Keeping track of Security issues associated with virtualization requires a serious investment in time. To aid in that I have put together the top virtualization security links that will continue to grow over time.
The following links are just a sample of what is at the aforementioned site and should be read in order for those interested in securing your VMware Virtual Infrastructure and unfamiliar with VMware ESX, at the same time these are great references for the experienced administrator.
- VMware Virtual Networking Concepts
- VMware ESX Server 3: 802.1Q VLAN Solutions
- Security Design of the VMware 3 Architecture
- DMZ Virtualization with VMware Infrastructure
- VMware Infrastructure 3 Hardening
- CISecurity VMware ESX Security Benchmark followed by the CISecurity Linux Benchmark
- DISA STIG (ESX STIG depends on the UNIX STIG)
- Proven Practice: VI3 Security Risk Assessment – Xtravirt.com
- Remote Authentication – Full/Partial AD Integration, Secure LDAP, NIS, …
It is recommended to read as each guide or benchmark as each covers things from a slightly different but useful perspective.