Until now, we focused on the host and hypervisor. Virtual machines (VMs) run a complete operating system, usually attached to the network, and are presented to the rest of the world in much the same way as a physical machine would be. With the built-in isolation of the guest from its host, it's impossible for the hypervisor to provide multiple intercessions on behalf of the virtual machine. In this chapter, we will talk about the ways in which virtual machines are—and are not—special in terms of security.
In this chapter, you will learn about:
Understanding the security environment of virtual machines
Leveraging Generation 2 virtual machines
Employing anti-malware on a virtual machine
Considering intrusion prevention and detection strategies
Using Group Policy with virtual machines
Limiting exposure through resource restrictions
Applying general best practices