Top Virtualization Security Links

From AstroArch

Back to the Virtualization Wiki...

To add or comment upon something on this page please email me, send a Private Message using the VMware Communities Forum, append a comment to Top VMware security links Blog Post, or contact me on Twitter.

Contents 1 Books 2 Articles - Whitepapers - Blog Posts 3 General Resources 4 Capacity Planning 5 ESX/ESXi 6 vCenter 7 Products 8 Customer Stories 9 Ongoing Discussions 10 Comments 11 George said ...

Books

• Edward L. Haletky. VMware vSphere(TM) and Virtual Infrastructure Security: Securing the Virtual Environment, Prentice Hall PTR; 1 edition (June, 2009).
• Edward L. Haletky. VMWare ESX Server in the Enterprise: Planning and Securing Virtualization Servers. Prentice Hall PTR; 1 edition (January 8, 2008). Available from InformIT.com
• Ron Oglesby, Scott Herold, Mike Laverick. VMware Infrastructure 3: Advanced Technical Design Guide & Advanced Operations Guide. The Brian Madden Company; Second edition edition (August 1, 2008).
• Himanshu Dwivedi. Securing Storage: A Practical Guide to SAN and NAS Security. Addison-Wesley Professional (November 21, 2005).
• Michael Howard, David LeBlanc, John Viega. 24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them. McGraw-Hill Osborne Media; 1 edition (September 3, 2009).
• Gregory N. Purdy. LINUX iptables Pocket Reference. O'Reilly Media Inc; 2004.
• Dan Farmer, Wietse Venema. Forensic Discovery. Addison-Wesley Professional; 1 edition (January 9, 2005).
• Cheswick, Bellovin. Firewalls and Internet Security: Repelling the Wily Hacker. Addison-Wesley Professional; 1994.
• W. Richard Stevens. TCP/IP Illustrated, Volume 1: The Protocols. Addison-Wesley Professional; US ed edition (January 10, 1994).

Articles - Whitepapers - Blog Posts

• If you aren’t asking “what if” now you’ll be asking “why me” later by Lori MacVittie. As /Hoff said, Excellent.
• CPNI Technical Note 1/2009: Security Considerations for Server Virtualisation CPNI is the Centre for the Protection of National Infrastructure out of the UK.
• Virtualization & Security: Real Threats to Virtual Systems. Hakin9: Hard Core IT Security Magazine, June 2008, pp 54-58.
• Choose the right encrypted filesystem, Linux Pro Magazine, Issue 72, November 2006, pp 22-31. (Linux VM Centric)

General Resources

• Web Wise World Tutorial - Virtualization Security Tutorial
• VMware Security Center
• VMware Security in a Virtualized Environment
• VMware Compliance Center
• Evaluation Assurance Level 4 (EAL4)
• FIPS 140-2 for ACE

Capacity Planning

• Using Capacity Planner without Internet or if you need to change Data for Security Reasons

ESX/ESXi

For best effect, read these in the following order:

• VMware Virtual Networking Concepts
• VMware ESX Server 3: 802.1Q VLAN Solutions
• VMware ESX Server 3: IPV6 Support
• How Traffic Routes between VMs on ESX Hosts
• VMware VI3 in a Cisco Environment
• Security Design of the VMware 3 Architecture
• DMZ Virtualization with VMware Infrastructure
• Tripwire Whitepaper: Virtualization Security Risks (note: requires registration to access)
• Connections and Ports in ESX & ESXi as well as HTML version
• VMware Infrastructure 3 Hardening
• CISecurity VMware ESX Security Benchmark followed by the CISecurity Linux Benchmark
• DISA STIG (ESX STIG depends on the UNIX STIG)
  • VMware Communities thread on ESX_SRRSecure - Script to allow ESX to pass a DISA Security Readiness Review.
  • UNIX STIG
  • ESX STIG
• Proven Practice: VI3 Security Risk Assessment - Xtravirt.com
• Remote Authentication - Full/Partial AD Integration, Secure LDAP, NIS, ...

vCenter

• Replacing VirtualCenter Server Certificates
• Managing VMware VirtualCenter Roles and Permissions

Products

• Catbird V-Security (Request a Free Trial and Evaluator’s Guide)
• Reflex Systems (previously Reflex Security)
• Tripwire - Tripwire Configcheck
• ConfigureSoft - ConfigureSoft Complaince Checker for ESX
• Strong Virtualization Support from McAfee Products
• Check Point Security Virtualization (VPN-1 VE)
• Third Brigade VM Protection

Customer Stories

• NSA

Ongoing Discussions

• VMware Communities Security and Compliance Forum
• Texiwill's Virtualization Wiki/Blog Roll
• Chris Hoff's Rational Survivability Blog
• VI: OPS Security Community
• VMware Security Blog
• VIOPs Top 100 Questions
• Tripwire's Virtualization Security Blog
• Greg Ness' Business, Technology, and Leverage: Virtualization, Security, Networking, and Cloud Computing Blog
• Pete Lindstrom's Spire Security Viewpoint

To add or comment upon something on this page please email me, send a Private Message using the VMware Communities Forum, append a comment to Top VMware security links Blog Post, or contact me on Twitter.

Comments

George said ...

Back to the Virtualization Wiki...