SlideShare una empresa de Scribd logo

Kl 031.30 eng_class_setup_guide_1.2

Descargar como DOCX, PDF
F
Freddy Ortiz

LABORATORIO KASPERSKY

Tecnología
1 de 13
1 Class Setup Guide
2 KASPERSKY LAB KL 031.30. Kaspersky Security f or Virtualization 3.0. Light Agent Class Setup Guide Chapter 1. Description 1.1 Guide Description This Guide helps to prepare a class for the "Kaspersky Security for Virtualization 3.0. Light Agent" training. The guide describes the class setup in detail (virtual machines, their characteristics and interrelations) for trainers who need to thoroughly understand the training environment. For technicians who just prepare the class and do not want or need to understand the training environment, the guide contains step-by-step instructions on how to configure physical and virtual computers. Additionally, the guide explains the reasons why the described configuration was selected and how the instruction can be changed depending on the available equipment. 1.2 Environment Description All labs will be done on virtual machines. The guide presumes that VMWare Workstation is used. An abstract ABC company is considered in the labs. Its computers belong to the abc.lab domain. Computers The following computers will be used in the labs: — DC—domain controller and DNS server of the abc.lab domain. Is used in all labs as an infrastructure element, meaning, must be running, but actions are not performed there. — Client—a user’s workstation from which he or she connects to an RDS virtual machine. RemoteFX demonstration requires the latest version of the RDP protocol that can be installed on Windows 7 SP1. We will use Windows 8 in our labs, where everything works out of the box — Hyper-V—the hypervisor where the virtual machines listed below are deployed; it also runs the roles necessary for Remote Desktop Services — Router—a virtual machine that connects the external network (VMware NAT) and virtual networks. Also performs the roles of a DHCP server and DNS relay. — Security-Center (or SC)—a computer whose main role is to be the Administration Server in the ABC company. It belongs to the ABC domain and has a static IP address. — Master—a template virtual machine for the Remote Desktop Services collection — SVM-FO—a virtual machine, the Protection Server of Kaspersky Security for Virtualization. Will be used for demonstrating how the Light Agent switches between the Protection Servers if one of them malfunctions
3 Domain All computers belong to the ABC domain. Users The account of the domain administrator (ABCAdministrator) will be used on most of the computers. The ABCAlex account will be used for accessing virtual machines belonging to the Remote Desktop Services pool. The password is Ka5per5Ky for all users Subnets Two subnets are configured for virtual machines in ABC company: 10.28.1.0/24 and 10.28.2.0/24. The former is designed for servers, the Administration Server will belong to it, and the latter—for Remote Desktop Services virtual machines. The domain controller should not run within Hyper-V to avoid connectivity issues, therefore the DC machine is configured within the VMware NAT network. It is necessary to change the default address for this network: open Edit | Virtual Network Editor, select the NAT interface (usually, VMNet8) and specify address 10.28.0.0/24. These specific addresses of subnets are not particularly important, but they were used when designing the course labs and are mentioned in the Lab Guide. The network schema is as follows Operating systems The computers that perform server functions are running Windows 2012 Standard Edition. On other computers, Windows 8 Enterprise is installed.
4 KASPERSKY LAB KL 031.30. Kaspersky Security f or Virtualization 3.0. Light Agent Class Setup Guide Hardware requirements The host machine must have at least 12 GB RAM, preferably 16 GB. Another (and maybe even more important) bottleneck is the disk subsystem. A host machine with one HDD drive usually cannot ensure comfortable performance. An SSD drive or performance-oriented RAID configuration is preferred.
5 Chapter 2. Class Setup Guide 2.1 DC 1. Create a virtual machine with the following minimal configuration: — 1024 MB RAM — 40 GB hard drive — One network adapter (NAT) 2. Install Windows Server 2012 Standard: — Computer name—DC — IP address—10.28.0.10 — DNS server and gateway—10.28.0.2 — Local administrator password—Ka5per5Ky 3. Add the Active Directory Domain Services server role with the following parameters: — New forest; — Root domain named abc.lab; — Password for the directory services restore mode—Ka5per5Ky; — Other parameters—by default. 4. Add domain users — Alex with Ka5per5Ky password 5. Modify the domain policy — In the Server Manager, select Tools | Group Policy Management, then on the shortcut menu of the Domains / abc.lab / Default domain policy object, click Edit — Disable automatic Windows Updates (in Group Policy Object Editor, expand Computer Configuration, Administrative Templates, Windows Components, click Windows Update, double-click Configure Automatic Updates, and then click Disabled) — Disable Windows Defender (in Group Policy Object Editor, expand Computer Configuration, Administrative Templates, Windows Components, click Windows Defender, double-click Turn off Windows Defender, and then click Enabled) — Enable RDP redirection of RemoteFX USB Devices (in Group Policy Object Editor, expand Computer Configuration, Administrative Templates, Windows Components, click Remote Desktop Services, Remote Desktop Connection Client, RemoteFX USB Device Redirection, then set Allow RDP redirection of the supported RemoteFX USB Devices from this computer to Enabled and change RemoteFX USB Redirection Access Rights to Administrators and Users) — Disable Windows Firewall for the domain profile (In Group Policy Object Editor: User Configuration, Policies, Windows Settings, Security Settings, Windows Firewall with Advanced Security)
6 KASPERSKY LAB KL 031.30. Kaspersky Security f or Virtualization 3.0. Light Agent Class Setup Guide — Disable SmartScreen Filter for the Internet Zone (in Group Policy Object Editor: User Configuration, Policies, Administrative Templates, Windows Components, Internet Explorer, Internet Control Panel, Security Page, Internet Zone, Turn on SmartScreen Filter scan = Disabled) — Disable Maximum Password Age: select Not Defined for this parameter (in Group Policy Object Editor: User Configuration, Policies, Windows Settings, Security Settings, Account Policies, Password Policy) 6. For the Administrator and Alex users, enable the Password never expires parameter 7. Reduce RAM to 860 MB (optional) 8. When all virtual machines are ready, turn off DC and make a snapshot named Ready 2.2 Client 1. Create a virtual machine with the following minimal configuration: — 1 GB RAM — 40 GB hard drive — NAT network adapter 2. Install Windows 8 Enterprise Edition: — Computer name—Client — Network parameters:  IP address—10.28.0.110  Default gateway—10.28.0.2  DNS server —10.28.0.10 — Local administrator password—Ka5per5Ky 3. Join Client to ABC domain 4. Add route to the VDI subnet: — Run PowerShell as administrator. Find out the ifIndex of the adapter Get-NetAdapter — Carry out: New-NetRoute –DestinationPrefix 10.28.2.0/24 –NextHop 10.28.0.3 -ifIndex <adapter index> 5. Enable redirection of removable USB devices . Run the following command from an elevated command prompt: reg add "HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindows NTTerminal ServicesClientUsbSelectDeviceByInterfaces" /v 101 /t REG_SZ /d “{A5DCBF10-6530-11D2-901F-00C04FB951ED}” /f 6. Turn off the machine and make a snapshot named Ready
