The reality of computing in today's world is that nothing is safe. Securing a network of computer systems is a never-ending quest that involves constant vigilance. The explosion of virtualization technologies has introduced a new set of complexities for administrators to master. This book's purpose is to navigate through the tools available to lock down your Hyper-V environment. It includes high-level examinations of concepts as well as practical guidance for implementation.
Chapter 1, Introducing Hyper-V Security, starts by discussing the important concepts of security in a Hyper-V environment.
Chapter 2, Securing the Host, deals with securing the management operating system. A Hyper-V system runs a critical hypervisor, but it also runs a server operating system that has its own security requirements.
Chapter 3, Securing Virtual Machines from the Hypervisor, focuses on Hyper-V security from the perspective of the hypervisor.
Chapter 4, Securing Virtual Machines, turns the attention from the hypervisor to its guests. This includes not only securing them as virtual machines, but as computers that run typical operating systems and applications with security needs of their own.
Chapter 5, Securing the Network, covers a variety of methods that are at your disposal to secure network communications for both hosts and guests.
Chapter 6, Securing Hyper-V Storage, details the considerations and techniques involved for the protection of your virtual machines' data.
Chapter 7, Hyper-V Security and System Center VMM, explores System Center Virtual Machine Manager and discusses how having SCVMM in play changes the security discussion.
Chapter 8, Secure Hybrid Cloud Management through App Controller, discusses system requirements, installation, and configuration of App Controller, including its role-based security model for multiple public/private clouds.
For the first six chapters of this book, you will need one system that runs Windows Server or Hyper-V Server Version 2012 or later. If you're using Hyper-V Server, you'll need a second computer that runs the same level of Windows Server or a Professional or Enterprise edition of Windows in order to follow along using graphical tools. PowerShell alternatives have been provided, so this graphical system is not strictly necessary.
This book is intended for administrators who are experienced with Windows Server, Active Directory, and Hyper-V. It does not cover installation or basic operations of any of these technologies. Where possible, references to external information sources have been provided.
In this book, you will find a number of styles of text that distinguish between different kinds of information. Here are some examples of these styles, and an explanation of their meaning.
Code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles are shown as follows: "The cmdlet to check the installation status of items is Get-WindowsFeature."
A block of code is set as follows:
$TargetSystems = "svhv1", "svhv2"
$ScriptBlock = {
$StoppedStates = "Off", "Saved"
$StoppedVMs = Get‑VM | where { $_.State ‑in $StoppedStates }
$StoppedVMs | Start‑VM
$StoppedVMs | select Name
}Any command-line input or output is written as follows:
certutil –viewstore My certutil –viewstore Root
New terms and important words are shown in bold. Words that you see on the screen, in menus or dialog boxes for example, appear in the text like this: "Turn it off on the Features page of the Add Roles and Features wizard in Server Manager."
Feedback from our readers is always welcome. Let us know what you think about this book—what you liked or may have disliked. Reader feedback is important for us to develop titles that you really get the most out of.
To send us general feedback, simply send an e-mail to <[email protected]>, and mention the book title via the subject of your message.
If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide on www.packtpub.com/authors.
Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.
You can download the example code files for all Packt books you have purchased from your account at http://www.packtpub.com. If you purchased this book elsewhere, you can visit http://www.packtpub.com/support and register to have the files e-mailed directly to you.
Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books—maybe a mistake in the text or the code—we would be grateful if you would report this to us. By doing so, you can save other readers from frustration and help us improve subsequent versions of this book. If you find any errata, please report them by visiting http://www.packtpub.com/submit-errata, selecting your book, clicking on the errata submission form link, and entering the details of your errata. Once your errata are verified, your submission will be accepted and the errata will be uploaded on our website, or added to any list of existing errata, under the Errata section of that title. Any existing errata can be viewed by selecting your title from http://www.packtpub.com/support.
Piracy of copyright material on the Internet is an ongoing problem across all media. At Packt, we take the protection of our copyright and licenses very seriously. If you come across any illegal copies of our works, in any form, on the Internet, please provide us with the location address or website name immediately so that we can pursue a remedy.
Please contact us at <[email protected]> with a link to the suspected pirated material.
We appreciate your help in protecting our authors, and our ability to bring you valuable content.
You can contact us at <[email protected]> if you are having a problem with any aspect of the book, and we will do our best to address it.