and Switch LANs

Security Design of VMWare Architecture (con)

  • Virtual Ports
  • Virtual Network Adapters
  • Virtual Switch Isolation & Correctness
  • Virtualized Storage
  • SAN & iSCSI Security
  • VMware Virtual Center

VMWare in a DMZ

  • Virtualized DMZ Networks
  • 3 Typical Virtualized DMZ Configurations
  • Partially Collapsed DMZ with Separate Physical Trust Zones
  • Partially Collapsed DMZ with Virtual Separation of Trust Zones
  • Fully Collapsed DMZ
  • Best Practices for Achieving a Secure Virtualized DMZ Deployment
  • Harden and Isolate the Service Console
  • Clearly Label Networks for each Zone within the DMZ
  • Set Layer 2 Security Options on Virtual Switches
  • Enforce Separation of Duties
  • Use ESX Resource Management Capabilities
  • Regularly Audit Virtualized DMZ Configuration

Hardening your ESX Server

  • Scan your ESX Server for Vulnerabilities - (HOL)
  • Tripwire Config Checker
  • Hardening Virtual Machines, Machine Files and Settings - (HOL)
  • Configuring the Service Console in ESX 3.5 - (HOL)
  • Configuring Host-level Management in ESXi 3.5 - (HOL)
  • Configuring the ESX/ESXi Host - (HOL)
  • Virtual Center and Add on Components
  • Client Components

Logs that should be audited

  • STools to audit logs, SAuditing ESXi
  • SViewing Log files - (HOL)

ESX and X.500 Directory Integration

  • SAD, SLDAP

Certificates

  • Certificate Use in the ESX Environment
  • Install a trusted certificate - (HOL)