7 2.3 Hyper-V 1. Create a virtual machine with the following minimal configuration: — 2 CPU cores — 8 GB RAM — 150 GB hard drive — Network adapter connected to VMware NAT 2. Install Windows Server 2012 Enterprise Edition: — Computer name—Hyper-V — NAT network adapter parameters:  IP address—10.28.0.50  Default gateway—10.28.0.2  DNS server —10.28.0.10 — Local administrator password—Ka5per5Ky 3. Edit the configuration file of the virtual machine to enable installation of the Hyper-V role on the VMware Workstation hypervisor: — Turn off Hyper-V — In the folder of the Hyper-V virtual machine, open Hyper-V.vmx with Notepad and add the following string: hypervisor.cpuid.v0 = “FALSE” 4. Select Virtualization engine — Open the settings of the virtual machine in VMware Workstation — Click the processor and select Virtualize Intel VT-x/EPT or AMD-V/RVI 5. Power on the virtual machine 6. Join Hyper-V to ABC domain 7. Log on to the system under the ABCAdministrator account 8. Add the Hyper-V server role — Proceed through all steps. Do not change anything except:  Select the network adapter for the virtual switch 9. Pin the Hyper-V Manager shortcut to the taskbar 10. Create two virtual switches — Open the Server Manager console, select Tools | Hyper-V Manager — In the right pane, select Virtual Switch Manager — Select New virtual network switch, then select Private and click Create Virtual Switch — Rename the switch to Servers and click Apply — Likewise, create another Private switch named VDI — Rename the virtual switch created during the Hyper-V installation to External 11. Set up the Router computer (see below) 12. Deploy the Master virtual machine (see below)
8 KASPERSKY LAB KL 031.30. Kaspersky Security f or Virtualization 3.0. Light Agent Class Setup Guide 13. Install Remote Desktop Services — In the Add Roles and Features Wizard, select Remote Desktop Services installation — Select Standard Deployment — Select Virtual machine-based desktop deployment — Add the following roles to the Hyper-V computer one by one:  RD Connection Broker server  RD Web Access server  RD Virtualization Host server 14. Create a collection — Make sure that the Router computer is configured and running — Open Server Manager | Remote Desktop Services | Collections — In the Collections section, click Tasks | Create Virtual Desktop Collection — Type Lab for the collection name — Select the Master computer for the template — Select the time zone and domain name: abc.lab — Specify the number of machines in the collection: 1. You can specify 2 if the resources are plentiful; however, re-creating the collection will take more time during the labs in this case — Disable User profile disks 15. Set up the Master computer — Power on the virtual machine — Complete the initial setup wizard, similarly to an installation — You will have to create a new user, for example, User2 — (Optional) Delete User2 — Join the Master computer to the domain 16. In the C:UsersPublicDocumentsHyper-VVirtual hard disks folder (virtual machine hard drives are stored here by default), create a directory named SVM-FO 17. Deploy SVM-FO virtual machine (is described in the Security-Center section) 18. Open the properties of the SVM-FO virtual machine and change the network to VDI 19. Shut down all virtual machines except for Router and Lab-0 (a virtual machine from the Remote Desktop Services collection). The Router should not be shut down, then it will start up as soon the Hyper-V computer starts. Shut down Hyper-V and make a snapshot named Ready. 2.4 Router 1. Vyatta Core is used for the router. Its distribution can be downloaded from http://www.vyatta.org/downloads (Virtualization ISO) 2. In the Hyper-V Manager console, create a virtual machine with the following configuration: — Name—Router — 128 MB RAM — Network adapter connected to the External switch — 1 GB hard disk — Boot from the Vyatta Live CD iso image
9 3. Add two more cards — Open the virtual machine settings — On the Add Hardware tab, select Network Adapter — Click Add — Select the Servers virtual switch for the created network adapter — Click Apply — Similarly, add a network adapter connected to the VDI switch 4. Power on the virtual machine 5. Log on to the system using the vyatta login and vyatta password 6. Carry out the install-image command 7. To confirm image installation to the hard drive, type Yes 8. Reject RAID-1 mirroring if two disks are found: No 9. Partitioning—Auto
10 KASPERSKY LAB KL 031.30. Kaspersky Security f or Virtualization 3.0. Light Agent Class Setup Guide 10. Select the sda drive for the installation 11. Confirm destroying all data on it: Yes 12. Allocate all available disk space to the root directory: ENTER. The installer will create and mount the file system 13. Agree to the offered image name: ENTER 14. Agree to copying config.boot: ENTER 15. Specify the administrator’s password, for example, Ka5per5Ky 16. Allow GRUB modify the boot partition on the sda drive: ENTER 17. Carry out the poweroff command 18. Confirm: Yes 19. On the virtual machine menu, click Media | DVD Drive, then Eject
11 20. Power on the virtual machine 21. Log on to the system with the vyatta username and the password specified earlier 22. Use the configure command to enter the configuration mode 23. Configure network interfaces: — set interfaces ethernet eth0 address 10.28.0.3/24 — set interfaces ethernet eth1 address 10.28.1.1/24 — set interfaces ethernet eth2 address 10.28.2.1/24 24. Configure the default gateway and DNS — set system gateway-address 10.28.0.2 — set system name-server 10.28.0.10 25. Save the settings — commit — save 26. Configure NAT: — set nat source rule 10 — set nat source rule 10 source address 10.28.1.0/24 — set nat source rule 10 outbound-interface eth0 — set nat source rule 10 translation address 10.28.0.3 — set nat source rule 20 — set nat source rule 20 source address 10.28.2.0/24 — set nat source rule 20 outbound-interface eth0 — set nat source rule 20 translation address 10.28.0.3 27. Configure DHCP:
12 KASPERSKY LAB KL 031.30. Kaspersky Security f or Virtualization 3.0. Light Agent Class Setup Guide — set service dhcp-server shared-network-name Servers subnet 10.28.1.0/24 start 10.28.1.70 stop 10.28.1.99 — set service dhcp-server shared-network-name Servers subnet 10.28.1.0/24 dns -server 10.28.0.10 — set service dhcp-server shared-network-name Servers subnet 10.28.1.0/24 default-router 10.28.1.1 — set service dhcp-server shared-network-name VDI subnet 10.28.2.0/24 start 10.28.2.100 stop 10.28.2.254 — set service dhcp-server shared-network-name VDI subnet 10.28.2.0/24 dns-server 10.28.0.10 — set service dhcp-server shared-network-name VDI subnet 10.28.2.0/24 default-router 10.28.2.1 28. Save the settings — commit — save 2.5 Security-Center 1. In the Hyper-V Manager console, create a virtual machine with the following minimal configuration: — Name—Security-Center — 1536 MB RAM — 40 GB hard drive — Network adapter connected to the Servers switch 2. Install Windows Server 2012 Standard Edition: — Computer name—Security-Center — Network parameters:  IP address—10.28.1.20  Default gateway—10.28.1.1  DNS server—10.28.0.10 — Local administrator password—Ka5per5Ky 3. Join Security-Center to the domain 4. Log on to the system under the ABCAdministrator account 5. Install Kaspersky Security Center 10 MR1 with the default settings; do not install plug-ins 6. Add Kaspersky Security Center icon to the taskbar 7. Create the following folder structure on the desktop: — LA—root folder. Copy klcfginst.exe (the Protection Server plug-in) into it. Create two more folders within it:  Agent—a folder for the Light Agent. Copy the Light Agent distribution there  SVM—download the Protection Server image with its XML description from kaspersky.com and unpack into this folder 8. Install the Protection Server plug-in 9. Install the Protection Server — Name—SVM-FO — Image folder path: C:UsersPublicDocumentsHyper-VVirtual hard disksSVM-FO — Network—Servers — Password for the root user—Ka5per5Ky
13 10. Run the Download updates to the repository task. 11. Create and run a key installation task for specific computers; in the computer adding window, select Specify computer names manually or import from the list, then add SVM by IP address 12. Run the key installation task on the Protection Server 13. Create and run an Update task for the Protection Server in a similar manner 14. Delete the key installation and update tasks 15. Delete the Protection Server plug-in 16. Shut down SVM-FO and reduce RAM to 512 MB 2.6 Master 1. In the Hyper-V Manager console, create a virtual machine with the following minimal configuration: — Name: Master — 1024 MB RAM — 40 GB hard drive — Network adapter connected to the VDI switch 2. Install Windows 8 Enterprise Edition: — Computer name—Master — Network settings—DHCP — Local administrator password—Ka5per5Ky 3. Join the Master computer to the domain 4. Log on to the system under the ABCAlex account 5. Copy the eicar_com.zip archive to the C:UsersAlex.ABCDownloads folder 6. Prepare a template: — Run cmd as administrator. — Carry out: Sysprepsysprep.exe /generalize /oobe /shutdown /mode:vm

