Security Operations for the Software-Defined Data Center

Session Detail:    Classroom 5 Day

Virtualization presents new opportunities for securing your data and systems. Virtualizing your data center often brings new challenges, requiring your IT staff to assume new, and sometimes unfamiliar, roles and responsibilities.

In the VMware Security Operations for the Software-Defined Data course, we teach you how to use the VMware Software-Defined Data Center product portfolio and tools to better manage administrator access, harden your VMware vSphere® environment, and secure data at rest and in motion. We also discuss compliance and automation to help you ensure that your deployments align with your security policies.
Overview:

Virtualization presents new opportunities for securing your data and systems. Virtualizing your data center often brings new challenges, requiring your IT staff to assume new, and sometimes unfamiliar, roles and responsibilities.

In the VMware Security Operations for the Software-Defined Data course, we teach you how to use the VMware Software-Defined Data Center product portfolio and tools to better manage administrator access, harden your VMware vSphere® environment, and secure data at rest and in motion. We also discuss compliance and automation to help you ensure that your deployments align with your security policies.

Prerequisites

Completion of one of the following:

  • VMware vSphere: Install, Configure, Manage [V5.5 or V6]
  • VMware vSphere: Fast Track
  • Equivalent knowledge
  • Experience working at the command prompt and with scripting tools like Windows PowerShell is highly recommended.
  • An understanding of corporate or enterprise network implementations.

Who Can Benefit

  • Experienced system administrators
  • Cloud administrators
  • System integrators
  • Operational developers

Session Outline

Class Outline

Module 1: Course Introduction

  • Lesson 1: Introductions and course logistics
  • Lesson 2: Course outline
  • Lesson 3: Course objectives

Module 2: Security Concepts

  • Lesson 1: Key IT security principles for the SDDC
  • Lesson 2: Differences between securing traditional infrastructures and virtual infrastructures
  • Lesson 3: Identity and access management concepts for the SDDC
  • Lesson 4: Methods to secure your virtual infrastructure components
  • Lesson 5: Guest operating system access security
  • Lesson 6: Hardening concepts and how they apply to virtual infrastructure components

Module 3: vSphere Security Identity and Access Management

  • Lesson 1: Role-based access control concepts
  • Lesson 2: Configuring role-based access control for VMware ESXi™ and vCenter Server
  • Lesson 3: Configuring vSphere single sign-on for administrative access
  • Lesson 4: Password hardening options
  • Lesson 5: Configuring ESXi local user management and integration with Active Directory (AD)
  • Lesson 6: ESXi security profiles and access to services

Module 4: vSphere Hardening

  • Lesson 1: ESXi host hardening
  • Lesson 2: Implementing lockdown mode on ESXi hosts
  • Lesson 3: Configuring ESXi host-based firewall settings
  • Lesson 4:vCenter Server hardening
  • Lesson 5: Tools to reduce infrastructure vulnerabilities
  • Lesson 6: Implementing hardening best practices based on the vSphere Hardening Guide

Module 5: Data Protection

  • Lesson 1: Data encryption technology
  • Lesson 2: Data-at-rest encryption options
  • Lesson 3: Datastore security options
  • Lesson 4: Configuring vSphere security certificate management using VMware Certificate Authority and VMware Endpoint Certificate Services
  • Lesson 5: Using the Certificate Automation Tool to manage vSphere certificates
  • Lesson 6: Establishing and using an IPsec VPN
  • Lesson 7: Using the VMware Endpoint Certificate Store

Module 6: Network Security

  • Lesson 1: Managing network data in an SDDC
  • Lesson 2: Security policies and settings of vSphere switches
  • Lesson 3: Configuring vSphere advanced security features for distributed switches
  • Lesson 4: Using the VMware NSX distributed firewall and distributed router to implement microsegmentation
  • Lesson 5: Protecting and managing north-south traffic with VMware NSX® Edge™ services gateway and physical firewalls
  • Lesson 6: Managing access to the vSphere management network
  • Lesson 7: Using VMware NSX® Virtual Switch™ features to implement network security
  • Lesson 8: Designing clusters and racks to minimize vulnerabilities
  • Lesson 9: Limiting access to vSphere management networks
  • Lesson 10: Hardening network infrastructure components

Module 7: Virtual Machine and Application Protection

  • Lesson 1: Securing virtual machine guest operating systems
  • Lesson 2: Using VMware NSX with Service Composer for Endpoint Protection
  • Lesson 3: Using distributed firewalls and microsegmentation to isolate and protect virtual machines
  • Lesson 4: Using VMware NSX identity-based firewalls to control network traffic based on AD user IDs
  • Lesson 5: Additional VMware NSX functionality using integration with third-party solutions

Module 8: Data Center Security Compliance

  • Lesson 1: Using VMware vRealize® Log Insight™ to identify and analyze security-related log entries
  • Lesson 2: Implementing a distributed logging environment
  • Lesson 3: VMware vRealize® Configuration Manager™ compliance checkers
  • Lesson 4: VMware Realize® Operations Manager™ compliance monitoring
  • Lesson 5: vRealize Configuration Manager and vRealize Operations Manager integration
  • Lesson 6: Performing network flow monitoring to analyze network traffic

Module 9: Automating Data Center Security

  • Lesson 1: Using VMware functions and tools to enforce consistent organizational security policies during infrastructure deployment
  • Lesson 2: Automating responses to security events
  • Lesson 3: Implementing security automation with security groups, security policies, and security tags
  • Lesson 4: Automatically applying security settings to newly provisioned virtual machines based on VMware NSX security policies

Need to train your team?

All of our sessions can be customized to meet your team’s specific need. Build the perfect program by picking and choosing topics from any of the courses in our catalog. A personalized private session gives you the ultimate flexibility and helps maximize your team’s valuable time!

Requesting Team Training
DateTimeTypePriceAdd To Cart

Security Operations for the Software-Defined Data Center

5 Day
Classroom

$4,250.00

Chat with a Coach

Chat with a Coach

Have a more immediate need? Why spend the next hour searching online for answers when you can spend just 15 minutes with one of our experts and get accurate and personalized answers to all of your questions. 

$9.99 | 15 Minutes

Book Now