Security Operations for the Software Defined Data Center - SOSDDC$0 $0
Security Operations for the Software Defined Data Center - SOSDDC
• Completion of one of the following: • VMware vSphere: Install, Configure, Manage [V5.5 or V6]; • VMware vSphere: Fast Track; • Equivalent knowledge; • Experience working at the command prompt and with scripting tools like Windows PowerShell is highly Recommended; • An understanding of corporate/enterprise network implementations
4. vSphere Hardening: ESXi host hardening; Implementing lockdown mode on ESXi hosts; Configuring ESXi host-based firewall settings; vCenter Server hardening; Tools to reduce infrastructure vulnerabilities; Implementing hardening best practices based on the vSphere Hardening Guide.
5. Data Protection: Data encryption technology; Data-at-rest encryption options; Datastore security options; Configuring vSphere security certificate management using VMware Certificate Authority and VMware Endpoint Certificate Services; Using the Certificate Automation Tool to manage vSphere certificates; Establishing and using an IPsec VPN; Using the VMware Endpoint Certificate Store.6. Network Security: Managing network data in a VMware SDDC; Security policies and settings of vSphere switches; Configuring vSphere advanced security features for distributed switches; using the VMware NSX distributed firewall and distributed router to implement micro-segmentation; Protecting and managing north-south traffic with VMware NSX Edge™ services gateway and physical firewalls; Managing access to the vSphere management network; Using VMware NSX virtual switch features to implement network security; Designing clusters and racks to minimize vulnerabilities; Limiting access to vSphere management networks; Hardening network infrastructure components.7. Virtual Machine and Application Protection: Securing virtual machine guest operating systems; Using VMware NSX with Service Composer for Endpoint Protection; Using distributed firewalls and micro-segmentation to isolate and protect virtual machines; Using VMware NSX identity-based firewalls to control network traffic based on AD user IDs; Additional VMware NSX functionality using integration with third-party solutions.
8. Data Center Security Compliance: Using VMware vRealize™ Log Insight™ to identify and analyze security-related log entries; Implementing a distributed logging environment; VMware vRealize™ Configuration Manager™ compliance checkers; VMware Realize™ Operations Manager™ compliance monitoring; vRealize Configuration Manager and vRealize Operations Manager integration; Performing network flow monitoring to analyze network traffic.9. Automating Data Center Security: Using VMware functions and tools to enforce consistent organizational security policies during infrastructure deployment; Automating responses to security events; Implementing security automation with security groups, security policies, and security tags; Automatically applying security settings to newly provisioned virtual machines based on VMware NSX security policies.
2. Security Concepts: Key IT security principles for the SDDC; Differences between securing traditional infrastructures and virtual infrastructures; Identity and access management concepts for SDDC; Methods to secure your virtual infrastructure components; Guest operating system access security; Hardening concepts and how they apply to virtual infrastructure components.