Description

This training will present you with a technical summary of the solutions to ensure the security of your virtualized environments: from the main weaknesses of virtualized architectures, to the optimal implementation of security solutions.

Who is this training for ?

For whom ?

Identify security threats in virtualized environments Understand attack typologies Secure the virtual datacenter, VMS servers and workstations Evaluate available tools and techniques

Prerequisites

• Basic knowledge of technical architectures (systems and networks) and IT security.

Training objectives

Identify security threats in virtualized environments

Understand attack typologies

Secure the virtual datacenter, VMS servers and workstations

Evaluate available tools and techniques

Training program

• Introduction to security
  • Security: reactive, proactive, predictive.
  • Internal and external threats.
  • Fields of application (servers, workstations, clients, applications) .
• Virtualization techniques
  • Context isolation, hyper-virtualization, para-virtualization.
  • Input/output (I/O) virtualization, classic and container.
  • Unikernel systems, microvisors.
• Safety in an industrial environment
  • The Reason model.
  • Organizations and disasters.
  • Backups, replications, PRA.
  • Trusted third parties, man in the attack middle.
• Security in a virtualized environment
  • Industrial advantages, risks.
  • The layers to monitor.
  • The Zero Trust security model, a new paradigm? Micro-segmentation.
  • Defense in depth.
  • Security areas: network, system, management, applications.
• Security with VMware
  • OSI layers.
  • VLANs, routing, virtual switches, VSS, VDS, N1KV, VXLAN and logical switches.
  • Service provider Certification Services, AD, LDAP, Nis, VMware NSX Edge.
  • System security principles: trust zones (dmz), password policies.
  • Encryption algorithms , public and private keys, self-signed certificates, trusted authority.
• VMware application security
  • Antivirus : VMsafe API, vShield Endpoint.
  • Cartographie applicative, gestion des fluxs.
  • Isolation : application sandboxing, containers.
  • VMware Photon, ieVM.
  • Protection des API.
• Prediction, prevention, detection and remediation
  • Tools overview (Nessus, Nmap, kali).
  • Intrusion detections and tests.
  • Logs, machine learning.
  • Behavioral analysis.
  • Risks and criticality: vCenter Operations (VMware).
  • Risk mapping.
  • Supervision and monitoring, alarms.
• Management security
  • ACL, simple authentication, roles and privileges.
  • Social engineering.
  • BYOD, Shadow IT (Rogue IT).
  • Virtual infrastructure hardening plan.
  • Management of updates and backups.