Securely Architecting the Internal Cloud. Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc.

Similar documents
Mitigating Information Security Risks of Virtualization Technologies

Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud

The growing importance of a secure Cloud environment

VMware Security Briefing. Rob Randell, CISSP Senior Security Specialist SE

Virtualization Security and Best Practices. Rob Randell, CISSP Senior Security Specialist SE

Network Segmentation in Virtualized Environments B E S T P R A C T I C E S

BEST PRACTICES. DMZ Virtualization with VMware Infrastructure

Recommended IP Telephony Architecture

Network Troubleshooting & Configuration in vsphere VMware Inc. All rights reserved

VMware vsphere-6.0 Administration Training

Keith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com

Expert Reference Series of White Papers. VMware vsphere Distributed Switches

Network Access Control in Virtual Environments. Technical Note

Overcoming Security Challenges to Virtualize Internet-facing Applications

Shifting Roles for Security in the Virtualized Data Center: Who Owns What?

How To Set Up A Virtual Network On Vsphere (Vsphere) On A 2Nd Generation Vmkernel (Vklan) On An Ipv5 Vklan (Vmklan)

Lecture 02b Cloud Computing II

Secure Multi Tenancy In the Cloud. Boris Strongin VP Engineering and Co-founder, Hytrust Inc.

VMware vcloud Networking and Security Overview

CompTIA Cloud+ 9318; 5 Days, Instructor-led

CompTIA Cloud+ Course Content. Length: 5 Days. Who Should Attend:

DMZ Virtualization Using VMware vsphere 4 and the Cisco Nexus 1000V Virtual Switch

Analysis of Network Segmentation Techniques in Cloud Data Centers

Virtualization System Security

5 Best Practices to Protect Your Virtual Environment

STREAM FRBC

VMWARE Introduction ESX Server Architecture and the design of Virtual Machines

How To Extend Security Policies To Public Clouds

Vmware VSphere 6.0 Private Cloud Administration

Automating Cloud Security Control and Compliance Enforcement for PCI DSS 3.0

Secure Cloud-Ready Data Centers Juniper Networks

VMware ESX Server 3 Configuration Guide

Securing the Cloud. A Review of Cloud Computing, Security Implications and Best Practices W H I T E P A P E R

vsphere Private Cloud RAZR s Edge Virtualization and Private Cloud Administration

Expert Reference Series of White Papers. vcloud Director 5.1 Networking Concepts

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

PICO Compliance Audit - A Quick Guide to Virtualization

Nutanix Tech Note. VMware vsphere Networking on Nutanix

Presentation for ISACA Chapter NL. Auditing Virtual Servers. VMware: Security and Operations. Gert-Jan Timmer 3. September, 2012

vsphere Security Update 1 ESXi 5.1 vcenter Server 5.1 EN

Aerohive Networks Inc. Free Bonjour Gateway FAQ

Cisco Nexus 1000V Switch for Microsoft Hyper-V

VMWARE VSPHERE 5.0 WITH ESXI AND VCENTER

vsphere Security Update 1 ESXi 5.0 vcenter Server 5.0 EN

VMware Software Defined Network. Dejan Grubić VMware Systems Engineer for Adriatic

vsphere Networking vsphere 5.5 ESXi 5.5 vcenter Server 5.5 EN

Sichere Virtualisierung mit VMware

Industrial Security for Process Automation

vshield Quick Start Guide

VMware vsphere Design. 2nd Edition

雲 端 發 展 與 安 全 趨 勢. 陳 建 宏 Jovi Chen 技 術 顧 問 2011 Check Point Software Technologies Ltd. [Unrestricted] For everyone

Meeting the Challenges of Virtualization Security

Secure Remote Access Solutions Balancing security and remote access Bob Hicks, Rockwell Automation

Security. Environments. Dave Shackleford. John Wiley &. Sons, Inc. s j}! '**»* t i j. l:i. in: i««;

Intro to NSX. Network Virtualization VMware Inc. All rights reserved.

VMware: Advanced Security

Best Practices for Monitoring Databases on VMware. Dean Richards Senior DBA, Confio Software

Table of Contents. vsphere 4 Suite 24. Chapter Format and Conventions 10. Why You Need Virtualization 15 Types. Why vsphere. Onward, Through the Fog!

