Top Virtualization Security Links
From AstroArch
Back to the Virtualization Wiki...
To add or comment upon something on this page please email me, send a Private Message using the VMware Communities Forum, append a comment to Top VMware security links Blog Post, or contact me on Twitter.
Contents |
Books
- Edward L. Haletky. VMware vSphere(TM) and Virtual Infrastructure Security: Securing the Virtual Environment, Prentice Hall PTR; 1 edition (June, 2009).
- Edward L. Haletky. VMWare ESX Server in the Enterprise: Planning and Securing Virtualization Servers. Prentice Hall PTR; 1 edition (January 8, 2008). Available from InformIT.com
- Ron Oglesby, Scott Herold, Mike Laverick. VMware Infrastructure 3: Advanced Technical Design Guide & Advanced Operations Guide. The Brian Madden Company; Second edition edition (August 1, 2008).
- Himanshu Dwivedi. Securing Storage: A Practical Guide to SAN and NAS Security. Addison-Wesley Professional (November 21, 2005).
- Michael Howard, David LeBlanc, John Viega. 24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them. McGraw-Hill Osborne Media; 1 edition (September 3, 2009).
- Gregory N. Purdy. LINUX iptables Pocket Reference. O'Reilly Media Inc; 2004.
- Dan Farmer, Wietse Venema. Forensic Discovery. Addison-Wesley Professional; 1 edition (January 9, 2005).
- Cheswick, Bellovin. Firewalls and Internet Security: Repelling the Wily Hacker. Addison-Wesley Professional; 1994.
- W. Richard Stevens. TCP/IP Illustrated, Volume 1: The Protocols. Addison-Wesley Professional; US ed edition (January 10, 1994).
Articles - Whitepapers - Blog Posts
- If you aren’t asking “what if” now you’ll be asking “why me” later by Lori MacVittie. As /Hoff said, Excellent.
- CPNI Technical Note 1/2009: Security Considerations for Server Virtualisation CPNI is the Centre for the Protection of National Infrastructure out of the UK.
- Virtualization & Security: Real Threats to Virtual Systems. Hakin9: Hard Core IT Security Magazine, June 2008, pp 54-58.
- Choose the right encrypted filesystem, Linux Pro Magazine, Issue 72, November 2006, pp 22-31. (Linux VM Centric)
General Resources
- Web Wise World Tutorial - Virtualization Security Tutorial
- VMware Security Center
- VMware Security in a Virtualized Environment
- VMware Compliance Center
- Evaluation Assurance Level 4 (EAL4)
- FIPS 140-2 for ACE
Capacity Planning
ESX/ESXi
For best effect, read these in the following order:
- VMware Virtual Networking Concepts
- VMware ESX Server 3: 802.1Q VLAN Solutions
- VMware ESX Server 3: IPV6 Support
- How Traffic Routes between VMs on ESX Hosts
- VMware VI3 in a Cisco Environment
- Security Design of the VMware 3 Architecture
- DMZ Virtualization with VMware Infrastructure
- Tripwire Whitepaper: Virtualization Security Risks (note: requires registration to access)
- Connections and Ports in ESX & ESXi as well as HTML version
- VMware Infrastructure 3 Hardening
- CISecurity VMware ESX Security Benchmark followed by the CISecurity Linux Benchmark
- DISA STIG (ESX STIG depends on the UNIX STIG)
- Proven Practice: VI3 Security Risk Assessment - Xtravirt.com
- Remote Authentication - Full/Partial AD Integration, Secure LDAP, NIS, ...
vCenter
Products
- Catbird V-Security (Request a Free Trial and Evaluator’s Guide)
- Reflex Systems (previously Reflex Security)
- Tripwire - Tripwire Configcheck
- ConfigureSoft - ConfigureSoft Complaince Checker for ESX
- Strong Virtualization Support from McAfee Products
- Check Point Security Virtualization (VPN-1 VE)
- Third Brigade VM Protection
Customer Stories
Ongoing Discussions
- VMware Communities Security and Compliance Forum
- Texiwill's Virtualization Wiki/Blog Roll
- Chris Hoff's Rational Survivability Blog
- VI: OPS Security Community
- VMware Security Blog
- VIOPs Top 100 Questions
- Tripwire's Virtualization Security Blog
- Greg Ness' Business, Technology, and Leverage: Virtualization, Security, Networking, and Cloud Computing Blog
- Pete Lindstrom's Spire Security Viewpoint
To add or comment upon something on this page please email me, send a Private Message using the VMware Communities Forum, append a comment to Top VMware security links Blog Post, or contact me on Twitter.
Comments
George said ...
Back to the Virtualization Wiki...

EpiForce VM from Apani is also a superb addition for those who are looking for superset functionality (compared to vShield) including logical VM isolation, encryption and central security management across virtual and physical infrastructure.
--George 14:05, 2 June 2009 (EDT)