Recomendados

Wtf is happening_inside_my_android_phone_public
Wtf is happening_inside_my_android_phone_publicWtf is happening_inside_my_android_phone_public
Wtf is happening_inside_my_android_phone_publicJaime Blasco
 
The Log4Shell Vulnerability – explained: how to stay secure
The Log4Shell Vulnerability – explained: how to stay secureThe Log4Shell Vulnerability – explained: how to stay secure
The Log4Shell Vulnerability – explained: how to stay secureKaspersky
 
THOR Apt Scanner
THOR Apt ScannerTHOR Apt Scanner
THOR Apt ScannerFlorian Roth
 
MITRE ATT&CKcon 2018: From Technique to Detection, Paul Ewing and Ross Wolf, ...
MITRE ATT&CKcon 2018: From Technique to Detection, Paul Ewing and Ross Wolf, ...MITRE ATT&CKcon 2018: From Technique to Detection, Paul Ewing and Ross Wolf, ...
MITRE ATT&CKcon 2018: From Technique to Detection, Paul Ewing and Ross Wolf, ...MITRE - ATT&CKcon
 
OWASP Europe Summit Portugal 2008. Web Application Assessments
OWASP Europe Summit Portugal 2008. Web Application AssessmentsOWASP Europe Summit Portugal 2008. Web Application Assessments
OWASP Europe Summit Portugal 2008. Web Application AssessmentsInternet Security Auditors
 
[Wroclaw #9] The purge - dealing with secrets in Opera Software
[Wroclaw #9] The purge - dealing with secrets in Opera Software[Wroclaw #9] The purge - dealing with secrets in Opera Software
[Wroclaw #9] The purge - dealing with secrets in Opera SoftwareOWASP
 
OWASP TOP 10
OWASP TOP 10OWASP TOP 10
OWASP TOP 10Robert MacLean
 
The Rising Threat of Fileless Malware
The Rising Threat of Fileless MalwareThe Rising Threat of Fileless Malware
The Rising Threat of Fileless MalwareChelsea Sisson
 

Recomendados

Wtf is happening_inside_my_android_phone_public
Wtf is happening_inside_my_android_phone_publicWtf is happening_inside_my_android_phone_public
Wtf is happening_inside_my_android_phone_publicJaime Blasco
 
The Log4Shell Vulnerability – explained: how to stay secure
The Log4Shell Vulnerability – explained: how to stay secureThe Log4Shell Vulnerability – explained: how to stay secure
The Log4Shell Vulnerability – explained: how to stay secureKaspersky
 
THOR Apt Scanner
THOR Apt ScannerTHOR Apt Scanner
THOR Apt ScannerFlorian Roth
 
MITRE ATT&CKcon 2018: From Technique to Detection, Paul Ewing and Ross Wolf, ...
MITRE ATT&CKcon 2018: From Technique to Detection, Paul Ewing and Ross Wolf, ...MITRE ATT&CKcon 2018: From Technique to Detection, Paul Ewing and Ross Wolf, ...
MITRE ATT&CKcon 2018: From Technique to Detection, Paul Ewing and Ross Wolf, ...MITRE - ATT&CKcon
 
OWASP Europe Summit Portugal 2008. Web Application Assessments
OWASP Europe Summit Portugal 2008. Web Application AssessmentsOWASP Europe Summit Portugal 2008. Web Application Assessments
OWASP Europe Summit Portugal 2008. Web Application AssessmentsInternet Security Auditors
 
[Wroclaw #9] The purge - dealing with secrets in Opera Software
[Wroclaw #9] The purge - dealing with secrets in Opera Software[Wroclaw #9] The purge - dealing with secrets in Opera Software
[Wroclaw #9] The purge - dealing with secrets in Opera SoftwareOWASP
 
OWASP TOP 10
OWASP TOP 10OWASP TOP 10
OWASP TOP 10Robert MacLean
 
The Rising Threat of Fileless Malware
The Rising Threat of Fileless MalwareThe Rising Threat of Fileless Malware
The Rising Threat of Fileless MalwareChelsea Sisson
 
BlackHat 2014 Briefings - Exploiting Fundamental Weaknesses in Botnet C&C Pan...
BlackHat 2014 Briefings - Exploiting Fundamental Weaknesses in Botnet C&C Pan...BlackHat 2014 Briefings - Exploiting Fundamental Weaknesses in Botnet C&C Pan...
BlackHat 2014 Briefings - Exploiting Fundamental Weaknesses in Botnet C&C Pan...Aditya K Sood
 
Nguyen Phuong Truong Anh - Some new vulnerabilities in modern web application
Nguyen Phuong Truong Anh - Some new vulnerabilities in modern web applicationNguyen Phuong Truong Anh - Some new vulnerabilities in modern web application
Nguyen Phuong Truong Anh - Some new vulnerabilities in modern web applicationSecurity Bootcamp
 
