Complete Hands-On Help for Securing VMware vSphere and Virtual Infrastructure by Edward Haletky, Author of the Best Selling Book on VMware, VMware ESX Server in the Enterprise
As VMware has become increasingly ubiquitous in the enterprise, IT professionals have become increasingly concerned about securing it. Now, for the first time, leading VMware expert Edward Haletky brings together comprehensive guidance for identifying and mitigating virtualization-related security threats on all VMware platforms, including the new cloud computing platform, vSphere.
This book reflects the same hands-on approach that made Haletky’s VMware ESX Server in the Enterprise so popular with working professionals. Haletky doesn’t just reveal where you might be vulnerable; he tells you exactly what to do and how to reconfigure your infrastructure to address the problem.
VMware vSphere and Virtual Infrastructure Security begins by reviewing basic server vulnerabilities and explaining how security differs on VMware virtual servers and related products. Next, Haletky drills deep into the key components of a VMware installation, identifying both real and theoretical exploits, and introducing effective countermeasures.
Coverage includes
• Viewing virtualization from the attacker’s perspective, and understanding the new security problems it can introduce
• Discovering which security threats the vmkernel does (and doesn’t) address
• Learning how VMsafe enables third-party security tools to access the vmkernel API
• Understanding the security implications of VMI, paravirtualization, and VMware Tools
• Securing virtualized storage: authentication, disk encryption, virtual storage networks, isolation, and more
• Protecting clustered virtual environments that use VMware High Availability, Dynamic Resource Scheduling, Fault Tolerance, vMotion, and Storage vMotion
• Securing the deployment and management of virtual machines across the network
• Mitigating risks associated with backup, performance management, and other day-to-day operations
• Using multiple security zones and other advanced virtual network techniques
• Securing Virtual Desktop Infrastructure (VDI)
• Auditing virtual infrastructure, and conducting forensic investigations after a possible breach
informit.com/ph | www.Astroarch.com
Table of Contents:
1 WHAT IS A SECURITY THREAT? 1
The 10,000 Foot View without Virtualization 2
The 10,000 Foot View with Virtualization 4
Applying Virtualization Security 5
Definitions 10
Threat 11
Vulnerability 11
Fault 11
The Beginning of the Journey 12
2 HOLISTIC VIEW FROM THE BOTTOM UP 15
Attack Goals 16
Anatomy of an Attack 17
Footprinting Stage 17
Scanning Stage 17
Enumeration Stage 19
Penetration Stage 21
Types of Attacks 23
Buffer Overflows 23
Heap Overflows 31
Web-Based Attacks 33
Layer 2 Attacks 41
Layer 3 Nonrouter Attacks 46
DNS Attacks 47
Layer 3 Routing Attacks 49
Man in the Middle Attack (MiTM) 51
Conclusion 57
3 UNDERSTANDING VMWARE VSPHERE AND VIRTUAL INFRASTRUCTURE SECURITY 59
Hypervisor Models 59
Hypervisor Security 60
Secure the Hardware 61
Secure the Management Appliance 62
Secure the Hypervisor 63
Secure the Management Interfaces 81
Secure the Virtual Machine 89
Conclusion 89
4 STORAGE AND SECURITY 91
Storage Connections within the Virtual Environment 92
Storage Area Networks (SAN) 93
Network Attached Storage (NAS) 95
Internet SCSI (iSCSI) Servers 96
Virtual Storage Appliances 96
Storage Usage within the Virtual Environment 97
VM Datastore 98
Ancillary File Store 98
Backup Store 99
Tape Devices 100
Storage Security 102
Data in Motion 103
Data at Rest 104
Storage Security Issues 104
VCB Proxy Server 104
SCSI reservations 106
Fibre Channel SAN (Regular or NPIV) 108
iSCSI 110
NFS 111
CIFS for Backups 112
Shared File Access over Secure Shell (SSH) or Secure Copy Use 113
FTP/R-Command Usage 115
Extents 115
Conclusion 116
5 CLUSTERING AND SECURITY 117
Types of Clusters 117
Standard Shared Storage 118
RAID Blade 122
VMware Cluster 123
Virtual Machine Clusters 125
Security Concerns 125
Heartbeats 127
Isolation 133
VMware Cluster Protocols 140
VMware Hot Migration Failures 141
Virtual Machine Clusters 142
Management 143
Conclusion 145
