Virtualization Security E-Book

Table of Contents

Title Page

Copyright

Publisher's Note

Dedication

Acknowledgments

About the Author

Introduction

Chapter 1: Fundamentals of Virtualization Security

Virtualization Architecture

Threats to a Virtualized Environment

How Security Must Adapt to Virtualization

Chapter 2: Securing Hypervisors

Hypervisor Configuration and Security

Configuring VMware ESXi

Configuring Microsoft Hyper-V on Windows Server 2008

Configuring Citrix XenServer

Chapter 3: Designing Virtual Networks for Security

Comparing Virtual and Physical Networks

Virtual Network Security Considerations

Configuring Virtual Switches for Security

Integrating with Physical Networking

Chapter 4: Advanced Virtual Network Operations

Network Operational Challenges

Network Operations in VMware vSphere

Network Operations in Microsoft Hyper-V

Network Operations in Citrix XenServer

Chapter 5: Virtualization Management and Client Security

General Security Recommendations for Management Platforms

Network Architecture for Virtualization Management Servers

VMware vCenter

Microsoft System Center Virtual Machine Manager

Citrix XenCenter

Chapter 6: Securing the Virtual Machine

Virtual Machine Threats and Vulnerabilities

Virtual Machine Security Research

Locking Down VMware VMs

Locking Down Microsoft VMs

Locking Down XenServer VMs

Chapter 7: Logging and Auditing

Why Logging and Auditing Is Critical

Virtualization Logs and Auditing Options

Integrating with Existing Logging Platforms

Effective Log Management

Chapter 8: Change and Configuration Management

Change and Configuration Management Overview

How Virtualization Impacts Change and Configuration Management

Best Practices for Virtualization Configuration Management

Cloning and Templates for Improved Configuration Management

Integrating Virtualization into Change and Management

Additional Solutions and Tools

Chapter 9: Disaster Recovery and Business Continuity

Disaster Recovery and Business Continuity Today

Shared Storage and Replication

Virtualization Redundancy and Fault Tolerance for DR/BCP

High Availability and Fault Tolerance

Chapter 10: Scripting Tips and Tricks for Automation

Why Scripting Is Essential for Admins

VMware Scripting: Power CLI and vCLI

Microsoft Scripting for Hyper-V: PowerShell

Citrix Scripting: Shell Scripts

Chapter 11: Additional Security Considerations for Virtual Infrastructure

VDI Overview

Leveraging VDI for Security

Index

Acquisitions Editor: Mariann Barsolo

Development Editor: Stef Jones

Technical Editor: Steve Pate

Production Editor: Rebecca Anderson

Copy Editor: Judy Flynn

Editorial Manager: Pete Gaughan

Production Manager: Tim Tate

Vice President and Executive Group Publisher: Richard Swadley

Vice President and Publisher: Neil Edde

Book Designer: Maureen Forys, Happenstance Type-O-Rama; Judy Fung

Proofreader: James Saturnio, Word One New York

Indexer: Robert Swanson

Project Coordinator, Cover: Katherine Crocker

Cover Designer: Ryan Sneed

Cover Image: © alengo / iStockPhoto

Copyright © 2013 by John Wiley & Sons, Inc., Indianapolis, Indiana

Published simultaneously in Canada

ISBN: 978-1-118-28812-2

ISBN: 978-1-118-33375-4 (ebk.)

ISBN: 978-1-118-33151-4 (ebk.)

ISBN: 978-1-118-33487-4 (ebk.)

No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at http://http://www.wiley.com/go/permissions.

Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation warranties of fitness for a particular purpose. No warranty may be created or extended by sales or promotional materials. The advice and strategies contained herein may not be suitable for every situation. This work is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional services. If professional assistance is required, the services of a competent professional person should be sought. Neither the publisher nor the author shall be liable for damages arising herefrom. The fact that an organization or Web site is referred to in this work as a citation and/or a potential source of further information does not mean that the author or the publisher endorses the information the organization or Web site may provide or recommendations it may make. Further, readers should be aware that Internet Web sites listed in this work may have changed or disappeared between when this work was written and when it is read.

