VMware vSphere: Security [V8] - On Demand

This course, equivalent to 2 days of training, is designed to provide IT professionals with the knowledge and skills necessary to secure their vSphere environment. Through a mix of lecture and hands-on labs, you will learn how to secure your virtual infrastructure, while learning the architecture of vSphere security and the role of vSphere components in securing your environment.

Audience

System administrators and engineers

Prerequisites

This course has the following prerequisites:

• Equivalent knowledge and administration experience with ESXi and vCenter
• Experience with working at the command line is highly recommended.

Objectives

By the end of the course, you should be able to meet the following objectives:

• Identify recommendations for vCenter and ESXi security
• Explain the importance of the vSphere Security Configuration Guide
• Configure Lockdown Mode and ESXi firewall
• Identify the role of vTPM and VBS for securing VMs
• Recognize the rules for applying permissions on vCenter
• Identify the services used for vCenter Single Sign-On
• Implement Two-Factor Authentication on vCenter
• Describe the architecture of identity federation
• Use VMware Certificate Authority and VMware Endpoint Certificate Store to configure vSphere security certificate management
• Use the vSphere Client and CLI utilities to Manage and Troubleshoot vCenter Certificates
• Describe the components of a VM encryption architecture
• Recognize the role of the Key Management Server in vCenter
• Describe vSphere Trust Authority
• Configure vSphere Trust Authority

Product Alignment

• VMware ESXi 8.0
• VMware vCenter 8.0

Course Outline

1 Course Introduction

• Introductions and course logistics
• Course objective

2 General Security Awareness

• Identify the security recommendations for vCenter
• Recognize strategies for securing the vSphere management network
• Identify the security recommendations for ESXi hosts
• Explain the importance of the vSphere Security Configuration Guide
• Explain the importance of VMware Security Advisories

3 Securing ESXi

• Explain how to navigate the Direct Console User Interface to configure an ESXi host
• Demonstrate how to configure the ESXi host settings
• Describe how UEFI Secure Boot functions in ESXi hosts
• Demonstrate how to configure the ESXi firewall
• Explain how to configure directory services to authenticate user logins

4 Securing VMs

• Identify the role of vTPM and VBS for securing VMs
• Describe the process of activating encrypted vSphere vMotion

5 vSphere Authentication

• Recognize the identity sources on your vCenter
• Define the term permission in the context of vCenter
• Identify the services used for vCenter Single Sign-On
• Identify methods for two-factor authentication on vCenter
• Configure identity federation

6 vSphere Certificate Authority

• Describe how to replace vCenter certificates in vSphere Certificate Manager
• Explain how the vSphere Client manages ESXi certificates
• Identify common certificate-related issues in vCenter
• Troubleshoot certificate-related issues in vCenter

7 VM Encryption

• Describe the components of a VM encryption architecture
• Explain the process of managing encrypted VMs
• List VM encryption events and alarms

8 Key Provides and the vSphere Trust Authority

• Recognize the role of the Key Provider in vCenter
• Describe vSphere Trust Authority
• List the use cases of vSphere Trust Authority
• Configure vSphere Trust Authority