Remote PC Guide Series - Volume 1

VMware vsphere 5.1 Advanced Administration

Enterprise. ESXi in the. VMware ESX and. Planning Deployment of. Virtualization Servers. Edward L. Haletky

VMware vsphere 5.0 Boot Camp

VXLAN: Scaling Data Center Capacity. White Paper

What is Virtualization and How Do I Audit It? Rick Schnierer and Chris Tennant

Securing the Physical, Virtual, Cloud Continuum

Running a VSM and VEM on the Same Host

Security in the Software Defined Data Center

ALTERNATIVES FOR SECURING VIRTUAL NETWORKS

ENTERPRISE IT SECURITY ARCHITECTURE SECURITY ZONES: NETWORK SECURITY ZONE STANDARDS. Version 2.0

How To Secure Your System From Cyber Attacks

Hosted SharePoint: Questions every provider should answer

Security Solution Architecture for VDI

White Paper. Protect Your Virtual. Realizing the Benefits of Virtualization Without Sacrificing Security. Copyright 2012, Juniper Networks, Inc.

vsphere Networking vsphere 6.0 ESXi 6.0 vcenter Server 6.0 EN

Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services

Effective Security Architecture for Virtualized Data Center Networks

Implementing and Troubleshooting the Cisco Cloud Infrastructure **Part of CCNP Cloud Certification Track**

Citrix XenServer Design: Designing XenServer Network Configurations

What s New with VMware Virtual Infrastructure

Larry Wilson Version 1.0 November, University Cyber-security Program Critical Asset Mapping

Testing New Applications In The DMZ Using VMware ESX. Ivan Dell Era Software Engineer IBM

An Oracle White Paper April Network Isolation in Private Database Clouds

Securing the Service Desk in the Cloud

Unmasking Virtualization Security. Eric A. Hibbard, CISSP, CISA Hitachi Data Systems

VMware vsphere 4.1 with ESXi and vcenter

Netzwerkvirtualisierung? Aber mit Sicherheit!

Developing Network Security Strategies

vshield Quick Start Guide

How to Create VLANs Within a Virtual Switch in VMware ESXi

Security Compliance in a Virtual World

STRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview

vshield Quick Start Guide vshield Manager 4.1 vshield Edge 1.0 vshield App 1.0 vshield Endpoint 1.0

Network/Cyber Security

Nutanix Tech Note. Configuration Best Practices for Nutanix Storage with VMware vsphere

ForeScout CounterACT. Device Host and Detection Methods. Technology Brief

Transcription:

Securely Architecting the Internal Cloud Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc.

Securely Building the Internal Cloud Virtualization is the Key How Virtualization Affects Data Center Security How Do We Secure Our Internal Cloud?

How Virtualization Affects Datacenter Security Abstraction and Consolidation Capital and Operational Cost Savings New infrastructure layer to be secured Greater impact of attack or misconfiguration Collapse of switches and servers into one device Flexibility Cost-savings Lack of virtual network visibility No separation-by-default of administration 3

How Virtualization Affects Datacenter Security Faster deployment of servers IT responsiveness Lack of adequate planning Incomplete knowledge of current state of infrastructure Poorly Defined Procedures Inconsistent Configurations VM Mobility Improved Service Levels Identity divorced from physical location VM Encapsulation Ease of business continuity Consistency of deployment Hardware Independence Outdated offline systems Unauthorized Copy

How do we secure our Internal Cloud? Use the Principles of Information Security Hardening and Lockdown Defense in Depth Authorization, Authentication, and Accounting Separation of Duties and Least Privileges Administrative Controls

Securely Architecting Your Internal Cloud Creating Security Zones Physical or Virtual Segmentation? Separate vswitches vs. 802.1q VLANs Subzones Isolation of Management Interfaces Access Options to Management Network

Securely Architecting Your Internal Cloud Designing in Separation of Duties and Least Privilege Roles and Permissions Key Roles Network Administrator Storage Administrator VM Administrator Other? 3 rd Party Virtual Switches Library of Secure and Up to Data Templates True Gold Image Capability Resource Management Prevention of DoS

Securely Architecting Your Internal Cloud Hardening the Platform Hardening the Management Interfaces Follow Guidance VMware Hardening Guide STIG CIS Securing the VMs Auditing Administrator Activities Defense in Depth Security Tools for the Cloud Virtual Firewalls/IDS/IPS Offline AV Encryption Other?

