Book Image

Hyper-V Security

By : Eric Siron, Andy Syrewicze
Book Image

Hyper-V Security

By: Eric Siron, Andy Syrewicze

Overview of this book

Hyper-V Security is intended for administrators with a solid working knowledge of Hyper-V Server, Windows Server, and Active Directory. An administrator with a functional environment will be able to use the knowledge and examples present in this book to enhance security.
Table of Contents (10 chapters)
9
Index

Relying on domain security


Unfortunately, an all too common myth around Hyper-V security is that it is better to keep the Hyper-V host in workgroup mode. In reality, if an Active Directory domain is available, it is almost universally better to place all computer systems that are part of the local network into the domain, including the Hyper-V host. The lone exception is for systems that are so high-risk that it's almost expected that they'll be compromised. For these systems, the use of a perimeter network (also known as a DMZ) is a suitable solution. However, it is possible to use Hyper-V inside the local network while allowing all or some virtual machines to access only the perimeter. These options will be seen in Chapter 5, Securing the Network.

For systems that are within the local network, there are quite a few problems with using workgroup security when Active Directory services are available:

  • Username and password combinations must be transmitted for remote connections; while usually...