VMware vCloud Security

## In Detail

Security is a major concern, in particular now that everything is moving to the cloud. A private cloud is a cloud computing platform built on your own hardware and software. The alternative is to deploy the services you need on a public cloud infrastructure provided by an external supplier such as Amazon Web Services, Rackspace Cloud, or HP Public Cloud. While a public cloud can afford greater flexibility, a private cloud gives you the advantage of greater control over the entire stack.

"VMware vCloud Security" focuses on some critical security risks, such as the application level firewall and firewall zone, virus and malware attacks on cloud virtual machines, and data security compliance on any VMware vCloud-based private cloud. Security administrators sometimes deploy its components incorrectly, or sometimes cannot see the broader picture and where the vCloud security products fit in. This book is focused on solving those problems using VMware vCloud and the vCloud Networking and Security product suite, which includes vShield App, vShield Endpoint, and vShield Data Security.

Ensuring the security and compliance of any applications, especially those that are business critical, is a crucial step in your journey to the cloud. You will be introduced to security roles in VMware vCloud Director, integration of LDAP Servers with vCloud, and security hardening of vCloud Director. We’ll then walk through a hypervisor-based firewall that protects applications in the virtual datacenter from network-based attacks. We’ll create access control policies based on logical constructs such as VMware vCenter Server containers and VMware vShield security groups but not just physical constructs, such as IP addresses. You’ll learn about the architecture of EPSEC and how to implement it. Finally, we will understand how to define data security policies, run scans, and analyze results.

## Approach

VMware vCloud Security provides the reader with in depth knowledge and practical exercises sufficient to implement a secured private cloud using VMware vCloud Director and vCloud Networking and Security.

## Who this book is for

This book is primarily for technical professionals with system administration and security administration skills with significant VMware vCloud experience who want to learn about advanced concepts of vCloud security and compliance.

### Über den Autor und weitere Mitwirkende

Prasenjit Sarkar is a senior member of technical staff in VMware Service Provider Cloud RD where he provides architectural oversight and technical guidance to design, implement, and test VMware's Cloud datacenters. He is an author, RD guy, and a blogger focusing on virtualization, cloud computing, storage, networking, and other enterprise technologies.He has more than 10 years of expert knowledge in RD, professional services, alliances, solution engineering, consulting, and technical sales with expertise in architecting and deploying virtualization solutions and rolling out new technology and solution initiatives. His primary focus is on VMware vSphere Infrastructure and the public cloud using the VMware vCloud Suite.One of his other focuses is to own the entire life cycle of a VMware-based IaaS (SDDC), in particular, vSphere, vCloud Director, vShield Manager, and vCenter Operations. He is one of the VMware vExperts in 2012 and 2013 and is well known for his acclaimed virtualization blog, http://stretch-cloud.info. Prasenjit holds certifications from VMware, Cisco, Citrix, RedHat, Microsoft, IBM, HP, and Exin. Prior to joining VMware, Prasenjit has served other fine organizations (such as Capgemini, HP, and GE) as Solution Architect and Infrastructure Architect.You can follow him on Twitter at @stretchcloud.