|
|
ISACA Harrisburg Event Anncouncements
 |
| |
September Program, Please Join Us for this Event |
| |
Audit and Security of Virtual Machines |
| Date: |
September 21, 2010 |
| Presenter: |
John Tannahill, CA, CISM, CGEIT |
| CPEs: |
8 |
| Location: |
Homewood Suites Harrisburg East 3990 TecPort Drive Harrisburg, PA 17111
|
| Member Cost: |
$250* |
| Non-Member Cost: |
$350* |
| Registration: |
7:45 - 8:00 |
| Presentation: |
8:00 - 4:30 |
| Continental Breakfast & Lunch Provided |
Register by Friday September 17, 2010 |
|
About the Presenter - John G. Tannahill, CA, CISM, CGEIT
John Tannahill is an independent Information Security and Audit Services Consultant. John's current consulting work areas are focused on information security in large information systems environments and networks. Particular areas of technical security expertise include: Windows 2003/2008; Unix (including Solaris, AIX & Linux); Oracle, Microsoft SQL Server, DB2 & Network and Internet security.
John is a frequent speaker in Canada, USA and Europe on the subject of Information Security.
Seminar Highlights
This seminar will focus on the audit and security issues related to the use of Virtual Machine environments.
- Detailed discussion of VMware Virtual Machine architecture and security components (VMware vSphere)
- Detailed discussion of VMware ESX Server & VMware vCenter security and control features
Agenda - What You Will Learn.
1. VM Concepts
- Virtual Machine Concepts
- Hypervisors
- VMware ESX Server Overview
- VMware vCenter and Virtual Center Overview
- Security Architecture and Design Issues
- Audit & Control Objectives
- Threats & Vulnerabilities
- VMware vSphere4
2. VMware ESX Server Audit
- Audit Objectives and Checklists for the ESX Server and vCenter Environments
- Security Configuration Standards
- Configuration and Patch Management
- Security Management
- Service Console Security Configuration
- Host Level Management Security
- User Account Controls (e.g. ssh; sudo)
- Controlling Administrator Access
- Directory & File Permissions
- Logging & Monitoring
- VM Files and Settings
- Guest VM Configuration
- Guest to Host Isolation Controls
- Network and Firewall Security
3. VMware vCenter Audit
- Architecture & Design
- Auditing Management Server Configuration and Components
- Inventory Control Areas
- Virtual Center Users
- Controls over Administrative Users (Data Center Administrator, VM Administrator etc.)
- Roles (e.g. System and Sample Roles) and Objects
- Permissions and Permission Privileges Group Management
- Security Monitoring
4. Cloud Computing
- Concepts Overview
- Security and Control Issues
5. Security and Audit Tools & Techniques
Note: session will include discussion of other VM Technologies in the Concepts session, including:
- Microsoft Hyper-V
- Citrix XEN Server
- Solaris Containers
- Linux VM
- Microsoft Virtual Server & PC
- VirtualBox
- VMware ESXi server; Player; Workstation
- VMware vSphere4
|
| *No shows will be billed |
|
|
|