VMworld 2007 has come and gone, but if you missed it, many of the sessions have been made public. Session TA57, titled Security Architecture Design and Hardening VMware Infrastructure 3 is viewable online complete with screencast, audio (mp3) and pdf document.
Based on a light-weight, kernel optimized for virtualization, VMware Infrastructure 3 architecture incorporates a number of features by design that address security issues in the corporate enterprise environment. This presentation will discuss various architecture designs preventing Buffer Overflows, ARP Spoofing, Distributed Denial of Service (DDoS), SNMP corruption and cascading issues.
As with everything networked, VMware Infrastructure 3 is not impervious to attack, and you should take proper measures to harden and mitigate risk and exposure. This presentation provides recommendations, specific steps, and practical vulnerability assessments and hacking examples to ensure that your VMware Infrastructure 3 environment is being properly secured and monitored.
This session will answer many persistent questions that ALWAYS present themselves when we enter into enterprise security discussions.