Book Image

Hyper-V Security

By : Eric Siron, Andrew Syrewicze
Book Image

Hyper-V Security

By: Eric Siron, Andrew Syrewicze

Overview of this book

Table of Contents (15 chapters)
Hyper-V Security
About the Authors
About the Reviewers

Employing anti-malware on a virtual machine

While the value of using anti-malware in the parent partition is generally frowned upon due to performance concerns, and while there is the possibility of inadvertently damaging guest files, there is no such concern when it comes to the guests. Because the guests run all types of software, they automatically have a much greater attack surface than the management operating system.

The potential negative reach of anti-malware in the guest is limited. Anywhere that such software is employed, there is a concern that it might detect a false positive. This happens when anti-malware incorrectly classifies safe, official software as a threat. The software will then take some action to mitigate this threat, and in the case of a false positive, this can be highly disruptive to operations.

When such a false positive occurs in the management operating system, every single virtual machine could be a victim. The reason why this is more of a concern at the management...