Abusing Glype Proxies - Attacks, Exploits and Defences
Abusing Glype Proxies - Attacks, Exploits and DefencesAbusing Glype Proxies - Attacks, Exploits and Defences
Abusing Glype Proxies - Attacks, Exploits and DefencesAditya K Sood
 
security misconfigurations
security misconfigurationssecurity misconfigurations
security misconfigurationsMegha Sahu
 
[OWASP Poland Day] A study of Electron security
[OWASP Poland Day] A study of Electron security[OWASP Poland Day] A study of Electron security
[OWASP Poland Day] A study of Electron securityOWASP
 
[OWASP Poland Day] Web App Security Architectures
[OWASP Poland Day] Web App Security Architectures[OWASP Poland Day] Web App Security Architectures
[OWASP Poland Day] Web App Security ArchitecturesOWASP
 
[Wroclaw #2] iOS Security - 101
[Wroclaw #2] iOS Security - 101[Wroclaw #2] iOS Security - 101
[Wroclaw #2] iOS Security - 101OWASP
 
(130119) #fitalk apt, cyber espionage threat
(130119) #fitalk apt, cyber espionage threat(130119) #fitalk apt, cyber espionage threat
(130119) #fitalk apt, cyber espionage threatINSIGHT FORENSIC
 
Tracking vulnerable JARs
Tracking vulnerable JARsTracking vulnerable JARs
Tracking vulnerable JARsDavid Jorm
 
Automating malware analysis
Automating malware analysis Automating malware analysis
Automating malware analysis Cysinfo Cyber Security Community
 
My tryst with sourcecode review
My tryst with sourcecode reviewMy tryst with sourcecode review
My tryst with sourcecode reviewAnant Shrivastava
 
Michelle K Webster: Malware - Cryptolocker Research Final
Michelle K Webster: Malware - Cryptolocker Research FinalMichelle K Webster: Malware - Cryptolocker Research Final
Michelle K Webster: Malware - Cryptolocker Research FinalM.K. Webster
 
Beyond the mcse red teaming active directory
Beyond the mcse red teaming active directoryBeyond the mcse red teaming active directory
Beyond the mcse red teaming active directoryPriyanka Aash
 
How to Analyze an Android Bot
How to Analyze an Android BotHow to Analyze an Android Bot
How to Analyze an Android BotPriyanka Aash
 
BlueHat v18 || Tales from the soc - real-world attacks seen through azure atp...
BlueHat v18 || Tales from the soc - real-world attacks seen through azure atp...BlueHat v18 || Tales from the soc - real-world attacks seen through azure atp...
BlueHat v18 || Tales from the soc - real-world attacks seen through azure atp...BlueHat Security Conference
 
The Unexpected Attack Vector: Software Updaters
The Unexpected Attack Vector: Software UpdatersThe Unexpected Attack Vector: Software Updaters
The Unexpected Attack Vector: Software UpdatersPriyanka Aash
 
OSCP Preparation Guide @ Infosectrain
OSCP Preparation Guide @ InfosectrainOSCP Preparation Guide @ Infosectrain
OSCP Preparation Guide @ InfosectrainInfosecTrain
 
[Wroclaw #4] WebRTC & security: 101
[Wroclaw #4] WebRTC & security: 101[Wroclaw #4] WebRTC & security: 101
[Wroclaw #4] WebRTC & security: 101OWASP
 
Securing your web applications a pragmatic approach
Securing your web applications a pragmatic approachSecuring your web applications a pragmatic approach
Securing your web applications a pragmatic approachAntonio Parata
 
SANS @Night Talk: SQL Injection Exploited
SANS @Night Talk: SQL Injection ExploitedSANS @Night Talk: SQL Injection Exploited
SANS @Night Talk: SQL Injection ExploitedMicah Hoffman
 
Freeradius edir
Freeradius edirFreeradius edir
Freeradius edirJonas Segovia Velazquez
 
Salt Cloud vmware-orchestration
Salt Cloud vmware-orchestrationSalt Cloud vmware-orchestration
Salt Cloud vmware-orchestrationMo Rawi
 

Más contenido relacionado

La actualidad más candente

BlackHat 2014 Briefings - Exploiting Fundamental Weaknesses in Botnet C&C Pan...
BlackHat 2014 Briefings - Exploiting Fundamental Weaknesses in Botnet C&C Pan...BlackHat 2014 Briefings - Exploiting Fundamental Weaknesses in Botnet C&C Pan...
BlackHat 2014 Briefings - Exploiting Fundamental Weaknesses in Botnet C&C Pan...Aditya K Sood
 
Nguyen Phuong Truong Anh - Some new vulnerabilities in modern web application
Nguyen Phuong Truong Anh - Some new vulnerabilities in modern web applicationNguyen Phuong Truong Anh - Some new vulnerabilities in modern web application
Nguyen Phuong Truong Anh - Some new vulnerabilities in modern web applicationSecurity Bootcamp
 
Abusing Glype Proxies - Attacks, Exploits and Defences
Abusing Glype Proxies - Attacks, Exploits and DefencesAbusing Glype Proxies - Attacks, Exploits and Defences
Abusing Glype Proxies - Attacks, Exploits and DefencesAditya K Sood
 
security misconfigurations
security misconfigurationssecurity misconfigurations
security misconfigurationsMegha Sahu
 
[OWASP Poland Day] A study of Electron security
[OWASP Poland Day] A study of Electron security[OWASP Poland Day] A study of Electron security
[OWASP Poland Day] A study of Electron securityOWASP
 
[OWASP Poland Day] Web App Security Architectures
[OWASP Poland Day] Web App Security Architectures[OWASP Poland Day] Web App Security Architectures
[OWASP Poland Day] Web App Security ArchitecturesOWASP
 
[Wroclaw #2] iOS Security - 101
[Wroclaw #2] iOS Security - 101[Wroclaw #2] iOS Security - 101
[Wroclaw #2] iOS Security - 101OWASP
 
(130119) #fitalk apt, cyber espionage threat
(130119) #fitalk apt, cyber espionage threat(130119) #fitalk apt, cyber espionage threat
(130119) #fitalk apt, cyber espionage threatINSIGHT FORENSIC
 
Tracking vulnerable JARs
Tracking vulnerable JARsTracking vulnerable JARs
Tracking vulnerable JARsDavid Jorm
 
My tryst with sourcecode review
My tryst with sourcecode reviewMy tryst with sourcecode review
My tryst with sourcecode reviewAnant Shrivastava
 
Michelle K Webster: Malware - Cryptolocker Research Final
Michelle K Webster: Malware - Cryptolocker Research FinalMichelle K Webster: Malware - Cryptolocker Research Final
Michelle K Webster: Malware - Cryptolocker Research FinalM.K. Webster
 
