Book Image

Hyper-V Security

By : Eric Siron, Andrew Syrewicze
Book Image

Hyper-V Security

By: Eric Siron, Andrew Syrewicze

Overview of this book

Table of Contents (15 chapters)
Hyper-V Security
About the Authors
About the Reviewers

Using Secure Boot

The aging basic input/output system (BIOS) that has controlled PC-based systems since the beginning is gradually being replaced by a new system known as Unified Extensible Firmware Interface (UEFI). Most of the differences have little to do with security and instead address technological shortcomings of the earlier system. The big security difference is in Secure Boot. Hyper-V brings this to its guests in Generation 2 virtual machines, introduced in 2012 R2.

In Hyper-V, Secure Boot defends against malicious software taking over the boot process of a virtual machine's operating system. It maintains a database of signatures for trusted operating systems. If any guest operating system doesn't match an entry in the database, then Hyper-V won't allow the guest to boot. Windows 8 and 8.1 desktop operating systems and Windows Server 2012 and 2012 R2 server operating systems will boot inside a Generation 2 virtual machine configured for Secure Boot; other operating systems will...