Book Image

Hyper-V Security

Book Image

Hyper-V Security

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Hyper-V Security
Dec, 2014 | 184 pages
No titles found
Table of Contents (15 chapters)
Hyper-V Security
Hyper-V Security
Credits
Credits
About the Authors
About the Authors
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Introducing Hyper-V Security
Introducing Hyper-V Security
The importance of Hyper-V security
Basic security concerns
A starting point to security
Hyper-V terminology
Acquiring Hyper-V
Summary
2
Securing the Host
Securing the Host
Understanding Hyper-V's architecture
Choosing a management operating system
Disabling unnecessary components
Using the Windows Firewall
Relying on domain security
Leveraging Group Policy
Using security software
Configuring Windows Update
Employing remote management tools
Following general best practices
Summary
3
Securing Virtual Machines from the Hypervisor
Securing Virtual Machines from the Hypervisor
Using the Hyper-V Administrators group
Leveraging PowerShell Remoting
Using custom PowerShell Remoting endpoints
Summary
4
Securing Virtual Machines
Securing Virtual Machines
Understanding the security environment of VMs
Leveraging Generation 2 virtual machines
Employing anti-malware on a virtual machine
Using Group Policy with virtual machines
Limiting exposure with resource limitations
Applying general best practices
Summary
5
Securing the Network
Securing the Network
Understanding SSL encryption
Leveraging network hardware
Using the virtual switch's isolating technologies
Employing Hyper-V virtual switch ACLs
Configuring the Windows Firewall
Using management tools remotely
Using Hyper-V with IPsec
Configuring virtual network adapter protections
Encrypting cluster communications
Securing Hyper-V Replica traffic
Summary
6
Securing Hyper-V Storage
Securing Hyper-V Storage
Configuring NTFS security for VM storage
Securing SMB 3.0 shares for VM storage
Securing iSCSI connections
Using Secure Boot
Using BitLocker
Understanding the role of backup
Summary
7
Hyper-V Security and System Center VMM
Hyper-V Security and System Center VMM
Enhancing Hyper-V host security through VMM
Securing the VMM installation
Network virtualization and multi-tenancy
Providing secure self-service with the Windows Azure Pack
Summary
8
Secure Hybrid Cloud Management through App Controller
Secure Hybrid Cloud Management through App Controller
System requirements
Installing App Controller
App Controller's role-based security model
Summary
Index
Index

Encrypting cluster communications

Computers joined in Microsoft Failover Clusters frequently communicate with each other to ensure that other nodes are active and to send updates on the status of files in shared locations. If a node loses access to a Cluster Shared Volume, it can redirect I/O over another node. All of this traffic is signed by default, but it's also possible to encrypt it.

Using PowerShell, enter the following command to encrypt cluster communications:

(Get-Cluster –Name clhv1).SecurityLevel = 2

Be aware that this setting can cause increased CPU usage on nodes. Live Migration traffic is not affected nor is any traffic not specifically classified as inter-node cluster traffic. Enter 1 to return to the traffic-signing mode or 0 to turn off both signing and encryption.

Previous Section
End of Section 10
Next Section