Average Reviews:
(More customer reviews)Are you looking to buy VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment? Here is the right place to find the great deals. we can offer discounts of up to 90% on VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment. Check out the link below:
>> Click Here to See Compare Prices and Get the Best Offers
VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment ReviewIn the first half of this year (2009), I was involved on extending my previous research on virtualization security, and specifically, I focused on securing and hardening VMware ESX environments. This stirred up my interest on this book. To sum up what this book is all about: "I would have loved to have this book handy back by that time, as it would have saved me tons of time" Instead, I had to read and compare multiple VMware security guides from VMware, CIS, NIST, etc, and perform an extensive hands-on research on my own.The book offers a very solid and broad analysis of multiple security issues on virtual environments, covering not only the technical aspects associated to the virtualization hosts, virtual machines, and virtual data and storage networks, but also management and operational issues, availability concerns, and other common related tasks on newly deployed, or already established, virtualization setups.
The first two chapters focus on security threats and attacks, a basic foundation required for the cross-references available throughout the book,that can be skipped by the on-the-field security readers.
The next three chapters focus on offering best practices and security recommendations for different key components of any virtualization platform, such as the hypervisor, the storage network, and virtual clusters. The next couple of chapters cover most of the security aspects that must be considered on the design, deployment and operation of a virtual environment.
Although all these chapters provide a very good quality security advice, it is not complemented with hands-on examples. I think this could be improved by adding more detailed sections describing step-by-step how to complete the security recommendations exposed, not just what need to be done. However, I understand it is required to cut the size of the book at some point. A good example of how to extend this idea can be observed on chapter 6, where the integration between VMWare ESX and a directory service is covered in depth.
However, both the technical and operational aspects are integrated smoothly, offering a great in-depth overview. Apart from that, the whole recommended list of things to consider in order to get a more secure virtualization infrastructure is summarized in a useful set of boxes called "Security Notes" and spread all throughout the book. These boxes can be easily used as a checklist when deploying or assessing the security of virtual solutions.
My favourite chapters are chapter 8, and specially 9, where virtual machine and virtual networking security is analyzed, respectively. Chapter 9 offers a whole set of networking scenarios and discusses pros and cons to the number of (physical and virtual) network cards and its configuration. A very practical and thorough work!
The book ends up with three special chapters. Chapter 10 covers the new VMware virtual desktop infrastructure (VDI) and the security issues around it. Due to all the client-based attacks nowadays, most probably it is going to be a de-facto standard pretty soon, so getting involved on the virtualization of client systems is a must. Chapter 11 provides a detailed guide to harden VMware ESX and ESXi hosts, a mandatory initial process for every new virtual deployment. Finally, chapter 12 provides a quick and interesting introduction to digital forensics (and data recovery) on virtual enviroments, mainly focused on how to deal with virtual file systems, such as VMFS, VMDKs, and raw disks. A quick recommended read for forensic analysts interested on expanding their skills to virtual victims.
There are a few things I feel will improve the book contents. Unfortunately, due to the publication deadline, its coverage of the latest VMware vSphere virtual architecture is pretty limited, as the author clarifies. Besides that, considering the frequent security updates and patches released by virtualization vendors, I would have liked to find a better coverage of best practices to update the virtual infrastructure itself. Finally, as mentioned previously, about half of the book includes detailed how-to sections describing how to apply the recommended settings, but the other half misses that how-to portion. I understand this may be a limitation to make the book size manageable (it's over 500 pages now).
This book is highly recommended for IT and security architects, involved in the design of new virtual solutions, as well as virtualization administrators and anyone in charge of the maintenance of a virtual infrastructure. From a security perspective, people evaluating, assessing, and suggesting improvements for virtual solutions should read the book in order to have a full overview of all the security threats and possible countermeasures. Overall, the book is a must read for anyone already involved, or planning to get involved, in virtualization. It really helps to acquire a very broad and extensive knowledge of the security considerations that apply to such a complex and modern IT architectures.
VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment OverviewComplete Hands-On Help for Securing VMware vSphere and Virtual Infrastructure by Edward Haletky, Author of the Best Selling Book on VMware, VMware ESX Server in the EnterpriseAs VMware has become increasingly ubiquitous in the enterprise, IT professionals have become increasingly concerned about securing it. Now, for the first time, leading VMware expert Edward Haletky brings together comprehensive guidance for identifying and mitigating virtualization-related security threats on all VMware platforms, including the new cloud computing platform, vSphere.This book reflects the same hands-on approach that made Haletky's VMware ESX Server in the Enterprise so popular with working professionals. Haletky doesn't just reveal where you might be vulnerable; he tells you exactly what to do and how to reconfigure your infrastructure to address the problem. VMware vSphere and Virtual Infrastructure Security begins by reviewing basic server vulnerabilities and explaining how security differs on VMware virtual servers and related products. Next, Haletky drills deep into the key components of a VMware installation, identifying both real and theoretical exploits, and introducing effective countermeasures. Coverage includes• Viewing virtualization from the attacker's perspective, and understanding the new security problems it can introduce• Discovering which security threats the vmkernel does (and doesn't) address• Learning how VMsafe enables third-party security tools to access the vmkernel API• Understanding the security implications of VMI, paravirtualization, and VMware Tools• Securing virtualized storage: authentication, disk encryption, virtual storage networks, isolation, and more• Protecting clustered virtual environments that use VMware High Availability, Dynamic Resource Scheduling, Fault Tolerance, vMotion, and Storage vMotion• Securing the deployment and management of virtual machines across the network• Mitigating risks associated with backup, performance management, and other day-to-day operations• Using multiple security zones and other advanced virtual network techniques• Securing Virtual Desktop Infrastructure (VDI)• Auditing virtual infrastructure, and conducting forensic investigations after a possible breachinformit.com/ph www.Astroarch.com
Want to learn more information about VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment?
>> Click Here to See All Customer Reviews & Ratings Now
0 comments:
Post a Comment