Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
VMware vSphere Security Cookbook

You're reading from   VMware vSphere Security Cookbook Over 75 practical recipes to help you successfully secure your vSphere environment

Arrow left icon
Product type Paperback
Published in Nov 2014
Publisher
ISBN-13 9781782170341
Length 334 pages
Edition 1st Edition
Arrow right icon
Author (1):
Arrow left icon
Michael Greer Michael Greer
Author Profile Icon Michael Greer
Michael Greer
Arrow right icon
View More author details
Toc

Table of Contents (15) Chapters Close

Preface 1. Threat and Vulnerability Overview 2. ESXi Host Security FREE CHAPTER 3. Configuring Virtual Machine Security 4. Configuring User Management 5. Configuring Network Security 6. Configuring Storage Security 7. Configuring vShield Manager 8. Configuring vShield App 9. Configuring vShield Edge 10. Configuring vShield Endpoint 11. Configuring vShield Data Security 12. Configuring vSphere Certificates 13. Configuring vShield VXLAN Virtual Wires Index

Physical threats

The topic of physical security might seem out of place in a book on virtual security; however, it plays a key role. As referenced in the defense-in-depth model, the most thorough design and implementation can be breached if physical security fails. For example, if one can physically access a console logged in with administrative credentials, security controls are effectively neutralized.

Physical threats by nature are threats that require physical access to the hardware in order to exploit the systems. In the case of virtualization hardware, the threat vector is somewhat lessened if you assume that the hardware will reside in some form of secure datacenter structure, be it a secure facility or room. In addition, carrying out administrative tasks on management desktops situated in secure locations without access to any public networks will also reduce risk.

Even with equipment residing in a secure facility, there are a number of threats that remain, including nonmalicious factors such as extreme weather and power outages. Other threat vectors include security and authentication mechanisms to the facility and within the facility to the server location. Typically, in a highly secure facility, a cage within the datacenter is used to secure the server hardware. Entry into the cage is limited to certain personnel and controlled by biometric or card reader devices.

Another potential threat is the personnel that staff the facility. A dishonest employee, even one who has been fully vetted and background-checked can gain access to sensitive equipment and potentially the data residing on that equipment. Alternatively, a dishonest employee can grant access to an outsider who is intending to attack a particular company's server or virtualization environment contained in the facility.

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image