Creating Security Zones Three Primary Configurations: Physical Separation of Trust Zones Virtual Separation of Trust Zone with Physical Security Devices Fully collapsing all servers and security devices into a VI3 infrastructure

Physical Separation of Trust Zones Advantages Simpler, less complex configuration Less change to physical environment Little change to separation of duties Less change in staff knowledge requirements Smaller chance of misconfiguration Disadvantages Lower consolidation and utilization of resources Higher cost

Virtual Separation of Trust Zones with Physical Security Devices Advantages Better utilization of resources Take Full Advantage of Virtualization Benefits Lower cost Disadvantages (can be mitigated) More complexity Greater chance of misconfiguration

Fully Collapsed Trust Zones Including Security Devices Advantages Full utilization of resources, replacing physical security devices with virtual Lowest-cost option Management of entire DMZ and network from a single management workstation Disadvantages (can be mitigated) Greatest complexity, which in turn creates highest chance of misconfiguration Requirement for explicit configuration to define separation of duties to help mitigate risk of misconfiguration; also requires regular audits of configurations Potential loss of certain functionality, such as VMotion (Being mitigated by vendors and VMsafe)

Secure Design for Virtualization Layer Fundamental Design Principles Isolate all management networks Disable all unneeded services Tightly regulate all administrative access 13

Providing an Isolated Locked Down Network Option 1: Maintain separate dedicated switches for network Provides strongest isolation Rapidly uses up NICs Greatly limits availability options

Providing an Isolated Locked Down Network Option 2: Maintain separate dedicated VLAN on shared vswitches Allows for greater redundancy for performance and availability Greater risk of misconfiguration Example (pictured) 2 x 2-NIC teams Production vswitch Mgmt vswitch: Active/Standby reversed for Mgmt, VMotion VLANs for portgroup separation vnic vnic vnic SC Production Mgmt vswitch1 vmnic1 2 3 4 Active Standby VMkernel VMotion vswitch2

Providing an Isolated Locked Down Network PVLAN (Private VLAN) Enables Layer-2 isolation between VMs on the same switch, even though they are on the same subnet Traffic from one VM forwarded out through uplink, without being seen by other VMs Communication between VMs on PVLANs can still occur at Layer-3 Benefits Scale VMs on same subnet but selectivity restrict inter-vm communication Avoids scaling issues from assigning one VLAN and IP subnet per VM Private VLAN traffic isolation between guest VMs vswitch with Private VLAN capability Common Primary VLAN on uplinks

Providing an Isolated Locked Down Network Virtual switches provide protection by design against typical layer 2 attacks: MAC flooding, 802.1q and ISL tagging attacks, Double-encapsulation attacks, Multicast brute-force attacks, Spanning-tree attacks, Random frame attacks Reason for immunity vswitches don t have to learn MAC address -- they know exactly what endpoints are attached to them vswitches have as many ports as you need -- don t require any mechanism to trunk or bridge them Decision factors for using VLANs Beliefs on isolation: is VLAN technology is mature/secure enough? Operational Security: can you maintain a secure configuration? Cost: Can you afford to not do it?

Providing an Isolated Locked Down Network Options for Client Access Set up VPN access to Management network Create one or more jump boxes inside or outside the Management Network Client applications (VI Client, VI SDK application) run on these Access jump box only via RDP or other remote display protocol Close off all other means of access to jump boxes Choose according to factors such as Amount of trust placed in administrators and their environs Level of inconvenience that s tolerable Cost

Separation of Duties Broad scope Super Admin Networking Admin Server Admin Storage Admin Narrow scope Operator Operator VM Owner VM Owner

VM Templates: True Gold Images Hardware Independence Allows for True Gold Images Maintain a Library of Templates Base Image of Each OS Keep Fully Patched Use an automated offline patch management tool if possible. Regular Malware Scanning on Templates Use a tool that can scan offline images Ensures no latent malware embedded in templates Require the use of templates for ALL deployments Exceptions must be approved for any other deployments Put Controls In Place to Enforce This 20

Host Profiles Allows for a reduction in setup time and allow you to manage configuration consistency and correctness. Reference Host Cluster 21

Containment: constrain guest behavior Prevent resource Denial-of-Service Load balancing of CPU according to sharing policy Storage I/O limited according to sharing policy. Traffic-shaping available for virtual networks

Securing Virtual Machines Provide Same Protection as for Physical Servers Host Anti-Virus Patch Management Network Intrusion Detection/ Prevention (IDS/IPS) Firewalls 23

Conclusion The Internal Cloud Had Great Benefits and Associated Risks Risks Can Be Mitigated With Proper Controls The Classic Principles of Information Security Should be Applied Key Architecture Decisions Must Be Made for Security

Questions? Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information