Book Image

Hyper-V Security

Book Image

Hyper-V Security

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Hyper-V Security
Dec, 2014 | 184 pages
No titles found
Table of Contents (15 chapters)
Hyper-V Security
Hyper-V Security
Credits
Credits
About the Authors
About the Authors
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Introducing Hyper-V Security
Introducing Hyper-V Security
The importance of Hyper-V security
Basic security concerns
A starting point to security
Hyper-V terminology
Acquiring Hyper-V
Summary
2
Securing the Host
Securing the Host
Understanding Hyper-V's architecture
Choosing a management operating system
Disabling unnecessary components
Using the Windows Firewall
Relying on domain security
Leveraging Group Policy
Using security software
Configuring Windows Update
Employing remote management tools
Following general best practices
Summary
3
Securing Virtual Machines from the Hypervisor
Securing Virtual Machines from the Hypervisor
Using the Hyper-V Administrators group
Leveraging PowerShell Remoting
Using custom PowerShell Remoting endpoints
Summary
4
Securing Virtual Machines
Securing Virtual Machines
Understanding the security environment of VMs
Leveraging Generation 2 virtual machines
Employing anti-malware on a virtual machine
Using Group Policy with virtual machines
Limiting exposure with resource limitations
Applying general best practices
Summary
5
Securing the Network
Securing the Network
Understanding SSL encryption
Leveraging network hardware
Using the virtual switch's isolating technologies
Employing Hyper-V virtual switch ACLs
Configuring the Windows Firewall
Using management tools remotely
Using Hyper-V with IPsec
Configuring virtual network adapter protections
Encrypting cluster communications
Securing Hyper-V Replica traffic
Summary
6
Securing Hyper-V Storage
Securing Hyper-V Storage
Configuring NTFS security for VM storage
Securing SMB 3.0 shares for VM storage
Securing iSCSI connections
Using Secure Boot
Using BitLocker
Understanding the role of backup
Summary
7
Hyper-V Security and System Center VMM
Hyper-V Security and System Center VMM
Enhancing Hyper-V host security through VMM
Securing the VMM installation
Network virtualization and multi-tenancy
Providing secure self-service with the Windows Azure Pack
Summary
8
Secure Hybrid Cloud Management through App Controller
Secure Hybrid Cloud Management through App Controller
System requirements
Installing App Controller
App Controller's role-based security model
Summary
Index
Index

Relying on domain security

Unfortunately, an all too common myth around Hyper-V security is that it is better to keep the Hyper-V host in workgroup mode. In reality, if an Active Directory domain is available, it is almost universally better to place all computer systems that are part of the local network into the domain, including the Hyper-V host. The lone exception is for systems that are so high-risk that it's almost expected that they'll be compromised. For these systems, the use of a perimeter network (also known as a DMZ) is a suitable solution. However, it is possible to use Hyper-V inside the local network while allowing all or some virtual machines to access only the perimeter. These options will be seen in Chapter 5, Securing the Network.

For systems that are within the local network, there are quite a few problems with using workgroup security when Active Directory services are available:

  • Username and password combinations must be transmitted for remote connections; while usually...

Previous Section
End of Section 6
Next Section