Book Image

Hyper-V Security

Book Image

Hyper-V Security

Overview of this book

Table of Contents (15 chapters)
Hyper-V Security
Credits
About the Authors
About the Reviewers
www.PacktPub.com
Preface
Index

Encrypting cluster communications


Computers joined in Microsoft Failover Clusters frequently communicate with each other to ensure that other nodes are active and to send updates on the status of files in shared locations. If a node loses access to a Cluster Shared Volume, it can redirect I/O over another node. All of this traffic is signed by default, but it's also possible to encrypt it.

Using PowerShell, enter the following command to encrypt cluster communications:

(Get-Cluster –Name clhv1).SecurityLevel = 2

Be aware that this setting can cause increased CPU usage on nodes. Live Migration traffic is not affected nor is any traffic not specifically classified as inter-node cluster traffic. Enter 1 to return to the traffic-signing mode or 0 to turn off both signing and encryption.