Virtualization

VNet Security, LLC focuses completely on VMware technologies and will be with you at every stage to ensure a smooth deployment of your infrastructure. Our VMware consultants are dedicated individuals who specialize in VMware technologies.

Overview

Our consulting and professional services can plan, build, optimize and validate for compliance all aspects of your VMware architecture. We increase your operational capacity by utilizing VMware virtualization along with storage configuration, data protection and networking best practices to align your organization for maximum efficiency. In turn, this will save your company time, energy and will allow you to align your infrastructure to meet your business requirements.

Design and Implementation

Whether your organization is considering VMware virtualization or have already deployed some form of it, we can assist you at any stage. Our professional service engineers have years of experience and will implement VMware best practices to achieve a scalable, redundant and robust solution for your company.

Security

Our expert virtualization team will harden your VMware vSphere 4.1 Security with a cost effective Best Practices approach using security guidance from the VMware vSphere 4.1 Hardening Guide covering these 5 areas:

• Virtual Machines
• Host
• Network
• Center
• Console OS (for ESX)

Compliance - Network Scanning, Vulnerability Testing and Penetration Testing

VNet Security has developed a comprehensive methodology that provides the framework for all of our complex project services that relate to the testing and validation of information security controls and provides guidance to project team members to assure that consistent, repeatable, quality driven results are delivered to our customers in each engagement.

This methodology is based on key elements of industry recognized best practices and several assessment and testing methodologies including:

• National Security Agency INFOSEC Assessment Methodology (IAM)
• National Institute of Standards and Technology (NIST) Security Testing Standards
• ISO17799/BS7799 Assessment Guidelines
• NERC Reliability Standards CIP-001 through CIP-009

This methodology is then coupled with processes and tools that mimic or simulate steps and procedures actual hackers often utilize to find, identify, map, research and exploit target assets. This coupling of best practices and hacker techniques provides for a high level of confidence in the information gained throughout the information security assessment engagement and maintains a direct correlation with actual threats and extends through assessment and testing of physical security and physical security controls.

Our methodology and approach focuses on the following key elements:

• Identify Customer Concerns
• Identify Assessment Scope
• Develop Assessment Plan
• System Testing & System Research
• Create Written Report
• Deliver Customer Out-Brief

We utilizes a combination of commercial, open source and internally developed tools and scripts to perform testing including but not limited to:

• Nessus
• Nikto/Wikto
• DumpACL,
• SuperScan
• L0pht
• Cain & Abel
• Fping
• L0phtCrack
• WebInspect
• IkeScan
• Metasploit
• Netcat
• Dsniff
• THC Amap/Hydra
• Firewalk/Hping
• Nemesis Project

Specific testing procedures, what is tested and how it is tested and/or exploited depends on the scope of the testing, size of the organization, type of networks and operating systems being tested, type of services and vulnerabilities found, and the type of tools employed.