VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment (Paperback)

Edward Haletky



Complete Hands-On Help for Securing VMware vSphere and Virtual Infrastructure by Edward Haletky, Author of the Best Selling Book on VMware, VMware ESX Server in the Enterprise


As VMware has become increasingly ubiquitous in the enterprise, IT professionals have become increasingly concerned about securing it. Now, for the first time, leading VMware expert Edward Haletky brings together comprehensive guidance for identifying and mitigating virtualization-related security threats on all VMware platforms, including the new cloud computing platform, vSphere.


This book reflects the same hands-on approach that made Haletky’s VMware ESX Server in the Enterprise so popular with working professionals. Haletky doesn’t just reveal where you might be vulnerable; he tells you exactly what to do and how to reconfigure your infrastructure to address the problem.


VMware vSphere and Virtual Infrastructure Security begins by reviewing basic server vulnerabilities and explaining how security differs on VMware virtual servers and related products. Next, Haletky drills deep into the key components of a VMware installation, identifying both real and theoretical exploits, and introducing effective countermeasures.

Coverage includes

•    Viewing virtualization from the attacker’s perspective, and understanding the new security problems it can introduce

•    Discovering which security threats the vmkernel does (and doesn’t) address

•    Learning how VMsafe enables third-party security tools to access the vmkernel API

•    Understanding the security implications of VMI, paravirtualization, and VMware Tools

•    Securing virtualized storage: authentication, disk encryption, virtual storage networks, isolation, and more

•    Protecting clustered virtual environments that use VMware High Availability, Dynamic Resource Scheduling, Fault Tolerance, vMotion, and Storage vMotion

•    Securing the deployment and management of virtual machines across the network

•    Mitigating risks associated with backup, performance management, and other day-to-day operations

•    Using multiple security zones and other advanced virtual network techniques

•    Securing Virtual Desktop Infrastructure (VDI)

•    Auditing virtual infrastructure, and conducting forensic investigations after a possible breach



informit.com/ph      www.Astroarch.com


《VMware vSphere和虛擬基礎架構安全的完整實作指南》是Edward Haletky的著作,他也是暢銷書《VMware ESX Server in the Enterprise》的作者。

隨著VMware在企業中的普及,IT專業人員對於其安全性越來越關注。現在,領先的VMware專家Edward Haletky首次匯集了關於在所有VMware平台上識別和減輕與虛擬化相關的安全威脅的全面指導,包括新的雲計算平台vSphere。

這本書反映了Haletky的《VMware ESX Server in the Enterprise》在實務專業人士中非常受歡迎的實作方法。Haletky不僅揭示了可能存在的弱點,還告訴您確切應該做什麼以及如何重新配置基礎架構來解決問題。

《VMware vSphere和虛擬基礎架構安全》首先回顧了基本的伺服器漏洞,並解釋了VMware虛擬伺服器和相關產品的安全性差異。接下來,Haletky深入探討了VMware安裝的關鍵組件,識別了真實和理論的攻擊手法,並介紹了有效的對策。


- 從攻擊者的角度看虛擬化,並了解它可能引入的新安全問題
- 發現vmkernel可以(和不能)解決的安全威脅
- 了解VMsafe如何使第三方安全工具能夠訪問vmkernel API
- 理解VMI、半虛擬化和VMware Tools的安全影響
- 保護虛擬化存儲:身份驗證、磁碟加密、虛擬存儲網絡、隔離等
- 保護使用VMware High Availability、Dynamic Resource Scheduling、Fault Tolerance、vMotion和Storage vMotion的叢集虛擬環境
- 保護在網絡上部署和管理虛擬機器
- 減輕與備份、性能管理和其他日常操作相關的風險
- 使用多個安全區域和其他高級虛擬網絡技術
- 保護虛擬桌面基礎架構(VDI)
- 審計虛擬基礎架構,以及在可能發生入侵後進行法庭調查