Book Image

Hyper-V Security

By : Eric Siron, Andrew Syrewicze
Book Image

Hyper-V Security

By: Eric Siron, Andrew Syrewicze

Overview of this book

Table of Contents (15 chapters)
Hyper-V Security
About the Authors
About the Reviewers

Encrypting cluster communications

Computers joined in Microsoft Failover Clusters frequently communicate with each other to ensure that other nodes are active and to send updates on the status of files in shared locations. If a node loses access to a Cluster Shared Volume, it can redirect I/O over another node. All of this traffic is signed by default, but it's also possible to encrypt it.

Using PowerShell, enter the following command to encrypt cluster communications:

(Get-Cluster –Name clhv1).SecurityLevel = 2

Be aware that this setting can cause increased CPU usage on nodes. Live Migration traffic is not affected nor is any traffic not specifically classified as inter-node cluster traffic. Enter 1 to return to the traffic-signing mode or 0 to turn off both signing and encryption.