November 02, 2009

Security Book Review: VMware vSphere and Virtual Infrastructure Security - Securing cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Virtual Environment

"VMware vSphere and Virtual Infrastructure Security: Securing cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Virtual Environment"
Author: Edward L. Haletky
Editorial: Prentice Hall PTR
Publication date: July 2, 2009
ISBN-10: 0137158009
ISBN-13: 978-0137158003



Summary: The reference for securing virtual environments, in particular, VMware-based.

Score: 5/5

Review:
I
n cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 first half of this year (2009), I was involved on extending my previous research on virtualization security, and specifically, I focused on securing and hardening VMware ESX environments. This stirred up my interest on this book. To sum up what this book is all about: "I would have loved to have this book handy back by that time, as it would have saved me tons of time" Instead, I had to read and compare multiple VMware security guides from VMware, CIS, NIST, etc, and perform an extensive hands-on research on my own.

The book offers a very solid and broad analysis of multiple security issues on virtual environments, covering not only cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 technical aspects associated to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 virtualization hosts, virtual machines, and virtual data and storage networks, but also management and operational issues, availability concerns, and ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r common related tasks on newly deployed, or already established, virtualization setups.

The first two chapters focus on security threats and attacks, a basic foundation required for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 cross-references available throughout cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 book, that can be skipped by cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 on-cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365-field security readers.

The next three chapters focus on offering best practices and security recommendations for different key components of any virtualization platform, such as cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 hypervisor, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 storage network, and virtual clusters. The next couple of chapters cover most of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 security aspects that must be considered on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 design, deployment and operation of a virtual environment.

Although all cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se chapters provide a very good quality security advice, it is not complemented with hands-on examples. I think this could be improved by adding more detailed sections describing step-by-step how to complete cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 security recommendations exposed, not just what need to be done. However, I understand it is required to cut cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 size of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 book at some point. A good example of how to extend this idea can be observed on chapter 6, where cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 integration between VMWare ESX and a directory service is covered in depth.

However, both cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 technical and operational aspects are integrated smoothly, offering a great in-depth overview. Apart from that, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 whole recommended list of things to consider in order to get a more secure virtualization infrastructure is summarized in a useful set of boxes called "Security Notes" and spread all throughout cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 book. These boxes can be easily used as a checklist when deploying or assessing cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 security of virtual solutions.

My favourite chapters are chapter 8, and specially 9, where virtual machine and virtual networking security is analyzed, respectively. Chapter 9 offers a whole set of networking scenarios and discusses pros and cons to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 number of (physical and virtual) network cards and its configuration. A
very practical and thorough work!

The book ends up with three special chapters. Chapter 10 covers cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 new VMware virtual desktop infrastructure (VDI) and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 security issues around it. Due to all cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 client-based attacks nowadays, most probably it is going to be a de-facto standard pretty soon, so getting involved on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 virtualization of client systems is a must. Chapter 11 provides a detailed guide to harden VMware ESX and ESXi hosts, a mandatory initial process for every new virtual deployment. Finally, chapter 12 provides a quick and interesting introduction to digital forensics (and data recovery) on virtual enviroments, mainly focused on how to deal with virtual file systems, such as VMFS, VMDKs, and raw disks. A quick recommended read for forensic analysts interested on expanding cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir skills to virtual victims.

There are a few things I feel will improve cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 book contents. Unfortunately, due to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 publication deadline, its coverage of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 latest VMware vSphere virtual architecture is pretty limited, as cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 author clarifies. Besides that, considering cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 frequent security updates and patches released by virtualization vendors, I would have liked to find a better coverage of best practices to update cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 virtual infrastructure itself. Finally, as mentioned previously, about half of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 book includes detailed how-to sections describing how to apply cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 recommended settings, but cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r half misses that how-to portion. I understand this may be a limitation to make cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 book size manageable (it's over 500 pages now).

This book is highly recommended for IT and security architects, involved in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 design of new virtual solutions, as well as virtualization administrators and anyone in charge of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 maintenance of a virtual infrastructure. From a security perspective, people evaluating, assessing, and suggesting improvements for virtual solutions should read cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 book in order to have a full overview of all cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 security threats and possible countermeasures. Overall, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 book is a must read for anyone already involved, or planning to get involved, in virtualization. It really helps to acquire a very broad and extensive knowledge of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 security considerations that apply to such a complex and modern IT architectures.

UPDATE: Slashdot review, Amazon review.

Labels: ,

0 Comments:

Post a Comment

<< Home