Beyond the mcse red teaming active directory
Beyond the mcse red teaming active directoryBeyond the mcse red teaming active directory
Beyond the mcse red teaming active directoryPriyanka Aash
 
How to Analyze an Android Bot
How to Analyze an Android BotHow to Analyze an Android Bot
How to Analyze an Android BotPriyanka Aash
 
BlueHat v18 || Tales from the soc - real-world attacks seen through azure atp...
BlueHat v18 || Tales from the soc - real-world attacks seen through azure atp...BlueHat v18 || Tales from the soc - real-world attacks seen through azure atp...
BlueHat v18 || Tales from the soc - real-world attacks seen through azure atp...BlueHat Security Conference
 
The Unexpected Attack Vector: Software Updaters
The Unexpected Attack Vector: Software UpdatersThe Unexpected Attack Vector: Software Updaters
The Unexpected Attack Vector: Software UpdatersPriyanka Aash
 
OSCP Preparation Guide @ Infosectrain
OSCP Preparation Guide @ InfosectrainOSCP Preparation Guide @ Infosectrain
OSCP Preparation Guide @ InfosectrainInfosecTrain
 
[Wroclaw #4] WebRTC & security: 101
[Wroclaw #4] WebRTC & security: 101[Wroclaw #4] WebRTC & security: 101
[Wroclaw #4] WebRTC & security: 101OWASP
 
Securing your web applications a pragmatic approach
Securing your web applications a pragmatic approachSecuring your web applications a pragmatic approach
Securing your web applications a pragmatic approachAntonio Parata
 
SANS @Night Talk: SQL Injection Exploited
SANS @Night Talk: SQL Injection ExploitedSANS @Night Talk: SQL Injection Exploited
SANS @Night Talk: SQL Injection ExploitedMicah Hoffman
 

La actualidad más candente (20)

BlackHat 2014 Briefings - Exploiting Fundamental Weaknesses in Botnet C&C Pan...
BlackHat 2014 Briefings - Exploiting Fundamental Weaknesses in Botnet C&C Pan...BlackHat 2014 Briefings - Exploiting Fundamental Weaknesses in Botnet C&C Pan...
BlackHat 2014 Briefings - Exploiting Fundamental Weaknesses in Botnet C&C Pan...
 
Nguyen Phuong Truong Anh - Some new vulnerabilities in modern web application
Nguyen Phuong Truong Anh - Some new vulnerabilities in modern web applicationNguyen Phuong Truong Anh - Some new vulnerabilities in modern web application
Nguyen Phuong Truong Anh - Some new vulnerabilities in modern web application
 
Abusing Glype Proxies - Attacks, Exploits and Defences
Abusing Glype Proxies - Attacks, Exploits and DefencesAbusing Glype Proxies - Attacks, Exploits and Defences
Abusing Glype Proxies - Attacks, Exploits and Defences
 
security misconfigurations
security misconfigurationssecurity misconfigurations
security misconfigurations
 
[OWASP Poland Day] A study of Electron security
[OWASP Poland Day] A study of Electron security[OWASP Poland Day] A study of Electron security
[OWASP Poland Day] A study of Electron security
 
[OWASP Poland Day] Web App Security Architectures
[OWASP Poland Day] Web App Security Architectures[OWASP Poland Day] Web App Security Architectures
[OWASP Poland Day] Web App Security Architectures
 
[Wroclaw #2] iOS Security - 101
[Wroclaw #2] iOS Security - 101[Wroclaw #2] iOS Security - 101
[Wroclaw #2] iOS Security - 101
 
(130119) #fitalk apt, cyber espionage threat
(130119) #fitalk apt, cyber espionage threat(130119) #fitalk apt, cyber espionage threat
(130119) #fitalk apt, cyber espionage threat
 
Tracking vulnerable JARs
Tracking vulnerable JARsTracking vulnerable JARs
Tracking vulnerable JARs
 
Automating malware analysis
Automating malware analysis Automating malware analysis
Automating malware analysis
 
My tryst with sourcecode review
My tryst with sourcecode reviewMy tryst with sourcecode review
My tryst with sourcecode review
 
Michelle K Webster: Malware - Cryptolocker Research Final
Michelle K Webster: Malware - Cryptolocker Research FinalMichelle K Webster: Malware - Cryptolocker Research Final
Michelle K Webster: Malware - Cryptolocker Research Final
 
Beyond the mcse red teaming active directory
Beyond the mcse red teaming active directoryBeyond the mcse red teaming active directory
Beyond the mcse red teaming active directory
 
How to Analyze an Android Bot
How to Analyze an Android BotHow to Analyze an Android Bot
How to Analyze an Android Bot
 
BlueHat v18 || Tales from the soc - real-world attacks seen through azure atp...
BlueHat v18 || Tales from the soc - real-world attacks seen through azure atp...BlueHat v18 || Tales from the soc - real-world attacks seen through azure atp...
BlueHat v18 || Tales from the soc - real-world attacks seen through azure atp...
 
The Unexpected Attack Vector: Software Updaters
The Unexpected Attack Vector: Software UpdatersThe Unexpected Attack Vector: Software Updaters
The Unexpected Attack Vector: Software Updaters
 
OSCP Preparation Guide @ Infosectrain
OSCP Preparation Guide @ InfosectrainOSCP Preparation Guide @ Infosectrain
OSCP Preparation Guide @ Infosectrain
 
[Wroclaw #4] WebRTC & security: 101
[Wroclaw #4] WebRTC & security: 101[Wroclaw #4] WebRTC & security: 101
[Wroclaw #4] WebRTC & security: 101
 
Securing your web applications a pragmatic approach
Securing your web applications a pragmatic approachSecuring your web applications a pragmatic approach
Securing your web applications a pragmatic approach
 
SANS @Night Talk: SQL Injection Exploited
SANS @Night Talk: SQL Injection ExploitedSANS @Night Talk: SQL Injection Exploited
SANS @Night Talk: SQL Injection Exploited
 

Similar a Kl 031.30 eng_class_setup_guide_1.2

Salt Cloud vmware-orchestration
Salt Cloud vmware-orchestrationSalt Cloud vmware-orchestration
Salt Cloud vmware-orchestrationMo Rawi
 
Sdwest2008 V101 F Dpowerpoint Final
Sdwest2008 V101 F Dpowerpoint FinalSdwest2008 V101 F Dpowerpoint Final
Sdwest2008 V101 F Dpowerpoint FinalStephen Rose
 
DirectShare Quick Start Setup Guide
DirectShare Quick Start Setup GuideDirectShare Quick Start Setup Guide
DirectShare Quick Start Setup GuideChristian Petrou
 
Bare Metal to OpenStack with Razor and Chef
Bare Metal to OpenStack with Razor and ChefBare Metal to OpenStack with Razor and Chef
Bare Metal to OpenStack with Razor and ChefMatt Ray
 
