Book Image

Hyper-V Security

Book Image

Hyper-V Security

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Hyper-V Security
Dec, 2014 | 184 pages
No titles found
Table of Contents (15 chapters)
Hyper-V Security
Hyper-V Security
Credits
Credits
About the Authors
About the Authors
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Introducing Hyper-V Security
Introducing Hyper-V Security
The importance of Hyper-V security
Basic security concerns
A starting point to security
Hyper-V terminology
Acquiring Hyper-V
Summary
2
Securing the Host
Securing the Host
Understanding Hyper-V's architecture
Choosing a management operating system
Disabling unnecessary components
Using the Windows Firewall
Relying on domain security
Leveraging Group Policy
Using security software
Configuring Windows Update
Employing remote management tools
Following general best practices
Summary
3
Securing Virtual Machines from the Hypervisor
Securing Virtual Machines from the Hypervisor
Using the Hyper-V Administrators group
Leveraging PowerShell Remoting
Using custom PowerShell Remoting endpoints
Summary
4
Securing Virtual Machines
Securing Virtual Machines
Understanding the security environment of VMs
Leveraging Generation 2 virtual machines
Employing anti-malware on a virtual machine
Using Group Policy with virtual machines
Limiting exposure with resource limitations
Applying general best practices
Summary
5
Securing the Network
Securing the Network
Understanding SSL encryption
Leveraging network hardware
Using the virtual switch's isolating technologies
Employing Hyper-V virtual switch ACLs
Configuring the Windows Firewall
Using management tools remotely
Using Hyper-V with IPsec
Configuring virtual network adapter protections
Encrypting cluster communications
Securing Hyper-V Replica traffic
Summary
6
Securing Hyper-V Storage
Securing Hyper-V Storage
Configuring NTFS security for VM storage
Securing SMB 3.0 shares for VM storage
Securing iSCSI connections
Using Secure Boot
Using BitLocker
Understanding the role of backup
Summary
7
Hyper-V Security and System Center VMM
Hyper-V Security and System Center VMM
Enhancing Hyper-V host security through VMM
Securing the VMM installation
Network virtualization and multi-tenancy
Providing secure self-service with the Windows Azure Pack
Summary
8
Secure Hybrid Cloud Management through App Controller
Secure Hybrid Cloud Management through App Controller
System requirements
Installing App Controller
App Controller's role-based security model
Summary
Index
Index

Leveraging Generation 2 virtual machines

A new feature of Hyper-V in the 2012 R2 series is Generation 2 virtual machines. While the traditional virtual machine uses an emulated BIOS, these make use of the newer, more efficient and robust Unified Extensible Firmware Interface (UEFI) model. The greatest benefit of using these virtual machines is quicker boot up times. They don't offer a great deal more than that and almost nothing in terms of security. A Generation 2 virtual machine doesn't use emulated hardware, so a compromise of vmwp.exe would theoretically have less impact on a Generation 2 guest. However, the likelihood of such a compromise is so low that this is of little concern.

What the Generation 2 VM does offer in terms of security is Secure Boot. Secure Boot is an agreement between the firmware and the boot image whether it is a DVD, hard drive file, or PXE image. This is handled by a PKI configuration in which the firmware can recognize the digital signatures presented by the boot...

Previous Section
End of Section 3
Next Section