Menu
How secure is Hyper-V, really?

How secure is Hyper-V, really?

Hyper-V's current security is dependent upon the security of Windows 2008 Server. Sounds like a hosted solution to me, even though Hyper-V is a type 1 hypervisor-which is designed to run on bare metal and therefore be completely independent of the operating system itself.

So why does Hyper-V depend on Windows 2008 Server security? What zero-day attacks will cause heart-ache for all adopters? Can they be prevented?

And which boots first? If it is Hyper-V, then 2008 should run within a VM, but does it? If Windows 2008 Server crashes or is forced to crash by something malicious, will all the VMs running upon it also come tumbling down?

Does 2008 act as a management appliance, or is it something more that is essential to the running of Hyper-V? Can it run without it?

The Hyper-V virtual switch is actually a bridge, not a Layer-2 Switch, so any VM on the bridge can be seen by any other VM. How many bridges is it possible to create?

Since it is a bridge, and Windows 2008 Server plays a role in bridging, can Windows Server 2008 see every packet as it goes across the bridge?

You should definitely put one before your Server 2008 instance to protect it from attack. But if Server 2008 participates in all the bridging, how can you protect it from the VMs?

From a storage perspective, can disks that store VMs be encrypted, and can Hyper-V work with these?

Can VMs be placed on USB storage? What happens when the storage is taken away when a VM is running?

How do you handle forensics of a Hyper-V VM? Can they be killed as if you were pulling the plug? Is this hampered by the lack of any ability to migrate live VMs?

These questions aren't limited to Hyper-V. Most of Microsoft's virtualization competitors have already faced these questions, and answered most of them.

It does show how long a list of questions are still unanswered about Hyper-V security, though, and that it's Microsoft's turn to be behind the virtual security eight-ball.

Virtualization expert Edward L. Haletky is the author of "VMWare ESX Server in the Enterprise: Planning and Securing Virtualization Servers," Pearson Education (2008.) He recently left Hewlett-Packard, where he worked in the Virtualization, Linux, and High-Performance Technical Computing teams. Haletky owns AstroArch Consulting, providing virtualization, security, and network consulting and development. Haletky is also a champion and moderator for the VMware discussion forums, providing answers to security and configuration questions.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Featured

Slideshows

Meet the leading female front runners of the Kiwi channel

Meet the leading female front runners of the Kiwi channel

Reseller News honoured the leading female front runners of the New Zealand channel at the 2018 Women in ICT Awards (WIICTA) in Auckland. The awards honoured standout individuals across seven categories, spanning Entrepreneur; Innovation; Rising Star; Shining Star; Community; Technical and Achievement.

Meet the leading female front runners of the Kiwi channel
Meet the top performing customer-centric Microsoft channel partners

Meet the top performing customer-centric Microsoft channel partners

Microsoft honoured leading partners across the channel following a year of customer innovation and market growth in New Zealand. The 2018 Microsoft Partner Awards recognised excellence within the context of the end-user, spanning a host of emerging and established providers.

Meet the top performing customer-centric Microsoft channel partners
Reseller News launches new-look Awards at 2018 Judges’ Lunch

Reseller News launches new-look Awards at 2018 Judges’ Lunch

Introducing the Reseller News Innovation Awards, launched to the channel at the 2018 Judges’ Lunch in Auckland. With more than 70 judges now part of the voting panel, the new-look awards will reflect the changing dynamics of the channel, recognising excellence across customer value and innovation - spanning start-ups, partners, distributors and vendors.

Reseller News launches new-look Awards at 2018 Judges’ Lunch
Show Comments