Powervc upgrade from_1.3.0.2_to_1.3.2.0
Powervc upgrade from_1.3.0.2_to_1.3.2.0Powervc upgrade from_1.3.0.2_to_1.3.2.0
Powervc upgrade from_1.3.0.2_to_1.3.2.0Gobinath Panchavarnam
 
Netxms install guide
Netxms install guideNetxms install guide
Netxms install guideNaga Raju N
 
Chef arista devops days a'dam 2015
Chef arista devops days a'dam 2015Chef arista devops days a'dam 2015
Chef arista devops days a'dam 2015Edwin Beekman
 
Network Automation Tools
Network Automation ToolsNetwork Automation Tools
Network Automation ToolsEdwin Beekman
 
Load Balancer Device and Configurations.
Load Balancer Device and Configurations.Load Balancer Device and Configurations.
Load Balancer Device and Configurations.Web Werks Data Centers
 
Installing oracle grid infrastructure and database 12c r1
Installing oracle grid infrastructure and database 12c r1Installing oracle grid infrastructure and database 12c r1
Installing oracle grid infrastructure and database 12c r1Voeurng Sovann
 
Tech X Virtualization Tips
Tech X Virtualization TipsTech X Virtualization Tips
Tech X Virtualization TipsYoussef EL HADJ
 
Citrix xen desktop by Naeem ali saifi from Ricoh
Citrix xen desktop by Naeem ali saifi from RicohCitrix xen desktop by Naeem ali saifi from Ricoh
Citrix xen desktop by Naeem ali saifi from Ricohctxnaeem
 

Similar a Kl 031.30 eng_class_setup_guide_1.2 (20)

Freeradius edir
Freeradius edirFreeradius edir
Freeradius edir
 
Salt Cloud vmware-orchestration
Salt Cloud vmware-orchestrationSalt Cloud vmware-orchestration
Salt Cloud vmware-orchestration
 
Sdwest2008 V101 F Dpowerpoint Final
Sdwest2008 V101 F Dpowerpoint FinalSdwest2008 V101 F Dpowerpoint Final
Sdwest2008 V101 F Dpowerpoint Final
 
DirectShare Quick Start Setup Guide
DirectShare Quick Start Setup GuideDirectShare Quick Start Setup Guide
DirectShare Quick Start Setup Guide
 
Bare Metal to OpenStack with Razor and Chef
Bare Metal to OpenStack with Razor and ChefBare Metal to OpenStack with Razor and Chef
Bare Metal to OpenStack with Razor and Chef
 
IBM Notes in the Cloud
IBM Notes in the CloudIBM Notes in the Cloud
IBM Notes in the Cloud
 
module B.docx
module B.docxmodule B.docx
module B.docx
 
Howto Pxeboot
Howto PxebootHowto Pxeboot
Howto Pxeboot
 
Powervc upgrade from_1.3.0.2_to_1.3.2.0
Powervc upgrade from_1.3.0.2_to_1.3.2.0Powervc upgrade from_1.3.0.2_to_1.3.2.0
Powervc upgrade from_1.3.0.2_to_1.3.2.0
 
Netxms install guide
Netxms install guideNetxms install guide
Netxms install guide
 
Aruba instant iap setup rev3
Aruba instant iap setup rev3Aruba instant iap setup rev3
Aruba instant iap setup rev3
 
Chef arista devops days a'dam 2015
Chef arista devops days a'dam 2015Chef arista devops days a'dam 2015
Chef arista devops days a'dam 2015
 
Network Automation Tools
Network Automation ToolsNetwork Automation Tools
Network Automation Tools
 
Load Balancer Device and Configurations.
Load Balancer Device and Configurations.Load Balancer Device and Configurations.
Load Balancer Device and Configurations.
 
How to configure esx to pass an audit
How to configure esx to pass an auditHow to configure esx to pass an audit
How to configure esx to pass an audit
 
Dev stacklabguide
Dev stacklabguideDev stacklabguide
Dev stacklabguide
 
Devstack lab guide
Devstack lab guideDevstack lab guide
Devstack lab guide
 
Installing oracle grid infrastructure and database 12c r1
Installing oracle grid infrastructure and database 12c r1Installing oracle grid infrastructure and database 12c r1
Installing oracle grid infrastructure and database 12c r1
 
Tech X Virtualization Tips
Tech X Virtualization TipsTech X Virtualization Tips
Tech X Virtualization Tips
 
Citrix xen desktop by Naeem ali saifi from Ricoh
Citrix xen desktop by Naeem ali saifi from RicohCitrix xen desktop by Naeem ali saifi from Ricoh
Citrix xen desktop by Naeem ali saifi from Ricoh
 

Último

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Bhuvaneswari Subramani
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Zilliz
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 

Último (20)

