O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

VMware vCloud Security

Book Description

If you’re familiar with Vmware vCloud, this is the book you need to take your security capabilities to the ultimate level. With a comprehensive, problem-solving approach it will help you create a fully protected private cloud.

  • Take away an in-depth knowledge of how to secure a private cloud running on vCloud Director
  • Enable the reader with the knowledge, skills, and abilities to achieve competence at building and running a secured private cloud
  • Focuses on giving you broader view of the security and compliance while still being manageable and flexible to scale

In Detail

Security is a major concern, in particular now that everything is moving to the cloud. A private cloud is a cloud computing platform built on your own hardware and software. The alternative is to deploy the services you need on a public cloud infrastructure provided by an external supplier such as Amazon Web Services, Rackspace Cloud, or HP Public Cloud. While a public cloud can afford greater flexibility, a private cloud gives you the advantage of greater control over the entire stack.

"VMware vCloud Security" focuses on some critical security risks, such as the application level firewall and firewall zone, virus and malware attacks on cloud virtual machines, and data security compliance on any VMware vCloud-based private cloud. Security administrators sometimes deploy its components incorrectly, or sometimes cannot see the broader picture and where the vCloud security products fit in. This book is focused on solving those problems using VMware vCloud and the vCloud Networking and Security product suite, which includes vShield App, vShield Endpoint, and vShield Data Security.

Ensuring the security and compliance of any applications, especially those that are business critical, is a crucial step in your journey to the cloud. You will be introduced to security roles in VMware vCloud Director, integration of LDAP Servers with vCloud, and security hardening of vCloud Director. We’ll then walk through a hypervisor-based firewall that protects applications in the virtual datacenter from network-based attacks. We’ll create access control policies based on logical constructs such as VMware vCenter Server containers and VMware vShield security groups but not just physical constructs, such as IP addresses. You’ll learn about the architecture of EPSEC and how to implement it. Finally, we will understand how to define data security policies, run scans, and analyze results.

Table of Contents

  1. VMware vCloud Security
    1. Table of Contents
    2. VMware vCloud Security
    3. Credits
    4. Foreword
    5. About the Author
    6. Acknowledgement
    7. About the Reviewers
    8. www.PacktPub.com
      1. Support files, eBooks, discount offers and more
        1. Why Subscribe?
        2. Free Access for Packt account holders
        3. Instant Updates on New Packt Books
    9. Preface
      1. What this book covers
      2. What you need for this book
      3. Who this book is for
      4. Conventions
      5. Reader feedback
      6. Customer support
        1. Errata
        2. Piracy
        3. Questions
    10. 1. Installation and Configuration of vCloud Director
      1. VMware vCloud Director architecture
      2. vCloud management and resource clusters
      3. vCloud Director installation prerequisites
        1. Preparing for installation
        2. Installing vCloud Director
          1. Prerequisites
        3. vCloud Director setup
      4. vCloud Director security
      5. Directory (LDAP) services integration
      6. Auditing and logging
      7. Summary
    11. 2. Securing Your vCloud Using the vCloud Networking and Security App Firewall
      1. vCloud Networking and Security App Firewall – use case
      2. vCloud Networking and Security App – communication flow
      3. Installing vCloud Networking and Security App
      4. vCloud Networking and Security App – firewall management
        1. Creating a vCloud Networking and Security App firewall rule
      5. vCloud Networking and Security App – flow monitoring
        1. Examining flow monitoring statistics
      6. Summary
    12. 3. Mitigating Threats Using vShield Endpoint Security
      1. EPSEC – use case
      2. EPSEC – key benefits
      3. vShield Endpoint architecture
      4. vShield Endpoint components and intercommunication
      5. vShield Endpoint prerequisites
      6. Installing vShield Endpoint
        1. Enable logging on the guest VM
      7. vShield Endpoint – health monitoring
      8. Summary
    13. 4. Overview of VMware vCloud Networking and Security Data Security
      1. vCloud Networking and Security Data Security architecture
      2. vCloud Networking and Security Data Security installation
      3. Defining the vCloud Networking and Security Data Security policy
      4. Scanning statistics and reports
      5. Summary
    14. Index