VCDX Study Plan – Security

The essential VCDX study plan for security.

List of articles in my VCDX Deep-Dive series (more than 70 posts)

Here is the list (in no particular order, I typed them as they occurred to me):

  • Compliance – PCI DSS, HIPAA, Sarbanes-Oxley etc. – How will it impact your design?
  • Network Filtering
  • Application Filtering
  • SMTP Gateways
  • Web Proxy
  • Defence in Depth and Layering
  • Network Segmentation
  • DMZ
  • RBAC
  • Restricted Networks
  • Anti-Virus and EndPoint Protection
  • vCNS/vShield
  • UTM
  • HSM
  • Data Encryption
  • DLP
  • MFA
  • ACLs on Routers
  • Identity Management
  • Port Security – NAP/NAC
  • vSphere security mechanisms
  • How to secure iSCSI, NAS?
  • Wireless Security for VDI
  • IPSec/SSL VPNs
  • SSL Security/PKI
  • Physical Security
  • Hardening processes
  • Security Testing
  • Separation of IT Governance/Information Security and Security Operations
  • Identity and Access Management/Directory Services/Kerberos/LDAP
  • Security Event Monitoring
  • Configuration compliance
  • Security Incident Management
  • Types of Threats and Threat Matrices – what am I protecting against?
  • Who are the major vendors for security products?

Resources you may want to consider:

Validate these scenarios:

  • My customer is a hospital and they have a HIPAA compliance requirement.  My plan is to use a common vSphere HA/DRS/SDRS cluster for all workloads.  Will the HIPAA Auditor approve my design?
  • My design places the vSphere management interfaces in a common subnet with Production workloads.  Is this a good idea?
  • My customer has a requirement for NAS storage.  I am going to secure the NAS by filtering host NFS traffic through a firewall.  Will I have performance issues?

One Reply to “VCDX Study Plan – Security”

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Website Built with
%d bloggers like this: