Book Image

Hyper-V Security

Book Image

Hyper-V Security

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Hyper-V Security
Dec, 2014 | 184 pages
No titles found
Table of Contents (15 chapters)
Hyper-V Security
Hyper-V Security
Credits
Credits
About the Authors
About the Authors
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Introducing Hyper-V Security
Introducing Hyper-V Security
The importance of Hyper-V security
Basic security concerns
A starting point to security
Hyper-V terminology
Acquiring Hyper-V
Summary
2
Securing the Host
Securing the Host
Understanding Hyper-V's architecture
Choosing a management operating system
Disabling unnecessary components
Using the Windows Firewall
Relying on domain security
Leveraging Group Policy
Using security software
Configuring Windows Update
Employing remote management tools
Following general best practices
Summary
3
Securing Virtual Machines from the Hypervisor
Securing Virtual Machines from the Hypervisor
Using the Hyper-V Administrators group
Leveraging PowerShell Remoting
Using custom PowerShell Remoting endpoints
Summary
4
Securing Virtual Machines
Securing Virtual Machines
Understanding the security environment of VMs
Leveraging Generation 2 virtual machines
Employing anti-malware on a virtual machine
Using Group Policy with virtual machines
Limiting exposure with resource limitations
Applying general best practices
Summary
5
Securing the Network
Securing the Network
Understanding SSL encryption
Leveraging network hardware
Using the virtual switch's isolating technologies
Employing Hyper-V virtual switch ACLs
Configuring the Windows Firewall
Using management tools remotely
Using Hyper-V with IPsec
Configuring virtual network adapter protections
Encrypting cluster communications
Securing Hyper-V Replica traffic
Summary
6
Securing Hyper-V Storage
Securing Hyper-V Storage
Configuring NTFS security for VM storage
Securing SMB 3.0 shares for VM storage
Securing iSCSI connections
Using Secure Boot
Using BitLocker
Understanding the role of backup
Summary
7
Hyper-V Security and System Center VMM
Hyper-V Security and System Center VMM
Enhancing Hyper-V host security through VMM
Securing the VMM installation
Network virtualization and multi-tenancy
Providing secure self-service with the Windows Azure Pack
Summary
8
Secure Hybrid Cloud Management through App Controller
Secure Hybrid Cloud Management through App Controller
System requirements
Installing App Controller
App Controller's role-based security model
Summary
Index
Index

Limiting exposure with resource limitations

As explained earlier in this chapter, the purpose of a denial-of-service attack is to force a system to devote so many resources to dealing with an attack that it has little or nothing left over for legitimate purposes. Like most hypervisors, Hyper-V does a good job of maintaining resource balance so that such attacks are rarely more than a nuisance. There are a number of steps you can take to preemptively constrain the impact of such attacks.

Virtual processor limits

The best way to limit processor use is to apply the minimum necessary virtual CPUs to each virtual machine. Any more could allow a compromised virtual machine to unnecessarily leech processor power from the other guests. If you're not certain what the minimum is, a good place to start is with two. This is enough to allow an application to dominate CPU cycles while still providing a responsive guest operating system. Application vendors will often provide you with a desired minimum....

Previous Section
End of Section 6
Next Section