2009 Cms Conference VMware overview

406 views

Published on

Presentation I gave in August 2009 at the CMS Best Paractices Conference in Denver, Co

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
406
On SlideShare
0
From Embeds
0
Number of Embeds
6
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

2009 Cms Conference VMware overview

  1. 1. VMware Overview and Security 11/12/2009 1
  2. 2. Today’s Discussion Today’s Early Successes in Virtualization Current Virtualization Environment Overview of Virtual Environment Security 11/12/2009 2
  3. 3. Early Successes With Virtual Implementations VDI VDI – WAH VDI SHACK External Sun Ray Internal • Security • Security • Performance • Security • Speed to market • Cost Savings • DR • Performance • Scalability • Improved • Scalability • Speed to market Support structure 11/12/2009 3
  4. 4. Virtual Infrastructure Software Hardware Technologies Utilized Technologies Utilized Vmware Virtual Infrastructure EMC Clarion SAN Vmware ESX 3.5 Dell PowerEdge R900 Servers Virtual Center Server 2.5 Sun Ray DTUs Quest Provision VAS Desktop PCs Sun Ray DVI 11/12/2009 4
  5. 5. ESX 3.5 Host Hardware & Connectivity Service Console Service Console Network 4 Port NIC vMotion Network vMotion VM 2 Port NIC Producton VM Production Network Dell PowerEdge R900 2 Port NIC ESX 3.5 Storage 4 X 8 Core Processor 128 GB Memory SAN Fibre Switch 2 Port HBA 11/12/2009 5
  6. 6. Datacenter Cluster DRS HA Current DEV Cluster VMware DEV HOST 1 ESX 3.5 Virtual Center DEV HOST 2 VMware ESX 3.5 Structure DEV HOST 3 VMware ESX 3.5 VMware DEV HOST 4 ESX 3.5 Datacenter DRS HA Cluster VDI Cluster VMware VDI HOST 1 ESX 3.5 VMware VDI HOST 2 ESX 3.5 VMware VDI HOST 3 ESX 3.5 VMware VDI HOST 4 ESX 3.5 DRS HA Cluster PROD Cluster VMware PROD HOST 3 ESX 3.5 VMware PROD HOST 4 ESX 3.5 VMware PROD HOST 1 ESX 3.5 VMware PROD HOST 5 ESX 3.5 VMware PROD HOST 2 ESX 3.5 PROD HOST 6 VMware ESX 3.5 DRS HA Cluster SHACK Cluster VMware SHACK HOST 1 ESX 3.5 VMware SHACK HOST 2 ESX 3.5 11/12/2009 6
  7. 7. Virtualization Security Overview Virtual Machine Security ESX Host & Service Console Security Virtual Network Security 11/12/2009 7
  8. 8. Virtual Machine Specific Security The physical applies in the virtual Remove unneeded virtual devices Use templates to deploy virtual machines Use native RDP rather than the virtual center console Storage permissions Persistent vs. non-persistent Enforce physical machine & remote console isolation 11/12/2009 8
  9. 9. ESX & Console Security Base security steps: Restrict root privileges Use strong passwords Firewall restriction Limit services running in the service console Patch the ESX in accordance with your security policy Use of Virtual center to manage Configure SAN Storage correctly 11/12/2009 9
  10. 10. Virtual Network Security Segregate network communications Ensure proper vSwitch settings Aim for consistency and compatible settings from physical network devices to virtual. 11/12/2009 10

×