6 DEPLOYMENT AND MANAGEMENT 147
Management and Deployment Data Flow 148
VIC to VC (Including Plug-Ins) 148
VIC to Host 152
VC webAccess 153
ESX(i) webAccess 154
VI SDK to VC 154
VI SDK to Host 156
RCLI to Host 156
RCLI to VC 156
SSH to Host 156
Console Access 157
Lab Manager 157
Site Manager 157
LifeCycle Manager 158
AppSpeed 158
CapacityIQ 158
VMware Update Manager 158
Management and Deployment Authentication 158
Difference Between Authorization and Authentication 159
Mitigating Split-Brain Authorization and Authentication 162
Security of Management and Deployment Network 184
Using SSL 184
Using IPsec 189
Using Tunnels 189
Using Deployment Servers 190
Security Issues during Management and Deployment 191
VIC Plug-ins 192
VMs on the Wrong Network 193
VMs or Networks Created Without Authorization 194
VMs on the Wrong Storage 195
VMs Assigned to Improper Resource Pools 196
Premature Propagation of VMs from Quality Assurance to Production 196
Physical to Virtual (P2V) Crossing Security Zones 196
Conclusion 198
7 OPERATIONS AND SECURITY 199
Monitoring Operations 199
Host Monitoring 200
Host Configuration Monitoring 202
Performance Monitoring 203
Virtual Machine Administrator Operations 204
Using the Wrong Interface to Access VMs 204
Using the Built-in VNC to Access the Console 205
Virtual Machine Has Crashed 211
Backup Administrator Operations 211
Service Console Backups 212
Network Backups 213
Direct Storage Access Backups 213
Virtual Infrastructure Administrator Operations 214
Using Tools Across Security Zones 214
Running Commands Across All Hosts 215
Management Roles and Permissions Set Incorrectly 216
Conclusion 217
8 VIRTUAL MACHINES AND SECURITY 219
The Virtual Machine 219
Secure the Virtual Hardware 220
Secure the Guest OS and Application 239
Secure the Hypervisor Interaction Layer 241
Virtual Machine Administration 252
Virtual Machine Creation 253
Virtual Machine Modification 253
Virtual Machine Deletion 254
Conclusion 254
9 VIRTUAL NETWORKING SECURITY 255
Virtual Networking Basics 256
Basic Connections 256
802.1q or VLAN Tagging 268
Security Zones 271
Standard Zones 273
Best Practices 277
Virtualization Host with Single or Dual pNIC 278
Three pNICs 280
Four pNICs 284
Five pNICs 289
Six pNICs 295
Eight pNICs 302
Ten pNICs 304
pNIC Combination Conclusion 304
Cases 305
DMZ on a Private vSwitch 305
Use of Virtual Firewall to Protect the Virtualization Management Network 307
VMware as a Service 307
Tools 310
Intrusion Detection and Prevention 310
Auditing Interfaces 311
Conclusion 314
10 VIRTUAL DESKTOP SECURITY 315
What Is VDI? 315
Components 316
VDI Products 317
VDM 318
VDM’s Place in the Network 318
The VDM Connection Server 319
The VDM Client 319
The VDM Web Access Client 320
The VDM Agent for Virtual Desktops 321
Security Implications 322
VMware View 324
Linked Clones: What Are They and How Do They Change Security? 324
Storage Overcommit 326
Overview of Linked Clones 326
Protecting the VC 328
Offline Desktops 329
SSL in a VDM or View Environment 333
Secure VDI Implementation 338
Secure the Virtual Desktop 341
Conclusion 342
11 SECURITY AND VMWARE ESX 343
VMware ESXi Hardening Recipe 345
VMware ESX Hardening Recipe 349
Step 1: Root Password 355
Step 2: Shadow Password 355
Step 3: IPtables Firewall 355
Step 4: Lockdown by Source IP 357
Step 5: Run Security Assessments 360
Step 6: Apply Hardening per Assessments 367
Step 7: Additional Auditing Tools 388
Conclusion 394
12 DIGITAL FORENSICS AND DATA RECOVERY 397
Data Recovery 398
Data Recovery–Host Unavailable 399
Data Recovery–Corrupt LUN 400
Data Recovery–Re-create LUN 406
Data Recovery–Re-create Disk 407
Digital Forensics 408
Digital Forensics–Acquisition 408
Digital Forensics–Analysis 422
Digital Forensics–Who Did What, When, Where, and How? 426
Conclusion 428
CONCLUSION: JUST THE BEGINNING: THE FUTURE OF VIRTUALIZATION SECURITY 431
A PATCHES TO BASTILLE TOOL 435
B SECURITY HARDENING SCRIPT 441
C ASSESSMENT SCRIPT OUTPUT 465
CIS-CAT Output 465
Bastille-Linux Output 470
DISA STIG Output 475
Tripwire ConfigCheck Output 496
D SUGGESTED READING AND USEFUL LINKS 499
Books 499
Whitepapers 500
Products 501
Useful Links 502
GLOSSARY 503
INDEX 507
