tailieunhanh - VMware® vCloud™ Director Security Hardening Guide

The Installation and Configuration Guide recommends saving and using the file when installing VMware vCloud Director on additional server hosts, placing it in a location accessible to all target hosts. That recommendation is enhanced here with the requirement that the file only be made available to authorized individuals. Appropriate access controls should be placed on the “location accessible to all target hosts.” Any backups that are made should be carefully controlled and encrypted if your backup software supports that. Once the software is installed on all server hosts, any copies of the file in these accessible locations should. | VMware vCloud Director Security Hardening Guide TECHNICAL WHITE PAPER vmware VMware vCloud Director Security Hardening Guide Table of Contents Multitenancy and Internal Secure Hosting and External VMware vCloud Director Architecture and Security Virtual Machine Security and Security and the Underlying Virtualization Security and the VMware vCloud Director Security and the Virtual Networking Provider-Level Network Organization Network vApp Infrastructure Cell Guest Protecting Sensitive Oracle Database Oracle Database User Administrative Configuring vCenter Configuring VMware vCloud Director to Check vCenter Certificates and Keys for VMware vCloud Director Replacing VMware vCloud Director Network Security General Firewalls Packet Filtering .12 Blocking Malicious Blocking JMX and JMS Web Application Why Deploy a WAF .14 Examples of WAF Remote API Vendors and Configuration of Public Web URLs and TECHNICAL WHITE PAPER 2 VMware vCloud Director Security Hardening Guide WAF Load Balancers and SSL TLS SSL Termination and X-Forwarded-For Securing Access to JMX Limiting Connections to Securing JMX JMS Message Queue JMS Network Network Security for Securing Organization Networks with VLANs and VLAN-backed Network Pools . 18 A Brief VLAN VLAN-Backed Network When To Use VLAN-Backed Network VLAN-Backed Network Pool Securing Organization Networks with VMware vCloud Director Network Isolation- Backed Network Pools.