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 

Kl 031.30 eng_class_setup_guide_1.2

  • 2. 2 KASPERSKY LAB KL 031.30. Kaspersky Security f or Virtualization 3.0. Light Agent Class Setup Guide Chapter 1. Description 1.1 Guide Description This Guide helps to prepare a class for the "Kaspersky Security for Virtualization 3.0. Light Agent" training. The guide describes the class setup in detail (virtual machines, their characteristics and interrelations) for trainers who need to thoroughly understand the training environment. For technicians who just prepare the class and do not want or need to understand the training environment, the guide contains step-by-step instructions on how to configure physical and virtual computers. Additionally, the guide explains the reasons why the described configuration was selected and how the instruction can be changed depending on the available equipment. 1.2 Environment Description All labs will be done on virtual machines. The guide presumes that VMWare Workstation is used. An abstract ABC company is considered in the labs. Its computers belong to the abc.lab domain. Computers The following computers will be used in the labs: — DC—domain controller and DNS server of the abc.lab domain. Is used in all labs as an infrastructure element, meaning, must be running, but actions are not performed there. — Client—a user’s workstation from which he or she connects to an RDS virtual machine. RemoteFX demonstration requires the latest version of the RDP protocol that can be installed on Windows 7 SP1. We will use Windows 8 in our labs, where everything works out of the box — Hyper-V—the hypervisor where the virtual machines listed below are deployed; it also runs the roles necessary for Remote Desktop Services — Router—a virtual machine that connects the external network (VMware NAT) and virtual networks. Also performs the roles of a DHCP server and DNS relay. — Security-Center (or SC)—a computer whose main role is to be the Administration Server in the ABC company. It belongs to the ABC domain and has a static IP address. — Master—a template virtual machine for the Remote Desktop Services collection — SVM-FO—a virtual machine, the Protection Server of Kaspersky Security for Virtualization. Will be used for demonstrating how the Light Agent switches between the Protection Servers if one of them malfunctions
  • 3. 3 Domain All computers belong to the ABC domain. Users The account of the domain administrator (ABCAdministrator) will be used on most of the computers. The ABCAlex account will be used for accessing virtual machines belonging to the Remote Desktop Services pool. The password is Ka5per5Ky for all users Subnets Two subnets are configured for virtual machines in ABC company: 10.28.1.0/24 and 10.28.2.0/24. The former is designed for servers, the Administration Server will belong to it, and the latter—for Remote Desktop Services virtual machines. The domain controller should not run within Hyper-V to avoid connectivity issues, therefore the DC machine is configured within the VMware NAT network. It is necessary to change the default address for this network: open Edit | Virtual Network Editor, select the NAT interface (usually, VMNet8) and specify address 10.28.0.0/24. These specific addresses of subnets are not particularly important, but they were used when designing the course labs and are mentioned in the Lab Guide. The network schema is as follows Operating systems The computers that perform server functions are running Windows 2012 Standard Edition. On other computers, Windows 8 Enterprise is installed.
  • 4. 4 KASPERSKY LAB KL 031.30. Kaspersky Security f or Virtualization 3.0. Light Agent Class Setup Guide Hardware requirements The host machine must have at least 12 GB RAM, preferably 16 GB. Another (and maybe even more important) bottleneck is the disk subsystem. A host machine with one HDD drive usually cannot ensure comfortable performance. An SSD drive or performance-oriented RAID configuration is preferred.
  • 5. 5 Chapter 2. Class Setup Guide 2.1 DC 1. Create a virtual machine with the following minimal configuration: — 1024 MB RAM — 40 GB hard drive — One network adapter (NAT) 2. Install Windows Server 2012 Standard: — Computer name—DC — IP address—10.28.0.10 — DNS server and gateway—10.28.0.2 — Local administrator password—Ka5per5Ky 3. Add the Active Directory Domain Services server role with the following parameters: — New forest; — Root domain named abc.lab; — Password for the directory services restore mode—Ka5per5Ky; — Other parameters—by default. 4. Add domain users — Alex with Ka5per5Ky password 5. Modify the domain policy — In the Server Manager, select Tools | Group Policy Management, then on the shortcut menu of the Domains / abc.lab / Default domain policy object, click Edit — Disable automatic Windows Updates (in Group Policy Object Editor, expand Computer Configuration, Administrative Templates, Windows Components, click Windows Update, double-click Configure Automatic Updates, and then click Disabled) — Disable Windows Defender (in Group Policy Object Editor, expand Computer Configuration, Administrative Templates, Windows Components, click Windows Defender, double-click Turn off Windows Defender, and then click Enabled) — Enable RDP redirection of RemoteFX USB Devices (in Group Policy Object Editor, expand Computer Configuration, Administrative Templates, Windows Components, click Remote Desktop Services, Remote Desktop Connection Client, RemoteFX USB Device Redirection, then set Allow RDP redirection of the supported RemoteFX USB Devices from this computer to Enabled and change RemoteFX USB Redirection Access Rights to Administrators and Users) — Disable Windows Firewall for the domain profile (In Group Policy Object Editor: User Configuration, Policies, Windows Settings, Security Settings, Windows Firewall with Advanced Security)
  • 6. 6 KASPERSKY LAB KL 031.30. Kaspersky Security f or Virtualization 3.0. Light Agent Class Setup Guide — Disable SmartScreen Filter for the Internet Zone (in Group Policy Object Editor: User Configuration, Policies, Administrative Templates, Windows Components, Internet Explorer, Internet Control Panel, Security Page, Internet Zone, Turn on SmartScreen Filter scan = Disabled) — Disable Maximum Password Age: select Not Defined for this parameter (in Group Policy Object Editor: User Configuration, Policies, Windows Settings, Security Settings, Account Policies, Password Policy) 6. For the Administrator and Alex users, enable the Password never expires parameter 7. Reduce RAM to 860 MB (optional) 8. When all virtual machines are ready, turn off DC and make a snapshot named Ready 2.2 Client 1. Create a virtual machine with the following minimal configuration: — 1 GB RAM — 40 GB hard drive — NAT network adapter 2. Install Windows 8 Enterprise Edition: — Computer name—Client — Network parameters:  IP address—10.28.0.110  Default gateway—10.28.0.2  DNS server —10.28.0.10 — Local administrator password—Ka5per5Ky 3. Join Client to ABC domain 4. Add route to the VDI subnet: — Run PowerShell as administrator. Find out the ifIndex of the adapter Get-NetAdapter — Carry out: New-NetRoute –DestinationPrefix 10.28.2.0/24 –NextHop 10.28.0.3 -ifIndex <adapter index> 5. Enable redirection of removable USB devices . Run the following command from an elevated command prompt: reg add "HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindows NTTerminal ServicesClientUsbSelectDeviceByInterfaces" /v 101 /t REG_SZ /d “{A5DCBF10-6530-11D2-901F-00C04FB951ED}” /f 6. Turn off the machine and make a snapshot named Ready
