• Classroom
  • Online, Instructor-Led
  • Online, Self-Paced
Course Description

Lunarline offers the comprehensive and detailed hands-on training for students who want to gain an understanding of securing a VMWare vSphere/ESXi© environment. Our training is based upon our experience in building and securing ESXi systems and virtual hosts for deployment in DOD enclaves based on current DIACAP and DISA STIG/Checklist requirements. This course is focused on a series of hands-on activities that will provide active learning in the security and securing of virtual machines and hosts. Upon completion, students will be able to apply the concepts and ensure that their organization can implement a new, secure virtual environment or apply appropriate security controls to an existing virtual environment.

Learning Objectives

  • Overview of vSphere? Security
    • Virtualization Basis
    • vSphere Concepts and Features
    • Hypervisor Models
    • Hypervisor Security
    • Threat and Vulnerability Overview
      • Hypervisor
      • Guest OS
      • Network
      • Storage
      • Physical
    • vSphere Security Features Overview
      • vCenter Server Systems and Services
      • Securing Virtual Machines
      • Securing the Virtual Networking Layer
    • Passwords
  • Overview of Security for ESXi? Systems
    • Host Configuration Settings and Profiles
      • Console Options
      • GUI Options
      • Host Services
      • Host Firewall
    • vShield
    • vShield Edge
    • vShield Endpoint
    • vShield Data Security
  • Lockdown Mode
    • Lockdown Overview
    • Lockdown Mode Behavior
    • Enable and Disable Lockdown Mode
    • Specifying Accounts with Access Privileges
  • ESXi? Authentication and User Management
    • Assigning Permissions for ESXi
    • Using Active Directory to Mange ESXi Users
    • vSphere Authentication Proxy
    • Smart Card Authentication
    • Securing Network Storage
    • Securing Virtual Network
    • Security and Clustering
  • vCenter? Server Authentication and User Management
    • vCenter Single Sign-On
      • Architecture and Components
      • Active Directory Authentication
      • Identity Sources
    • vSphere Permissions and User Management Tasks
  • Securing Virtual Machines
    • vSphere ESXi 6.0 STIG
    • vSphere vCenter Server Version 6 STIG
    • vSphere Virtual Machine Version 6 STIG
    • vSphere 6.0 Hardening Guide
  • Security vCenter? Server Systems
    • Permissions on Server Inventory Objects
    • Permission Inheritance
    • Control MOB Access
    • Platform Services Controller
  • Best Practices for Virtual Machine and Host Security
    • ESXi Host
    • vCenter Server System
    • Virtual Machine
    • vSphere Networking
    • Virtualization Host with pNIC Combinations
    • Tools

Framework Connections