Book Image

Hyper-V Security

By : Eric Siron, Andy Syrewicze
Book Image

Hyper-V Security

By: Eric Siron, Andy Syrewicze

Overview of this book

Hyper-V Security is intended for administrators with a solid working knowledge of Hyper-V Server, Windows Server, and Active Directory. An administrator with a functional environment will be able to use the knowledge and examples present in this book to enhance security.
Table of Contents (10 chapters)
9
Index

Disabling unnecessary components


A general rule in hardening any system is to turn off any system components that lack an identified, definite need. A good place to start narrowing this list to Hyper-V is with the list of roles that Microsoft doesn't support when Hyper-V is enabled. At this time, Microsoft has not published any official statement, but Hyper-V MVP Alessandro Cardoso has written an article on his blog that lists what roles are supported, viewable at http://cloudtidings.com/2013/04/20/sharing-roles-with-hyper-v-on-the-same-physical-host/. These items are:

  • File and Storage Services

  • Failover Clustering components

  • Multipath I/O

  • Remote Desktop Services

Although not specifically mentioned, management tools for all the preceding components as well as for Hyper-V are also allowed.

Tip

If other roles or features are desired, install them in a virtual machine.

The simplest approach is to not enable any features or roles after installing the management operating system, except Hyper-V and entries...