  • 7. 7 2.3 Hyper-V 1. Create a virtual machine with the following minimal configuration: — 2 CPU cores — 8 GB RAM — 150 GB hard drive — Network adapter connected to VMware NAT 2. Install Windows Server 2012 Enterprise Edition: — Computer name—Hyper-V — NAT network adapter parameters:  IP address—10.28.0.50  Default gateway—10.28.0.2  DNS server —10.28.0.10 — Local administrator password—Ka5per5Ky 3. Edit the configuration file of the virtual machine to enable installation of the Hyper-V role on the VMware Workstation hypervisor: — Turn off Hyper-V — In the folder of the Hyper-V virtual machine, open Hyper-V.vmx with Notepad and add the following string: hypervisor.cpuid.v0 = “FALSE” 4. Select Virtualization engine — Open the settings of the virtual machine in VMware Workstation — Click the processor and select Virtualize Intel VT-x/EPT or AMD-V/RVI 5. Power on the virtual machine 6. Join Hyper-V to ABC domain 7. Log on to the system under the ABCAdministrator account 8. Add the Hyper-V server role — Proceed through all steps. Do not change anything except:  Select the network adapter for the virtual switch 9. Pin the Hyper-V Manager shortcut to the taskbar 10. Create two virtual switches — Open the Server Manager console, select Tools | Hyper-V Manager — In the right pane, select Virtual Switch Manager — Select New virtual network switch, then select Private and click Create Virtual Switch — Rename the switch to Servers and click Apply — Likewise, create another Private switch named VDI — Rename the virtual switch created during the Hyper-V installation to External 11. Set up the Router computer (see below) 12. Deploy the Master virtual machine (see below)
  • 8. 8 KASPERSKY LAB KL 031.30. Kaspersky Security f or Virtualization 3.0. Light Agent Class Setup Guide 13. Install Remote Desktop Services — In the Add Roles and Features Wizard, select Remote Desktop Services installation — Select Standard Deployment — Select Virtual machine-based desktop deployment — Add the following roles to the Hyper-V computer one by one:  RD Connection Broker server  RD Web Access server  RD Virtualization Host server 14. Create a collection — Make sure that the Router computer is configured and running — Open Server Manager | Remote Desktop Services | Collections — In the Collections section, click Tasks | Create Virtual Desktop Collection — Type Lab for the collection name — Select the Master computer for the template — Select the time zone and domain name: abc.lab — Specify the number of machines in the collection: 1. You can specify 2 if the resources are plentiful; however, re-creating the collection will take more time during the labs in this case — Disable User profile disks 15. Set up the Master computer — Power on the virtual machine — Complete the initial setup wizard, similarly to an installation — You will have to create a new user, for example, User2 — (Optional) Delete User2 — Join the Master computer to the domain 16. In the C:UsersPublicDocumentsHyper-VVirtual hard disks folder (virtual machine hard drives are stored here by default), create a directory named SVM-FO 17. Deploy SVM-FO virtual machine (is described in the Security-Center section) 18. Open the properties of the SVM-FO virtual machine and change the network to VDI 19. Shut down all virtual machines except for Router and Lab-0 (a virtual machine from the Remote Desktop Services collection). The Router should not be shut down, then it will start up as soon the Hyper-V computer starts. Shut down Hyper-V and make a snapshot named Ready. 2.4 Router 1. Vyatta Core is used for the router. Its distribution can be downloaded from http://www.vyatta.org/downloads (Virtualization ISO) 2. In the Hyper-V Manager console, create a virtual machine with the following configuration: — Name—Router — 128 MB RAM — Network adapter connected to the External switch — 1 GB hard disk — Boot from the Vyatta Live CD iso image
  • 9. 9 3. Add two more cards — Open the virtual machine settings — On the Add Hardware tab, select Network Adapter — Click Add — Select the Servers virtual switch for the created network adapter — Click Apply — Similarly, add a network adapter connected to the VDI switch 4. Power on the virtual machine 5. Log on to the system using the vyatta login and vyatta password 6. Carry out the install-image command 7. To confirm image installation to the hard drive, type Yes 8. Reject RAID-1 mirroring if two disks are found: No 9. Partitioning—Auto
  • 10. 10 KASPERSKY LAB KL 031.30. Kaspersky Security f or Virtualization 3.0. Light Agent Class Setup Guide 10. Select the sda drive for the installation 11. Confirm destroying all data on it: Yes 12. Allocate all available disk space to the root directory: ENTER. The installer will create and mount the file system 13. Agree to the offered image name: ENTER 14. Agree to copying config.boot: ENTER 15. Specify the administrator’s password, for example, Ka5per5Ky 16. Allow GRUB modify the boot partition on the sda drive: ENTER 17. Carry out the poweroff command 18. Confirm: Yes 19. On the virtual machine menu, click Media | DVD Drive, then Eject
  • 11. 11 20. Power on the virtual machine 21. Log on to the system with the vyatta username and the password specified earlier 22. Use the configure command to enter the configuration mode 23. Configure network interfaces: — set interfaces ethernet eth0 address 10.28.0.3/24 — set interfaces ethernet eth1 address 10.28.1.1/24 — set interfaces ethernet eth2 address 10.28.2.1/24 24. Configure the default gateway and DNS — set system gateway-address 10.28.0.2 — set system name-server 10.28.0.10 25. Save the settings — commit — save 26. Configure NAT: — set nat source rule 10 — set nat source rule 10 source address 10.28.1.0/24 — set nat source rule 10 outbound-interface eth0 — set nat source rule 10 translation address 10.28.0.3 — set nat source rule 20 — set nat source rule 20 source address 10.28.2.0/24 — set nat source rule 20 outbound-interface eth0 — set nat source rule 20 translation address 10.28.0.3 27. Configure DHCP:
  • 12. 12 KASPERSKY LAB KL 031.30. Kaspersky Security f or Virtualization 3.0. Light Agent Class Setup Guide — set service dhcp-server shared-network-name Servers subnet 10.28.1.0/24 start 10.28.1.70 stop 10.28.1.99 — set service dhcp-server shared-network-name Servers subnet 10.28.1.0/24 dns -server 10.28.0.10 — set service dhcp-server shared-network-name Servers subnet 10.28.1.0/24 default-router 10.28.1.1 — set service dhcp-server shared-network-name VDI subnet 10.28.2.0/24 start 10.28.2.100 stop 10.28.2.254 — set service dhcp-server shared-network-name VDI subnet 10.28.2.0/24 dns-server 10.28.0.10 — set service dhcp-server shared-network-name VDI subnet 10.28.2.0/24 default-router 10.28.2.1 28. Save the settings — commit — save 2.5 Security-Center 1. In the Hyper-V Manager console, create a virtual machine with the following minimal configuration: — Name—Security-Center — 1536 MB RAM — 40 GB hard drive — Network adapter connected to the Servers switch 2. Install Windows Server 2012 Standard Edition: — Computer name—Security-Center — Network parameters:  IP address—10.28.1.20  Default gateway—10.28.1.1  DNS server—10.28.0.10 — Local administrator password—Ka5per5Ky 3. Join Security-Center to the domain 4. Log on to the system under the ABCAdministrator account 5. Install Kaspersky Security Center 10 MR1 with the default settings; do not install plug-ins 6. Add Kaspersky Security Center icon to the taskbar 7. Create the following folder structure on the desktop: — LA—root folder. Copy klcfginst.exe (the Protection Server plug-in) into it. Create two more folders within it:  Agent—a folder for the Light Agent. Copy the Light Agent distribution there  SVM—download the Protection Server image with its XML description from kaspersky.com and unpack into this folder 8. Install the Protection Server plug-in 9. Install the Protection Server — Name—SVM-FO — Image folder path: C:UsersPublicDocumentsHyper-VVirtual hard disksSVM-FO — Network—Servers — Password for the root user—Ka5per5Ky
  • 13. 13 10. Run the Download updates to the repository task. 11. Create and run a key installation task for specific computers; in the computer adding window, select Specify computer names manually or import from the list, then add SVM by IP address 12. Run the key installation task on the Protection Server 13. Create and run an Update task for the Protection Server in a similar manner 14. Delete the key installation and update tasks 15. Delete the Protection Server plug-in 16. Shut down SVM-FO and reduce RAM to 512 MB 2.6 Master 1. In the Hyper-V Manager console, create a virtual machine with the following minimal configuration: — Name: Master — 1024 MB RAM — 40 GB hard drive — Network adapter connected to the VDI switch 2. Install Windows 8 Enterprise Edition: — Computer name—Master — Network settings—DHCP — Local administrator password—Ka5per5Ky 3. Join the Master computer to the domain 4. Log on to the system under the ABCAlex account 5. Copy the eicar_com.zip archive to the C:UsersAlex.ABCDownloads folder 6. Prepare a template: — Run cmd as administrator. — Carry out: Sysprepsysprep.exe /generalize /oobe /shutdown /mode:vm