Control access: Only allow users with an identified need to access resources on a virtual machine. This includes service points, such as web services, as well as administrative points, such as RDP. For users that do have access, restrict privilege levels to be no more than what is necessary. Even if you trust your users not to engage in malicious behavior, their sessions could be hijacked by software or attackers.
Stay logged off: Do not attach to RDP or PowerShell sessions on virtual machines and then leave them in a disconnected or idle state. In addition to consuming unnecessary resources, it is easier for an attacker to compromise an existing session than to create a new one.
Monitor usage: Monitoring involves auditing both resource access and resource utilization...
Overview of this book
Table of Contents (15 chapters)
About the Authors
About the Reviewers
Introducing Hyper-V Security
Securing the Host
Securing Virtual Machines from the Hypervisor
Securing Virtual Machines
Securing the Network
Securing Hyper-V Storage
Hyper-V Security and System Center VMM
Secure Hybrid Cloud Management through App Controller