Vous êtes sur la page 1sur 14

Security

Server Security Levels ESX Server Users and Permissions Securing the Service Console

ESX Server System Management I Module 9

Deploying ESX Server Securely


Set Security Level appropriately Create ESX Server users to own VMs Restrict use of root login Isolate virtual machines from Service Console Keep up with patches Use Service Console solely for VM management

2
2

For ESX Server 2.0.1 2003-10-27 Copyright 2003 VMware, Inc. All rights reserved.

ESX Server Security Levels


ssh access High On Access FTP telnet portmap to Web access access (for NFS or NIS) MUI SSL SSL Clear Off On On Off On On Off On On

Medium On Low On

3
3

For ESX Server 2.0.1 2003-10-27 Copyright 2003 VMware, Inc. All rights reserved.

Create ESX Server Users to Own VMs


An ESX Server user is a person who can view or modify a virtual machine
Via Web Management UI or Remote Console Not the same as users in a guest OS

User accounts are created:


During installation Via the VMware Management Interface From the Service Console: useradd c "Jane Doe" jdoe passwd jdoe

Default: Locally stored passwords


Optional: Use Pluggable Authentication Modules (e.g. LDAP, NT Domain) to store passwords elsewhere
4
4
For ESX Server 2.0.1 2003-10-27 Copyright 2003 VMware, Inc. All rights reserved.

Virtual Machine Security


Only R
Can see VM in MUI

RX
Start, Stop, Reset, Suspend VM via MUI, Remote Console, API Access files read-only

RW
Can access VM from MUI but cannot run VM, only monitor Details and Event Logs Configure VM and save changes via MUI Cannot connect to VM via Remote Console Connect to VM via API Access and modify files that make up VM

Check permissions on both the .vmx file and the parent directories

RWX
Full access, actions, and modification privileges

5
5

For ESX Server 2.0.1 2003-10-27 Copyright 2003 VMware, Inc. All rights reserved.

Virtual Machine Configuration Security


Default permissions for .vmx files:
RWX Full access, actions and modification privileges

RX Start, stop, reset, suspend using MUI, Remote Console, or API; Access files readonly
6
6
For ESX Server 2.0.1 2003-10-27 Copyright 2003 VMware, Inc. All rights reserved.

Virtual Disk Security


Default permissions for .dsk files:
RW Full access, actions, and modification privileges

Owner of .vmx file must have access to .dsk file(s)


Simplest case: make ownership the same

7
7

For ESX Server 2.0.1 2003-10-27 Copyright 2003 VMware, Inc. All rights reserved.

User Access to VMs


Web MUI
Web Browser Apache

Remote Console
Remote Console xinetd

VM Authentication

vm-list

Virtual Machine

8
8

For ESX Server 2.0.1 2003-10-27 Copyright 2003 VMware, Inc. All rights reserved.

Restrict Use of root Login


Only user root can perform the following functions:
Govern resource allocation Configure system Import and export virtual disk files Shut down or reboot the ESX server

For all other functions, login as a normal user

9
9

For ESX Server 2.0.1 2003-10-27 Copyright 2003 VMware, Inc. All rights reserved.

Isolating Virtual Machines


Service Console and VMs must be on separate NICs
To separate administration network from VM network

Understand how network traffic can pass from one network to the next
Watch for VMs with NICs on different networks

Physical interfaces must run in promiscuous mode unless they have exactly one VM bound to them

10
10

For ESX Server 2.0.1 2003-10-27 Copyright 2003 VMware, Inc. All rights reserved.

Keep Up With Patches


Only apply VMware-approved security patches
Patches tested prior to release

Article posted to Support Knowledge Base acknowledging security vulnerability


Within 24 hours of notification of an issue

Patches available via Download section of VMware web site


Email notification to the listed technical contact on support contract

11
11

For ESX Server 2.0.1 2003-10-27 Copyright 2003 VMware, Inc. All rights reserved.

Service Console is VM Management Tool


Avoid adding insecure services to Service Console:
telnet FTP X Window System

Use secure services instead


Secure Shell (ssh) Secure Copy (scp)

12
12

For ESX Server 2.0.1 2003-10-27 Copyright 2003 VMware, Inc. All rights reserved.

Summary
Choose the right security level
Secure deployment means matching security level to security environment

Restrict user access to the Service Console Turn off needless services on the Service Console Know your VMs!

13
13

For ESX Server 2.0.1 2003-10-27 Copyright 2003 VMware, Inc. All rights reserved.

Questions?

ESX Server System Management I Module 9