For general information on our other products and services or to obtain technical support, please contact our Customer Care Department within the U.S. at (877) 762-2974, outside the U.S. at (317) 572-3993 or fax (317) 572-4002.

Wiley publishes in a variety of print and electronic formats and by print-on-demand. Some material included with standard print versions of this book may not be included in e-books or in print-on-demand. If this book refers to media such as a CD or DVD that is not included in the version you purchased, you may download this material at http://booksupport.wiley.com. For more information about Wiley products, visit www.wiley.com.

Library of Congress Control Number: 2012917323

TRADEMARKS: Wiley, the Wiley logo, and the Sybex logo are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates, in the United States and other countries, and may not be used without written permission. All other trademarks are the property of their respective owners. John Wiley & Sons, Inc. is not associated with any product or vendor mentioned in this book.

Dear Reader,

Thank you for choosing Virtualization Security: Protecting Virtualized Environments. This book is part of a family of premium-quality Sybex books, all of which are written by outstanding authors who combine practical experience with a gift for teaching.

Sybex was founded in 1976. More than 30 years later, we're still committed to producing consistently exceptional books. With each of our titles, we're working hard to set a new standard for the industry. From the paper we print on, to the authors we work with, our goal is to bring you the best books available.

I hope you see all that reflected in these pages. I'd be very interested to hear your comments and get your feedback on how we're doing. Feel free to let me know what you think about this or any other Sybex book by sending me an email at [email protected]. If you think you've found a technical error in this book, please visit http://sybex.custhelp.com. Customer feedback is critical to our efforts at Sybex.

Acknowledgments

There are lots of folks I'd like to thank, for many more things than just this book. For lots of technical professionals, or probably anyone publishing their first real book, there's this temptation to list everyone who got you to where you are. For me, that would be a pretty long list, so I'll list only a few folks along the way who made a pretty big difference in my life and career until now.

First, I have a few teachers that really steered me in my youth — Rose Bridgeman, who thought I just might be a good public speaker; Carol Lofgren (when I knew her), who somehow made learning Latin the coolest thing in school; and Janet Weeks, who fostered in me a deep passion for both learning and reading amazing literature and actually got me through a rough patch when I needed a friend.

I'd like to thank Paul Janus, who had some faith in me a long time ago and helped me transition from a nontechnical career to a technical one. He probably hasn't thought about me in a long time, but he made a big difference early on. Thanks to Herb Mattord, who hired me and gave me that first major exposure to corporate infosec. Thanks to my friend John Lampe, who was the first serious hacker I got to know and respect and taught me that there's always more than one way to do things. Thanks to my friend Lara Dawson, who got me started down the road with SysAdmin, Audit, Networking, and Security (SANS) a long time ago, and to Stephen Northcutt, who mentored me a lot in the early days and connected me with one of my more interesting gigs. Thanks also to all my fellow SANS instructors and the whole team over there — all of you are really extended family to me.

My friend Chris Farrow had a lot to do with my career at a vital point — in fact, I took over his old job, and what a wild ride that turned out to be. Chris, if you're reading this, you've turned out to be a great friend over all these years, and I'm thankful for all you've done for me. Thanks to all my friends and colleagues at IANS, especially Phil Gardner, who is a great guy to work for and with. I'd be remiss not to thank all of my awesome clients at Voodoo Security too — you'll always get my best efforts, every single time. One other shout-out must go to Robert Kiyosaki, whose book Rich Dad, Poor Dad convinced me to start buying real estate a long time ago, and that's worked out brilliantly.

Huge thanks to the team at Sybex — Pete Gaughan, Mariann Barsolo, Rebecca Anderson, Connor O'Brien, and Stef Jones, who did an amazing job editing my scribbles. My technical editor, Steve Pate, gets my everlasting gratitude as well — you're a great friend and colleague, and this book is better for your efforts.

