VM-345: VMware Infrastructure Security: VMware Install, Configure, and Manage with Security Objectives

 

Course Overview:

This course explores the VMware Infrastructure and related security, which consists of VMware ESX Server & VMware Virtual Center Server. We will look at both the design environments and operational processes of the VMware Infrastructure including security. This course provides IT architects with the insight needed to tackle tough issues in server virtualization such as virtual machine technologies, storage infrastructure, and designing clustered environments with security practices included. Extensive hands-on labs provide for a rich student experience.

Hypervisors and their supporting environment require attention to security due to the aggregated risk of hosting multiple virtual servers. This course explores the security of virtualized environments. Student configure ESXi by learning to manage the security and risk between ESXi, virtual servers and security integration of ESXi to the physical network infrastructure including appropriate segregation from other sensitive networks and management networks. How to configure virtual networks when some hosts are dual or multi homed, but internally segregate between the two or more connected networks with different security levels. Appropriate integration of zero-clients and thin clients. Configuration of defensive measures on hosts, servers, hypervisors within the virtual environment and practices for those guarding it externally. Integration of Active Directory and other AAA/CIA related services relative to a virtualized environment.

Students are also walked through DoD ESXi Security Technical Implementation Guide (STIG). Introduction to the impact of Intel Trusted Execution Technology integrated with ESXi to create a trusted platform for virtual machines. Additionally the instructor walks the students through NIST Special Publication 800-125A: Security Recommendations for Hypervisor Deployment on Servers, and NIST Special Publication 800-125B: Secure Virtual Network Configuration for Virtual Machine (VM) Protection.

Attendees to “VM-345: VMware Infrastructure Security: VMware Install, Configure, and Manage with Security Objectives” will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

• Virtual Infrastructure Overview
• ESX and ESXi Server Installation
• Configuration of Networking, Scalability and Security
• Storage
• Install and Configure vCenter Server and Components
• Creation, Deployment, Management, and Migration of Virtual Machines
• Utilize vCenter Server for Resource Management
• Utilize vCenter Server for Virtual Machine Access Control and User Managment
• Use vCenter Server to increase scalability
• Monitoring Your Environment
• Data & Availability Protection Troubleshooting
• Use VMware vCenter Update Manager to apply ESXi patches
• Use vCenter Server to manage vMotion, HA, DRS and data protection.

Observations of Instructor Led Training with Real Hardware

TechNow has heard many students talk about virtualized/remote training that TechNow Does Not Do.  While training our most recent offering of PA-215: Palo Alto Networks Firewall Essentials FastTrack a student told his story of how he endend up in our course.  His story we have heard for other technologies like Cisco, VMware, BlueCoat and other products.

A large percentage of training is moving to the virtualized/remote lab environments.  Students are asked to use some variant of remote access software and remote into the training company's lab environment. Our student in our Palo Alto Networks Firewall course informed us that he went to a very costly offering of that course from the vendor and was not able to perform any labs.  There were either network connectivity issues, or issues with the remote access software, or other problems.  The whole training experience was very frustrating and not productive.

We keep our labs open to students if they would like after hours, or before hours access.  Repeatedly going through a lab engrains that knowledge for later recall.  Touching hardware is so critical in understanding the problems that arise when a cable comes loose, or a cable gets plugged in the wrong port.  There are other scenarios such as just pulling the power cable, or turning off a power strip, or accidently overwriting a configuration.  These disaster scenarious requires hands-on physical access to hardware.  Preventing and recovering from disasters is what it's all about, and that requires hands-on, instructor led, real hardware.

Security Course Flow

We are often asked what is the recommended sequence of classes.  Here is our recommended sequence of classes for The Security Field.

Certified Information Security Manager (CISM)

CT-325 CompTIA Security+ Arrowright TN-825 Certified Information Security Manager

Certified Information Systems Auditor(CISA)

CT-325 CompTIA Security+ Arrowright TN-425 Certified Ethical Hacker Arrowright TN-822: Certified Information Systems Auditor (CISA)

Certified Information Systems Security Professional(CISSP)

CT-325 CompTIA Security+ Arrowright TN-425 Certified Ethical Hacker Arrowright TN-815 CISSP Certification Prep Seminar