VMworld 2012: Securing the Virtual Environment: How to Defend the Enterprise OPS-CSM1209

Speakers: Davi Ottenheimer, Matthew Wallace. Book: Securing your Virtual Environment

This session was an overview of security considerations you need to keep in mind when virtualizing your environment. In fact, most of the recommendations apply to physical IT systems as well. The speaker went through the 10 chapters of their book (link above) with a high level summary.

  • Outsider Attack
    • Outsiders not necessarily unknown
    • ROle based access requires roles – Sometimes not enough roles provided
    • PKI is critical but fragile
    • Credentials are insufficially strong
    • Log as much as you can
    • Log shells in particular
    • For Unix consider sshd ForceCommand to stop unauthorized tunnels
    • Only install software from trusted sources
    • Check package signatures
    • Use two-factor authentication for management tools
  • Making the Complex Simple
    • Panacea fixes gone horribly wrong – IDS not plugged in
    • Simple attack vectors – Unprotected wires
    • Do NOT ignore the vSphere client SSL certificate warning message. Fix this problem ASAP.
  • Abusing the Hypervisor
    • Risk is manageable
    • Log and monitor
    • Protect your end points
    • Load “tenant” VMs and try being promiscuous
    • Mount iSCSI targets or NFS shares
    • Port-scan yourself
    • Automate config checks – XCCDF and OVAL
  • Logging and Orchestration
    • No standard log format
Buy me a coffee

Related Posts

Subscribe
Notify of
0 Comments
Inline Feedbacks
View all comments