My final thanks, of course, goes to my family. My wife, Karrie, and daughter, Mia, suffered through my last year of insanity like troopers and make everything I do worth it. I couldn't do any of this without you guys, and I love you both with all my heart.

About the Author

Dave Shackleford is the owner and principal consultant at Voodoo Security, senior vice president of research and CTO at IANS, and a SANS senior instructor and course author. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering. He is a VMware vExpert and has extensive experience designing and configuring secure virtualized infrastructures. He has previously worked as CSO for Configuresoft; as CTO for the Center for Internet Security; and as a security architect, analyst, and manager for several Fortune 500 companies. Dave coauthored the first published course on virtualization security for the SANS Institute and currently serves on the board of directors at the SANS Technology Institute. In his spare time, he helps lead the Atlanta chapter of the Cloud Security Alliance. He is an avid fitness nut, loves anything to do with the water, and enjoys traveling the world.

Introduction

So, what exactly is virtualization security anyway? There are a lot of varied definitions that could fit here, but the simplest is this: the systematic lockdown and application of security-related technical and procedural controls for all components of a virtualization infrastructure. Why do we need virtualization security, or virtsec for short? Well, the world is quickly changing, my friends. The look and feel of today's modern datacenter is rapidly morphing from what it once was, and many organizations' network boundaries are blurrier than ever. We're starting to leverage both internal and external clouds, which tend to make heavy use of virtualization technology. We have entire networks “in a box.” All the components are abstracted from their physical counterparts — network devices, storage, application components, entire servers, and desktops. Finally, and maybe most important, we have lots more layers in our computing stacks than ever before, and more layers equals worse security, a lesson learned over many years in IT.

For all these reasons and more, we need a solid grasp on how to lock this technology down appropriately. As with any security efforts, the amount and severity of what you do and how you do it will, and should, vary depending on your business and risk tolerance. Some of the security we need to consider is more focused on policy and process than technology. For example, change control and configuration management are two disciplines that really need some attention as part of a sound virtualization security strategy, but they don't really deal with hands-on technical topics as much as some others. On the flip side, there are lots of knobs to turn and buttons to push in the realm of virtualization, and knowing what they are and when to twist or push them is a critical skill that more operations and security teams need today. When you're building your infrastructure on a technology, you'd better know how to secure it properly.

My sincere hope is that this book proves to be a practical and useful source of guidance for you, and I welcome any feedback or improvements I can make.

Who Should Read This Book

I'd like to think that this book has a little something for everyone, but “everyone” is a pretty broad group, so I'll narrow it a bit. In particular, this book was written for IT operations teams that manage any aspect of the virtual environment (including virtual networks and storage). This book is very short on theory and “blah blah blah” and much more to the point so you can quickly apply concepts and get your jobs done. IT administrators, network engineers, technical architects, and many other operations-focused roles will likely find this book to have value.

I also wrote this book for information security teams. While they may not be performing much of the hands-on configuration of the virtualization environment, they'll likely be involved in auditing and setting policy, and the more technical know-how they have the better.

Finally, there's a good bit of material here that should be of interest to technical managers and auditors too. While not all of the material will be of interest, more than likely there's enough background material to get managers up to speed and technical controls and commands that auditors can leverage for assessing the state of the environment.

What You Will Learn

In this book, readers will learn about best practices and specific technical controls for securing virtual infrastructure. I'll cover the gamut of components ranging from virtual networks to hypervisor platforms and virtual machines. One of the book's focal points is coverage of the three major hypervisor platform vendors, namely VMware, Microsoft, and Citrix. While there are plenty of other virtualization technologies (like KVM, for example), these three tend to be the most popular, and I touch on most aspects of how they're configured and managed. You'll learn some basics for scripting and setting up disaster recovery tools and technologies, a variety of configuration options, some auditing and assessment techniques, and in most cases, how to secure the technology from both a GUI and command-line perspective.

