Title Change
VMware vSphereTM and Virtual Infrastructure Security: Securing the Virtual Environment
There are so many similarities between VMware vSphere and Virtual Infrastructure from a security perspective that we decided to change the title of the book. The book already covered VMsafe and other APIs, Distributed Virtual Switches, as well as other aspects of vSphere security. It seemed logical to change the title to reflect this.
Publish Date
June 2009 by Pearson Education
More Info about the Author
- Other Papers and Publications
- The Authors Blog
Contributing Authors
Tim Pierson who contributed the chapter on penetration testing.
Tom Howarth who contributed the chapter on Virtual Desktop Environments.
Order
- Order from InformIT
- Order from Amazon.com
- Available in eBook
Links to Articles/Interviews about Book
- Simon Seagraves of Techhead VMworld Interview
- Hany Michael aka HyperVizor Must Have Virtualization Books
- David Davis New Book- VMware vSphere and Virtual Infrastructure Security: Securing ESX and the Virtual Environment
- Eric Sloof VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment
- MSI::State of Security Book Review: VMware vSphere and Virtual Infrastructure Security
- vDestination vDestination’s Top 5 VMware Books List
Errata/Additions
- Lockdown by Source IP page 356In Step 4 of the Hardening script instead of creating a secondary firewall script when using VMware vSphere you can use the following style of esxcfg-firewall commands to let VMware vSphere manage the rules.
esxcfg-firewall --ipruleAdd 0.0.0.0/0,22,tcp,REJECT,"Block_SSH" esxcfg-firewall --ipruleAdd AdminIP,22,tcp,ACCEPT,"Allow_Admin_IP_SSH"
In addition to taking just an IP address, you can also use a subnet as seen by the block all rule. Order of the above rules is very important and you should review the rules to verify everything. See VMware Communities post How to configure service console firewall to only allow access from certain IPs?
Leave a comment