VCDX Study Plan – Security

The essential VCDX study plan for security.

List of articles in my VCDX Deep-Dive series (more than 70 posts)

Here is the list (in no particular order, I typed them as they occurred to me):

  • Compliance – PCI DSS, HIPAA, Sarbanes-Oxley etc. – How will it impact your design?
  • Network Filtering
  • Application Filtering
  • SMTP Gateways
  • Web Proxy
  • Defence in Depth and Layering
  • Network Segmentation
  • DMZ
  • RBAC
  • Restricted Networks
  • Anti-Virus and EndPoint Protection
  • vCNS/vShield
  • UTM
  • HSM
  • Data Encryption
  • DLP
  • MFA
  • ACLs on Routers
  • Identity Management
  • Port Security – NAP/NAC
  • vSphere security mechanisms
  • How to secure iSCSI, NAS?
  • Wireless Security for VDI
  • IPSec/SSL VPNs
  • SSL Security/PKI
  • Physical Security
  • Hardening processes
  • Security Testing
  • Separation of IT Governance/Information Security and Security Operations
  • Identity and Access Management/Directory Services/Kerberos/LDAP
  • Security Event Monitoring
  • Configuration compliance
  • Security Incident Management
  • Types of Threats and Threat Matrices – what am I protecting against?
  • Who are the major vendors for security products?

Resources you may want to consider:

Validate these scenarios:

  • My customer is a hospital and they have a HIPAA compliance requirement.  My plan is to use a common vSphere HA/DRS/SDRS cluster for all workloads.  Will the HIPAA Auditor approve my design?
  • My design places the vSphere management interfaces in a common subnet with Production workloads.  Is this a good idea?
  • My customer has a requirement for NAS storage.  I am going to secure the NAS by filtering host NFS traffic through a firewall.  Will I have performance issues?

Published by


Chief Enterprise Architect and Strategist, 4xVCDX#133, NPX#8, DECM-EA.

One thought on “VCDX Study Plan – Security”

Comments are closed.