VMware ESX Server in the Enterprise

Planning and Securing Virtualization Servers

The Most Complete, Practical, Solutions-Focused Guide to Running ESX Server 3

VMware ESX Server in the Enterprise is the definitive, real-world guide to planning, deploying, and managing today’s leading virtual infrastructure platform in mission-critical environments.

Drawing on his extensive experience consulting on large-scale ESX Server implementations, Edward L. Haletky brings together an unprecedented collection of tips, best practices, and field-tested solutions. More than any other author, he illuminates the real issues, tradeoffs, and pitfalls associated with ESX Server–and shows how to make the most of it in your unique environment.

Haletky covers the entire lifecycle: planning, installation, system monitoring, tuning, clustering, security, disaster recovery, and much more. Throughout, he supports his recommendations with examples from real-world deployments. He also provides detailed checklists for handling crucial issues such as caching, networking, storage, and hardware selection. Many of his techniques and practices apply to all current virtualization platforms, not just ESX Server.

This book will be an indispensable resource for every network architect, administrator, and IT professional who works with virtual servers. ESX Server newcomers will find the soup-to-nuts introduction they desperately need; experienced users will find an unparalleled source of field-tested answers and solutions.

In this book, you’ll learn how to:

•    Identify key differences between ESX v3.x.y and ESX v2.5.x and their implications

•    Perform a complete installation–with automated scripting techniques and samples

•    Efficiently audit, monitor, and secure ESX Server

•    Discover SAN storage pitfalls and solutions–with detailed guidance for specific SANs, switches, and fibre-channel adapters

•    Understand ESX Server networking: NIC teaming, vSwitches, network lag, and troubleshooting

•    Configure ESX Server via the Management User Interface, Virtual Center client, and command line interface

•    Install Windows, Linux, and NetWare VMs: prepare media images, place configuration files, handle sizing and swap files, and more

•    Use Dynamic Resource Load Balancing to consistently achieve utilization goals

•    Implement effective backup and disaster recovery procedures

Edward L. Haletky owns AstroArch Consulting, Inc., a consultancy specializing in virtualization, security, and networking. He has been rated by his peers on the VMware Discussion Forums as a “virtuoso” for his work in answering VMware security and configuration questions. Prior to establishing AstroArch, Haletky was a member of Hewlett-Packard’s Virtualization, Linux, and High-Performance Technical Computing teams. He holds a degree in Aeronautical and Astronautical Engineering from Purdue University.

Complete Hands-On Help for Securing VMware vSphere and Virtual Infrastructure by Edward Haletky, Author of the Best Selling Book on VMware, VMware ESX Server in the Enterprise

As VMware has become increasingly ubiquitous in the enterprise, IT professionals have become increasingly concerned about securing it. Now, for the first time, leading VMware expert Edward Haletky brings together comprehensive guidance for identifying and mitigating virtualization-related security threats on all VMware platforms, including the new cloud computing platform, vSphere.

This book reflects the same hands-on approach that made Haletky’s VMware ESX Server in the Enterprise so popular with working professionals. Haletky doesn’t just reveal where you might be vulnerable; he tells you exactly what to do and how to reconfigure your infrastructure to address the problem.

VMware vSphere and Virtual Infrastructure Security begins by reviewing basic server vulnerabilities and explaining how security differs on VMware virtual servers and related products. Next, Haletky drills deep into the key components of a VMware installation, identifying both real and theoretical exploits, and introducing effective countermeasures.

Coverage includes

•    Viewing virtualization from the attacker’s perspective, and understanding the new security problems it can introduce

•    Discovering which security threats the vmkernel does (and doesn’t) address

•    Learning how VMsafe enables third-party security tools to access the vmkernel API

•    Understanding the security implications of VMI, paravirtualization, and VMware Tools

•    Securing virtualized storage: authentication, disk encryption, virtual storage networks, isolation, and more

•    Protecting clustered virtual environments that use VMware High Availability, Dynamic Resource Scheduling, Fault Tolerance, vMotion, and Storage vMotion

•    Securing the deployment and management of virtual machines across the network

•    Mitigating risks associated with backup, performance management, and other day-to-day operations

•    Using multiple security zones and other advanced virtual network techniques

•    Securing Virtual Desktop Infrastructure (VDI)

•    Auditing virtual infrastructure, and conducting forensic investigations after a possible breach

informit.com/ph      www.Astroarch.com