Learn your way! Get started

Certified Virtualization Security Expert, Part 2 of 6: Routing and Security

with experts Duane Anderson, Tim Pierson

Watch trailer

Course at a glance

Included in these subscriptions:

Dev & IT Pro Video
Dev & IT Pro Power Pack

	Release date	4/16/2018
	Level	Intermediate
	Runtime	1h 56m
	Closed captioning	N/A
	Transcript	N/A
	eBooks / courseware	N/A
	Hands-on labs	N/A
	Sample code	N/A
	Exams	Included

Enterprise Solutions

Need reporting, custom learning tracks, or SCORM? Learn More

Course description

This course takes a look at how traffic routs and from the perspective of the hacker and how to manipulate or inspect and change it. It then moves into VM's and ESX hosts on both the same switches or port groups. Then SAN security with both fiber channel and iSCSI, and zoning. It will finish up with Security features of iSCSI, authentication and the steps in securing it.

Prerequisites

This is part 2 of the series

Learning Paths

This course will help you prepare for the following certification and exam:
Certified Virtualization Security Expert

Meet the experts

Duane has been working in the IT industry for over two decades. He has primarily focused on security related matters such as Penetration Testing and Forensics. He has appeared as an expert witness in multiple court hearings on IT related matters. Duane has worked for or with most US and some foreign military branches, U.S government agencies, banking and regulatory industries and Fortune 500 companies. Duane contributed to the coordination and execution of IT counter-hacking & security courses for the US Marine Corps, US Army, US Air Force, U.S. Treasury, Sprint, IBM, Washington Mutual and Service Canada.

Tim one of the World’s leading trainers in technology,
networks, virtualization and, applications. He has been a technical trainer and consultant for security and virtualization for the past 25 years. He has 29 industry technical certifications from CISCO, Microsoft and Novell. Tim has been a noted speaker at many industry events such as Infosec World 2010, Innatech and GISSA. He is a contributing author of VMware vSphere and Virtual Infrastructure Security Securing ESX in the Virtual Environment.

Course outline

Virtualization

The Virtualization Layer (27:36)

Introduction (00:25)
How Traffic Routes between VMs on ESX Hosts (02:01)
Different vSwitches, Same Port Group and VLAN (01:43)
Same vSwitch, Different Port Group and VLAN (01:58)
VMWare Security Design (03:27)
VMWare Infrastructure Architecture and Security (00:33)
The Virtualization Layer (01:27)
Virutalization Layer Continued (04:03)
More Virtualization Layer (02:42)
CPU Virtualization (03:34)
Normal Operation (02:23)
Buffer Overflow (03:06)
Summary (00:08)

Page Sharing and Isolation (26:18)

Introduction (00:08)
CPU Virtualization (10:42)
Memory Virtualization (03:05)
Transparent Page Sharing (00:59)
VMware's Transparent Page Sharing (04:58)
Cloud Burst (03:39)
VM Isolation (01:32)
Protecting VMs (01:03)
Summary (00:08)

Virtual Switches and Ports (27:03)

Introduction (00:08)
Service Console (03:08)
Risk Mitigation in the Service Console (00:58)
Virtual Networking Layer and Virtual Switches (01:08)
Virtual Switch VLANs and (02:39)
Demo: Tagging VLANs (05:04)
Benefits of VLANs (01:29)
Tagging VLANs (02:16)
Virtual Ports (01:51)
Virtualized Storage (01:31)
VMware VirtualCenter (02:09)
VirtualCenter Certificate (01:59)
VMWare VirtualCenter Continued (02:29)
Summary (00:08)

Remote Data Store Security (35:41)

Introduction (00:08)
Zoning and Lun Masking (03:14)
Zoming and Lun Masking Continued (02:18)
Port Zoning (01:11)
Hard, Soft, and WWN Zoning (02:22)
Fibre Channel (01:19)
DH-CHAP (02:20)
ESP over Fibre Channel (00:38)
Fibre Channel Attacks: The Basics (03:34)
Steps in Securing Fibre Channel (02:20)
iSCSI vs. Fibre Channel (01:46)
ESX/ESXi and iSCSI SAN Environment and Addressing (01:48)
Hardware vs. Software Initiators (03:44)
Demo: Security Settings (02:44)
IPSec (03:17)
Securing iSCSI Devices (02:43)
Summary (00:08)