How This Book Is Organized

Here's a glance at what is in each chapter.

Hardware and Software Requirements

To get the most out of this book, you should have a virtualization infrastructure based on VMware vSphere, Microsoft Hyper-V, or Citrix XenServer.

Certain features and capabilities discussed within most chapters of the book may be reliant on a certain license version from the vendors discussed. You should check which features you have with your current licensing before attempting to configure your infrastructure! Links to licensing information for VMware, Microsoft, and Citrix are listed here.

VMware vSphere licensing:

www.vmware.com/products/datacenter-virtualization/vsphere/compare-editions.html

Microsoft Hyper-V licensing:

www.microsoft.com/en-us/server-cloud/buy/pricing-licensing.aspx

Citrix XenServer licensing:

www.citrix.com/English/ps2/products/subfeature.asp?contentID=2313292

How to Use This Book

This book has been organized so that it does not have to be read in order from front to back. Each chapter contains specific information that can be put to good use right away.

How to Contact the Author

I welcome feedback and ways to improve the book for everyone. Please contact me at [email protected] with any feedback.

Sybex strives to keep you supplied with the latest tools and information you need for your work. Please check www.sybex.com/go/virtualizationsecurity, where we'll post additional content and updates that supplement this book should the need arise.

Chapter 1

Fundamentals of Virtualization Security

Virtualization technology has been around for many years, in a variety of formats. Ranging from logical partitioning on mainframes to the highly diversified technologies of today like desktop, server, and application virtualization, the concept of virtualization is firmly embedded in today's datacenters and here to stay. However, with the rapid advances in virtualization technology comes a dark side, namely in the form of security risks. In this chapter, we'll examine the underpinnings of today's virtual technology; I'll explain what it means and how the various moving parts work together.

Then, we'll explore a variety of threats to your virtual environments, some of which are much more pressing, and some that are more theoretical but nonetheless warrant mention. Finally, we'll delve into the changing landscape of security in light of virtual infrastructure and how it's changing the way we do things.

This chapter is really intended to lay the groundwork for the rest of the book and is the most theoretical material you'll encounter. It's important to understand the theory and concepts associated with virtualization security in order to grasp why we're concerned about it in the first place. If you're a security professional, many of these concepts will be somewhat familiar to you. If you're an administrator or engineer, you'll likely be familiar with some of this, but my guess is you're more focused on just getting things done. After this chapter, the book's emphasis decidedly shifts toward “getting things done” versus “security theory.”

In this chapter, you will learn about the following topics:

Virtualization architecture

Threats to a virtualized environment

Challenges for securing virtualized environments

Challenges of vulnerability testing in virtualized environments

Virtualization Architecture

At its heart, all virtualization represents the abstraction of computing resources from the physical hardware layer. In the realm of server virtualization, the host is the underlying server virtualization platform that will be used to provide virtual hardware layers to the virtual servers. The virtual guest (usually referred to as a virtual machine, or VM) comprises a set of files that represent the virtual server or system itself. Each of these files serves a specific purpose in interacting with the host software and the underlying hardware that the host is installed on. The virtual machines can be located directly on the host's local storage device or on a network storage device (or devices).

Lesen Sie weiter in der vollständigen Ausgabe!

Lesen Sie weiter in der vollständigen Ausgabe!

Lesen Sie weiter in der vollständigen Ausgabe!

Lesen Sie weiter in der vollständigen Ausgabe!

Lesen Sie weiter in der vollständigen Ausgabe!

Lesen Sie weiter in der vollständigen Ausgabe!

Lesen Sie weiter in der vollständigen Ausgabe!

Lesen Sie weiter in der vollständigen Ausgabe!

Lesen Sie weiter in der vollständigen Ausgabe!

Lesen Sie weiter in der vollständigen Ausgabe!

Lesen Sie weiter in der vollständigen Ausgabe!