VIRTUAL INFRASTRUCTURE SECURITY ASSESSMENT

Trimarc reviews your vSphere environment and provides prioritized, actionable recommendations

The Trimarc Virtual Infrastructure Security Assessment (VISA) engagement involves the analysis of the current VMware vSphere Virtual Infrastructure (vCenter & ESXi) configuration with specific focus on Administration, Configuration, and Security Controls.
 
Virtual Infrastructure Security Assessment
Trimarc performs a Virtual Infrastructure Security Assessment (VISA) remotely or at the customer’s site (as appropriate) in order to assess known security configuration issues. The VISA involves document review, discussions with staff, running scripts and tools, and/or manual review of the Virtual Infrastructure security configuration and settings. The assessment process has four (4) primary phases: 1) gathering data from the environment; 2) processing the data & interpreting the results; 3) team and subject matter expert review to verify all findings; and 4) a completed final report is drafted and Trimarc will schedule a call to go over the results and deliver the document securely either through the Trimarc portal site or a method of the customer’s choosing.

The Trimarc VISA reviews your Virtual Infrastructure environment and identifies potential issues attackers could exploit. We analyze the configuration of your vCenter server & ESXi hosts (vSphere) environment to provide standard and custom recommendations to better leverage features and controls available with your existing Virtual Infrastructure license level.
 
The VISA specifically focuses on the security configuration of VCenter management components and ESXi hosts. Trimarc reviews the existing customer Virtual Infrastructure configuration using a proprietary Trimarc toolset and the Virtual Infrastructure web client.


 The Trimarc VISA involves review, analysis, and custom recommendations of the following:

  • Host configuration

  • Administration and management

  • Network configuration

  • Virtual Machine management

  • Audit logging and alerting configuration

  • Security controls

    • vCenter Access Controls

    • ESXi host Access Controls

    • Virtual Machine Access Controls

    • Roles and permissions
       


Benefits:

  • Review of the current configuration compared to Trimarc best practices. This includes standard recommendations based on Trimarc research and expertise as well as custom recommendations specific to customer environments meant to help improve the security posture of the virtual infrastructure.

  • Trimarc provides recommendations on how best to leverage existing Virtual Infrastructure license levels for additional beneficial security controls.

  • Administration review provides guidance around how the environment is currently managed as well as more secure administration recommendations.

  • Review of network topology to ensure all VMware best practices have been implemented successfully.

  • Auditing and logging configuration review and analysis provides a comparison of the existing logging configuration to best practices.
     


Sample Virtual Infrastructure Security Review report outline

  • Executive Overview

    • Introduction

    • Document Structure

  • vSphere Security Assessment Findings & Recommendations

    • Current Mitigations

    • Recommended Remediation Items

  • Hypervisor Layer

    • Overview

    • Access Controls

    • Host State Controls

    • Host Certificates

    • vSphere Installation Bundle (VIB) Validation

    • ESXi Host Log Files

  • Management Layer

    • Overview

    • vSphere Licensing

    • Platform Services Controller

    • Access Controls

    • vSphere Global Permissions

    • vCenter Controls

    • Cluster Configurations

    • vCenter Certificates

    • Logging

  • Networking Layer

    • Overview

    • Firewalls

    • Virtual Switches

    • Management Traffic

    • vMotion Traffic

    • VM Network Traffic

    • Storage Network Traffic

  • Virtual Machines

    • Overview

    • VM Controls

    • VM State

    • VM Console Controls

    • VM Templates

  • Standard Recommendations

  • References

Trimarc
1775 I St NW
Suite #1150
Washington, DC 20006

(202) 587-2735

  • Twitter Social Icon

©2020 Trimarc